CompleteNoobs mywiki_database https://www.completenoobs.com/noobs/Main_Page MediaWiki 1.43.1 first-letter Media Special Talk User User talk CompleteNoobs CompleteNoobs talk File File talk MediaWiki MediaWiki talk Template Template talk Help Help talk Category Category talk 0 1 1 2023-02-23T21:03:36Z MediaWiki default 2 1 wikitext text/x-wiki <strong>MediaWiki has been installed.</strong> Consult the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents User's Guide] for information on using the wiki software. == Getting started == * [https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:Configuration_settings Configuration settings list] * [https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:FAQ MediaWiki FAQ] * [https://lists.wikimedia.org/postorius/lists/mediawiki-announce.lists.wikimedia.org/ MediaWiki release mailing list] * [https://www.mediawiki.org/wiki/Special:MyLanguage/Localisation#Translation_resources Localise MediaWiki for your language] * [https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:Combating_spam Learn how to combat spam on your wiki] 22vz5zlxa2zctewimaum2bf1due8hkl 2 1 2023-02-26T15:32:02Z Noob 1 2 wikitext text/x-wiki <strong>MediaWiki has been installed.</strong> Consult the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents User's Guide] for information on using the wiki software. {{Special:ContributionScores/10/5}} 8we0urx5pr6zjbmvbqi5jifbzy29mc6 53 2 2023-03-01T23:24:49Z Noob 1 53 wikitext text/x-wiki =We all start as noobs= <strong>Welcome to CompleteNoobs.</strong><br> We are Noobs, we are not sure what we are doing and are winging it.<br> Use at your own risk. =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[placeholder|Host own mediawiki]]<br> [[placeholder|Download CompleteNoobs to your personal computer]] {{Special:ContributionScores/10/5}} o1t6zwsoez9ibbsfydphoezum93phtw 54 53 2023-03-01T23:35:41Z Noob 1 54 wikitext text/x-wiki =We all start as noobs= <strong>Welcome to CompleteNoobs.</strong><br> We are Noobs, we are not sure what we are doing and are winging it.<br> Use at your own risk. =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[placeholder|Host own mediawiki]]<br> [[placeholder|Download CompleteNoobs to your personal computer]] ===temp=== * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[GreenHatWiki_FUNDING | Support us by using affiliate links or by giving us donations.]] '''''THIS SITE HAS NOT BEEN LAUCHED YET!, just working on it in the open'''''<br \> '''''GreenHatWiki is about making Computer Science Free, Open and Reproducible.'''''<br \> <b>DISCLAMER: This site is managed by a born again noob, enter and use at your own risk!</b><br \> Hobbyist, sysadmins, students and all others.<br \> GreenHatWiki is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: * read * edit/modify * copy * share freely. Affiliate links are not allowed inside the main wiki pages, but you can mention the service you are using. You can have a personal page (your USER page) which can contains affiliate links or funding links for your content, as well as links to your content and projects.<br \> GreenHatWiki is created with the intention of being downloadable to your local computer, for offline use and which you can host freely on your own website. Give back to tutorials. When you were using a tutorial what else did you need to look up? Did you run into any bugs or errors? How did you fix it? Note: data heavy content, pictures audio video, linked with ipfs and/or zeronet <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br \> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 73gbioz40uxf4u1wy7477t39q4dcgsv 55 54 2023-03-01T23:38:55Z Noob 1 55 wikitext text/x-wiki =We all start as noobs= <strong>Welcome to CompleteNoobs.</strong><br> We are Noobs, we are not sure what we are doing and are winging it.<br> Use at your own risk. CompleteNoobs is about making Computer Science Free, Open and Reproducible. CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: * read * edit/modify * copy * share freely. =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[placeholder|Host own mediawiki]]<br> [[placeholder|Download CompleteNoobs to your personal computer]] ===temp=== * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[GreenHatWiki_FUNDING | Support us by using affiliate links or by giving us donations.]] '''''THIS SITE HAS NOT BEEN LAUCHED YET!, just working on it in the open'''''<br \> '''''GreenHatWiki is about making Computer Science Free, Open and Reproducible.'''''<br \> <b>DISCLAMER: This site is managed by a born again noob, enter and use at your own risk!</b><br \> Hobbyist, sysadmins, students and all others.<br \> GreenHatWiki is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: * read * edit/modify * copy * share freely. Affiliate links are not allowed inside the main wiki pages, but you can mention the service you are using. You can have a personal page (your USER page) which can contains affiliate links or funding links for your content, as well as links to your content and projects.<br \> GreenHatWiki is created with the intention of being downloadable to your local computer, for offline use and which you can host freely on your own website. Give back to tutorials. When you were using a tutorial what else did you need to look up? Did you run into any bugs or errors? How did you fix it? Note: data heavy content, pictures audio video, linked with ipfs and/or zeronet <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br \> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} fqi5yrcpa7g756rs6sqkbs42339yr5f 56 55 2023-03-01T23:40:11Z Noob 1 /* We all start as noobs */ 56 wikitext text/x-wiki =We all start as noobs= <strong>Welcome to CompleteNoobs.</strong><br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Use at your own risk. CompleteNoobs is about making Computer Science Free, Open and Reproducible. CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: * read * edit/modify * copy * share freely. =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[placeholder|Host own mediawiki]]<br> [[placeholder|Download CompleteNoobs to your personal computer]] ===temp=== * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[GreenHatWiki_FUNDING | Support us by using affiliate links or by giving us donations.]] '''''THIS SITE HAS NOT BEEN LAUCHED YET!, just working on it in the open'''''<br \> '''''GreenHatWiki is about making Computer Science Free, Open and Reproducible.'''''<br \> <b>DISCLAMER: This site is managed by a born again noob, enter and use at your own risk!</b><br \> Hobbyist, sysadmins, students and all others.<br \> GreenHatWiki is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: * read * edit/modify * copy * share freely. Affiliate links are not allowed inside the main wiki pages, but you can mention the service you are using. You can have a personal page (your USER page) which can contains affiliate links or funding links for your content, as well as links to your content and projects.<br \> GreenHatWiki is created with the intention of being downloadable to your local computer, for offline use and which you can host freely on your own website. Give back to tutorials. When you were using a tutorial what else did you need to look up? Did you run into any bugs or errors? How did you fix it? Note: data heavy content, pictures audio video, linked with ipfs and/or zeronet <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br \> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} gfkfol64a3vuqc24apg9dlb24596e6o 57 56 2023-03-02T14:43:27Z Noob 1 /* temp */ 57 wikitext text/x-wiki =We all start as noobs= <strong>Welcome to CompleteNoobs.</strong><br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Use at your own risk. CompleteNoobs is about making Computer Science Free, Open and Reproducible. CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: * read * edit/modify * copy * share freely. =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[placeholder|Host own mediawiki]]<br> [[placeholder|Download CompleteNoobs to your personal computer]] {{Special:ContributionScores/10/5}} skr22jepz328ez8d9qzbh2tjpocwcc6 58 57 2023-03-02T15:02:58Z Noob 1 58 wikitext text/x-wiki =We all start as noobs= <strong>Welcome to CompleteNoobs.</strong><br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Use at your own risk.<br> CompleteNoobs is about making Computer Science Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: * read * edit/modify * copy * share freely. The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file, and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ===Data Heavy content=== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[placeholder|Host own mediawiki]]<br> [[placeholder|Download CompleteNoobs to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is <b>Main_Index_Page</b> * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[GreenHatWiki_FUNDING | Support us by using affiliate links or by giving us donations.]] {{Special:ContributionScores/10/5}} bn0m7pl7oo86uxg65pegl752qtzztik 62 58 2023-03-02T15:21:56Z Noob 1 /* We encourage users to fork this project and download and keep a copy on there desktop and/or server */ 62 wikitext text/x-wiki =We all start as noobs= <strong>Welcome to CompleteNoobs.</strong><br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Use at your own risk.<br> CompleteNoobs is about making Computer Science Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: * read * edit/modify * copy * share freely. The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file, and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ===Data Heavy content=== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[placeholder|Host own mediawiki]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is <b>Main_Index_Page</b> * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[GreenHatWiki_FUNDING | Support us by using affiliate links or by giving us donations.]] {{Special:ContributionScores/10/5}} bmnirmlr9y0zvw0f9lyb8rkewlbm6ws 64 62 2023-03-02T15:23:26Z Noob 1 /* Notes */ 64 wikitext text/x-wiki =We all start as noobs= <strong>Welcome to CompleteNoobs.</strong><br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Use at your own risk.<br> CompleteNoobs is about making Computer Science Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: * read * edit/modify * copy * share freely. The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file, and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ===Data Heavy content=== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[placeholder|Host own mediawiki]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is <b>Main_Index_Page</b> * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] {{Special:ContributionScores/10/5}} hosi3kotcygwder6weu32lev89zjtez 68 64 2023-03-03T01:04:41Z Noob 1 /* We all start as noobs */ 68 wikitext text/x-wiki =We all start as noobs= <strong>Welcome to CompleteNoobs.</strong><br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Use at your own risk.<br> CompleteNoobs is about making Computer Science Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: * read * edit/modify * copy * share freely. The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ===Data Heavy content=== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[placeholder|Host own mediawiki]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is <b>Main_Index_Page</b> * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] {{Special:ContributionScores/10/5}} oe6qq0ii8046aoye20upnsncko9cmeh 75 68 2023-03-03T01:22:27Z Noob 1 /* We encourage users to fork this project and download and keep a copy on there desktop and/or server */ 75 wikitext text/x-wiki =We all start as noobs= <strong>Welcome to CompleteNoobs.</strong><br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Use at your own risk.<br> CompleteNoobs is about making Computer Science Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: * read * edit/modify * copy * share freely. The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ===Data Heavy content=== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[placeholder|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is <b>Main_Index_Page</b> * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] {{Special:ContributionScores/10/5}} 18lbtvmj76uijtopzo6ic3zi2n7h9wz 98 75 2023-03-03T22:56:59Z Noob 1 98 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. </b> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[placeholder|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is <b>Main_Index_Page</b> * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> [[place_holder|Data Heavy Content Example]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} kec29hgh1lumxhkveoke3sdmhacrd9f 99 98 2023-03-03T22:57:24Z Noob 1 /* Data Heavy content */ 99 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. </b> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[placeholder|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is <b>Main_Index_Page</b> * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> [[placeholder|Data Heavy Content Example]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} cxe27344f2rwqe8tuzxn3u08l4yv132 126 99 2023-03-05T21:15:20Z Noob 1 /* Data Heavy content */ 126 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. </b> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[placeholder|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is <b>Main_Index_Page</b> * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> [[MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate|Data Heavy Content Example]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 1xxoihihf5i9kersbywmrq6xq8pg7l3 131 126 2023-03-05T21:53:01Z Noob 1 /* We encourage users to fork this project and download and keep a copy on there desktop and/or server */ 131 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. </b> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is <b>Main_Index_Page</b> * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> [[MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate|Data Heavy Content Example]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} feww1a4m3clx3yp6atb8tob5m6tkx75 132 131 2023-03-05T21:58:02Z Noob 1 /* Notes */ 132 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. </b> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> [[MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate|Data Heavy Content Example]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 7vdjo3ves0khcxjse9vfpm7f0ai918e 133 132 2023-03-05T21:58:43Z Noob 1 /* We all start as Noobs */ 133 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. </b> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> [[MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate|Data Heavy Content Example]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 31aqvae9722hozrr4lfjd4skldehinn 136 133 2023-03-06T01:38:15Z Noob 1 /* We all start as Noobs */ 136 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. </b> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> [[MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate|Data Heavy Content Example]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 38wqn8fjf7y2u90ys14ckc7mi1u2bns 159 136 2023-03-06T11:48:01Z Noob 1 /* We encourage users to fork this project and download and keep a copy on there desktop and/or server */ 159 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= working on a work around ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. </b> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> [[MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate|Data Heavy Content Example]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 9y62k4ro5pklzwl0ociwt2057s2p059 164 159 2023-03-07T01:26:07Z Noob 1 /* NOTE- At Current Time: The Bots are winning and no direct signups allowed */ 164 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= In order to create an account on the wiki at current time, request an account on the wiki and message user spectrum_muttley on reddit, be patient i am not online all the time. ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. </b> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> [[MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate|Data Heavy Content Example]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 42xwwy58pw8b1orxr5ne92p7rssu3ow 165 164 2023-03-07T12:01:57Z Noob 1 /* NOTE- At Current Time: The Bots are winning and no direct signups allowed */ 165 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= In order to create an account on the wiki at current time, request an account on the wiki and message user CompleteNoobs on reddit, be patient i am not online all the time. ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. </b> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> [[MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate|Data Heavy Content Example]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} eah2saqdie7sarb2c0p4unx5wwpbsrg 166 165 2023-03-07T14:52:54Z Noob 1 /* We all start as Noobs */ 166 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= In order to create an account on the wiki at current time, request an account on the wiki and message user CompleteNoobs on reddit, be patient i am not online all the time. ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY.</b> (this freedom may be restricted to NonCommercial use by the CC BY-NC-SA licence) <br> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> [[MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate|Data Heavy Content Example]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} bgo3odl6poivfipvpsautdubh0o57ax 170 166 2023-03-10T23:30:07Z Noob 1 /* We all start as Noobs */ 170 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= In order to create an account on the wiki at current time, request an account on the wiki and message user CompleteNoobs on reddit, be patient i am not online all the time. ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY.</b> <br> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> [[MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate|Data Heavy Content Example]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} oj8at6fzi4btamwa06ml9eds81ntu3h 171 170 2023-03-10T23:30:57Z Noob 1 /* Data Heavy content */ 171 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= In order to create an account on the wiki at current time, request an account on the wiki and message user CompleteNoobs on reddit, be patient i am not online all the time. ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY.</b> <br> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 2r94b5tapyr9c4fqhr42f0k4g7jblkn 172 171 2023-03-10T23:33:03Z Noob 1 /* We all start as Noobs */ 172 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= In order to create an account on the wiki at current time, request an account on the wiki and message user CompleteNoobs on reddit, be patient i am not online all the time. ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY.</b> <br> <b>CC BY-NC-SA</b> Content can be hosted on the non commercial fork https://www.completenoobz.com <br> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 97l9csjlqtxf6kfeiuzaynn159gyu80 173 172 2023-03-10T23:33:19Z Noob 1 /* We all start as Noobs */ 173 wikitext text/x-wiki <div style='text-align: center;'></div> =NOTE- At Current Time: The Bots are winning and no direct signups allowed= In order to create an account on the wiki at current time, request an account on the wiki and message user CompleteNoobs on reddit, be patient i am not online all the time. ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY.</b> <br> <b>CC BY-NC-SA</b> Content can be hosted on the non commercial fork https://www.completenoobz.com<br> <br> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} lcu347s90dkf3i0sdqvlwwv5op7w0g9 174 173 2023-03-10T23:58:06Z Noob 1 174 wikitext text/x-wiki =In Concept Mode= NOTE- At Current Time: The Bots are winning and no direct signups allowed<br> In order to create an account on the wiki at current time, request an account on the wiki and message user CompleteNoobs on reddit, be patient i am not online all the time. ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY.</b> <br> <b>CC BY-NC-SA</b> Content can be hosted on the non commercial fork https://www.completenoobz.com<br> <br> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} jalgxhkmyh1yvxvnvcxwx0hwbd7pwqt 225 174 2023-03-28T13:19:04Z Noob 1 /* We all start as Noobs */ 225 wikitext text/x-wiki =In Concept Mode= NOTE- At Current Time: The Bots are winning and no direct signups allowed<br> In order to create an account on the wiki at current time, request an account on the wiki and message user CompleteNoobs on reddit, be patient i am not online all the time. ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong> Do you have a tutorial to share?<br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY.</b> <br> <b>CC BY-NC-SA</b> Content can be hosted on the non commercial fork https://www.completenoobz.com<br> <br> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 0k34eqb8sgul5wnvyw5l2q5qzwxtlhu 226 225 2023-03-29T00:34:02Z Noob 1 /* In Concept Mode */ 226 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong> Do you have a tutorial to share?<br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY.</b> <br> <b>CC BY-NC-SA</b> Content can be hosted on the non commercial fork https://www.completenoobz.com<br> <br> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} hjdtnkezp18i16i381e4vaomk7iejmi 227 226 2023-03-29T00:34:43Z Noob 1 /* We all start as Noobs */ 227 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> = CompleteNoobs = '''Welcome to CompleteNoobs!''' We are a community of computer science enthusiasts who believe in making knowledge free, open, and reproducible. Whether you are a hobbyist, sysadmin, teacher, student, or simply interested in computer science, CompleteNoobs is a place to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips that are created or released under a Libre license that allows for the following freedoms: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. <b>CC BY-NC-SA</b> licensed content can be hosted on the non-commercial fork at https://www.completenoobz.com To get started, request an account on the wiki and message user CompleteNoobs on Reddit. Please note that we are currently not allowing direct signups due to bots. == We all start as Noobs == Whether you're just starting out or you're an experienced professional, we all start as noobs. This wiki is a safe space for us to learn, experiment, and grow together. == Getting Started == [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] == Notes == The main landing page is the <b>Main_Index</b> Page. * [[Main_Index | Main Index Page]] * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] == Data-Heavy Content == To keep the XML light, data-heavy content such as pictures, audio, and video can be linked with IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] We encourage users to fork this project and download and keep a copy on their desktop and/or server. == Licenses == [[LICENCE_HEADERS|Please place a license on top of each page as long as the license falls in line with free to Copy, Modify, Distribute.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} bokaki84ttip69k9ukp6287180na1mb 248 227 2023-04-02T20:42:02Z Noob 1 /* Data-Heavy Content */ 248 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> = CompleteNoobs = '''Welcome to CompleteNoobs!''' We are a community of computer science enthusiasts who believe in making knowledge free, open, and reproducible. Whether you are a hobbyist, sysadmin, teacher, student, or simply interested in computer science, CompleteNoobs is a place to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips that are created or released under a Libre license that allows for the following freedoms: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. <b>CC BY-NC-SA</b> licensed content can be hosted on the non-commercial fork at https://www.completenoobz.com To get started, request an account on the wiki and message user CompleteNoobs on Reddit. Please note that we are currently not allowing direct signups due to bots. == We all start as Noobs == Whether you're just starting out or you're an experienced professional, we all start as noobs. This wiki is a safe space for us to learn, experiment, and grow together. == Getting Started == [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] == Notes == The main landing page is the <b>Main_Index</b> Page. * [[Main_Index | Main Index Page]] * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] == Data-Heavy Content == To keep the XML light, data-heavy content such as pictures, audio, and video can be linked with IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] We encourage users to fork this project and download and keep a copy on their desktop and/or server. [[EmbedVideo_Syntax|Youtube Embedded Videos also work.]] == Licenses == [[LICENCE_HEADERS|Please place a license on top of each page as long as the license falls in line with free to Copy, Modify, Distribute.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} e0lv6xbf2o08j20nqp3m65ps66cc5v2 249 248 2023-04-02T20:45:20Z Noob 1 /* CompleteNoobs */ 249 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Essential Links== :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[EmbedVideo_Syntax|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 1dw1pr0o9jpuvtz0cz1i3zots3chwbl 289 249 2023-04-05T18:12:50Z Noob 1 /* Essential Links */ 289 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Essential Links== :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[EmbedVideo_Syntax|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} dolef12w77vy0ohni65wn29ut2amkon 294 289 2023-04-15T12:35:02Z AwesomO 5 294 wikitext text/x-wiki =In Concept Mode= test <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Essential Links== :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[EmbedVideo_Syntax|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} rrxwvkl36d4ziv9qqjlinrrxu9p8h0q 295 294 2023-04-15T12:35:13Z AwesomO 5 /* In Concept Mode */ 295 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Essential Links== :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[EmbedVideo_Syntax|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} dolef12w77vy0ohni65wn29ut2amkon 296 295 2023-04-17T04:09:30Z imported>AwesomO 0 /* Essential Links */ 296 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[EmbedVideo_Syntax|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} ph3swd1xo9cut618hqypq1qfvfmrcwm 297 296 2023-04-19T23:31:26Z imported>AwesomO 0 /* Get Involved */ 297 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> <br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[EmbedVideo_Syntax|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} n6vc46c0u8ka7l59v3kcuj9nler9x9j 298 297 2023-04-19T23:31:44Z imported>AwesomO 0 /* Get Involved */ 298 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]] [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[EmbedVideo_Syntax|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} cmhslmgqf9cmrj5xcwcu95odz1r1lve 299 298 2023-04-19T23:45:15Z imported>AwesomO 0 /* Get Involved */ 299 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]] [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[EmbedVideo_Syntax|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 0ycu9qc6pl9gvcf9pxbwxczjwaaezhs 357 299 2023-04-23T22:30:03Z AwesomO 5 /* Get Involved */ 357 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[EmbedVideo_Syntax|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} ff1bqnabzlqkk641vgqj6hebe13qmy4 387 357 2023-05-04T17:11:36Z AwesomO 5 /* Data-Heavy Content */ 387 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} bxok2n6dgkpvvc8h5kelv2ovu0k64xs 429 387 2023-05-11T19:57:50Z Noob 1 /* Feed Back Received */ 429 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} r0v1l321w0hn4hb2dzbq9z4bmuc9ihq 430 429 2023-05-11T20:11:31Z Noob 1 430 wikitext text/x-wiki =In Concept Mode= '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 1yre6bo0yjuvrtylq1ymcmqiu5c567r 452 430 2024-04-25T08:44:24Z Test1 7 /* In Concept Mode */ 452 wikitext text/x-wiki =In Concept Mode= test '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} ki3yj2vbyuy95vikvzg4yrf9nbxkq5e 453 452 2024-04-25T08:44:35Z Test1 7 /* In Concept Mode */ 453 wikitext text/x-wiki =In Concept Mode= '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 1yre6bo0yjuvrtylq1ymcmqiu5c567r 464 453 2025-02-13T16:31:25Z AwesomO 5 /* Essential Links */ 464 wikitext text/x-wiki =In Concept Mode= '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[Command_Line_Editors#SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} gavbronhgbrospv9j2j886941e41gbu 465 464 2025-02-13T16:32:06Z AwesomO 5 /* Essential Links */ 465 wikitext text/x-wiki =In Concept Mode= '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 8xj3wtl4b5ino7dt5gk79xcta6kywmt 471 465 2025-02-16T23:31:57Z Noob 1 /* We All Start as Noobs */ 471 wikitext text/x-wiki =In Concept Mode= '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[https://www.completenoobs.com/noobs/DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate|Example Content]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 6junok774zrbcw6ptq59nwcde8xvutw 472 471 2025-02-16T23:32:22Z Noob 1 /* We All Start as Noobs */ 472 wikitext text/x-wiki =In Concept Mode= '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[https://www.completenoobs.com/noobs/DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate|Example_Content]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 69j32l6g3zk47fwzys57pzt1jrvte4k 473 472 2025-02-16T23:33:59Z Noob 1 /* We All Start as Noobs */ 473 wikitext text/x-wiki =In Concept Mode= '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[https://www.completenoobs.com/noobs/DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate| Example Content of CompleteNoobz]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} hmzfle5mxy34hzqra1bnw0cmwyb5oyq 524 473 2025-04-23T15:45:30Z Noob 1 /* Welcome to CompleteNoobs */ 524 wikitext text/x-wiki =In Concept Mode= '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==CompleteNoobs BlockChain Project== <div class="toccolours mw-collapsible mw-collapsed"> '''CompletNoobs Blockchain''': A Value-for-Value Producer Platform <div class="mw-collapsible-content"> * '''Core Idea''': A decentralized blockchain enabling creators and consumers to exchange value directly through a wiki-style system. Content is stored on-chain or via '''IPFS''', with transparent contributions and user-driven value distribution. * '''Key Features''': ** '''Named Accounts''': *** '''Human-readable account names''' (e.g., @UserName). *** '''Public/private key pairs''' for security. *** Optional: Separate '''master key''' (for account control) and '''posting key''' (for content submission), inspired by EOS/BitShares for safer key management. ** '''Decentralized Wiki''': *** '''Text Content''': Wiki pages stored directly on the blockchain. *** '''Media Content''': Images, videos, audio, and source code stored as '''IPFS hashes'''. Browser extensions can fetch and display this content. *** '''Page Metadata''': Tracks contributors, edit history (diffs), and links to original sources or '''IPFS hashes'''. ** '''Value-for-Value System''': *** '''User Ratings''': Users with '''producer wallets''' rate pages (0–10) based on value received. *** '''Donations''': Users fund a '''drop/share wallet''' with crypto (e.g., project coin, Bitcoin, or Lightning Network). *** '''Fund Splitting''': At a set time/date, funds from the '''drop/share wallet''' are split among pages based on ratings. Each page’s funds are further split among its contributors. *** '''User Control''': Users can override suggested splits to decide which contributors receive funds (or none). ** '''Contributor Rewards''': *** Each contributor has a '''crypto address''' (project coin, Bitcoin, or Lightning) to receive donations or split funds. *** Suggested splits per page, but users have final say on distribution. * '''Goal''': Empower creators to produce valuable content and let users reward them directly, with full transparency and control, on a decentralized platform. </div> </div> * [[N33Bcoin| Currently learning more about the genesis of blockchain projects, Bitcoin.]] ** https://www.completenoobs.com/noobs/N33Bcoin ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[https://www.completenoobs.com/noobs/DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate| Example Content of CompleteNoobz]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 6dtnreu4301wq7sxkaqy1dksesb0okd 533 524 2025-05-17T13:53:26Z AwesomO 5 533 wikitext text/x-wiki =In Concept Mode= * Discord: https://discord.gg/TdtmRQ6D '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==CompleteNoobs BlockChain Project== <div class="toccolours mw-collapsible mw-collapsed"> '''CompletNoobs Blockchain''': A Value-for-Value Producer Platform <div class="mw-collapsible-content"> * '''Core Idea''': A decentralized blockchain enabling creators and consumers to exchange value directly through a wiki-style system. Content is stored on-chain or via '''IPFS''', with transparent contributions and user-driven value distribution. * '''Key Features''': ** '''Named Accounts''': *** '''Human-readable account names''' (e.g., @UserName). *** '''Public/private key pairs''' for security. *** Optional: Separate '''master key''' (for account control) and '''posting key''' (for content submission), inspired by EOS/BitShares for safer key management. ** '''Decentralized Wiki''': *** '''Text Content''': Wiki pages stored directly on the blockchain. *** '''Media Content''': Images, videos, audio, and source code stored as '''IPFS hashes'''. Browser extensions can fetch and display this content. *** '''Page Metadata''': Tracks contributors, edit history (diffs), and links to original sources or '''IPFS hashes'''. ** '''Value-for-Value System''': *** '''User Ratings''': Users with '''producer wallets''' rate pages (0–10) based on value received. *** '''Donations''': Users fund a '''drop/share wallet''' with crypto (e.g., project coin, Bitcoin, or Lightning Network). *** '''Fund Splitting''': At a set time/date, funds from the '''drop/share wallet''' are split among pages based on ratings. Each page’s funds are further split among its contributors. *** '''User Control''': Users can override suggested splits to decide which contributors receive funds (or none). ** '''Contributor Rewards''': *** Each contributor has a '''crypto address''' (project coin, Bitcoin, or Lightning) to receive donations or split funds. *** Suggested splits per page, but users have final say on distribution. * '''Goal''': Empower creators to produce valuable content and let users reward them directly, with full transparency and control, on a decentralized platform. </div> </div> * [[N33Bcoin| Currently learning more about the genesis of blockchain projects, Bitcoin.]] ** https://www.completenoobs.com/noobs/N33Bcoin ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[https://www.completenoobs.com/noobs/DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate| Example Content of CompleteNoobz]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} fjihe3iiqfl9p0xz4nnw77mxumpksvb 551 533 2025-05-29T19:32:35Z AwesomO 5 /* In Concept Mode */ 551 wikitext text/x-wiki =In Concept Mode= * Genesis of CompleteNoobs * Discord: https://discord.gg/TdtmRQ6D '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==CompleteNoobs BlockChain Project== <div class="toccolours mw-collapsible mw-collapsed"> '''CompletNoobs Blockchain''': A Value-for-Value Producer Platform <div class="mw-collapsible-content"> * '''Core Idea''': A decentralized blockchain enabling creators and consumers to exchange value directly through a wiki-style system. Content is stored on-chain or via '''IPFS''', with transparent contributions and user-driven value distribution. * '''Key Features''': ** '''Named Accounts''': *** '''Human-readable account names''' (e.g., @UserName). *** '''Public/private key pairs''' for security. *** Optional: Separate '''master key''' (for account control) and '''posting key''' (for content submission), inspired by EOS/BitShares for safer key management. ** '''Decentralized Wiki''': *** '''Text Content''': Wiki pages stored directly on the blockchain. *** '''Media Content''': Images, videos, audio, and source code stored as '''IPFS hashes'''. Browser extensions can fetch and display this content. *** '''Page Metadata''': Tracks contributors, edit history (diffs), and links to original sources or '''IPFS hashes'''. ** '''Value-for-Value System''': *** '''User Ratings''': Users with '''producer wallets''' rate pages (0–10) based on value received. *** '''Donations''': Users fund a '''drop/share wallet''' with crypto (e.g., project coin, Bitcoin, or Lightning Network). *** '''Fund Splitting''': At a set time/date, funds from the '''drop/share wallet''' are split among pages based on ratings. Each page’s funds are further split among its contributors. *** '''User Control''': Users can override suggested splits to decide which contributors receive funds (or none). ** '''Contributor Rewards''': *** Each contributor has a '''crypto address''' (project coin, Bitcoin, or Lightning) to receive donations or split funds. *** Suggested splits per page, but users have final say on distribution. * '''Goal''': Empower creators to produce valuable content and let users reward them directly, with full transparency and control, on a decentralized platform. </div> </div> * [[N33Bcoin| Currently learning more about the genesis of blockchain projects, Bitcoin.]] ** https://www.completenoobs.com/noobs/N33Bcoin ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[https://www.completenoobs.com/noobs/DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate| Example Content of CompleteNoobz]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} pnsu1fvi1iu71e93tshr9eq04d5cvym 552 551 2025-05-29T19:33:27Z AwesomO 5 /* In Concept Mode */ 552 wikitext text/x-wiki =In Concept Mode= * [[CompleteNoobs_Genesis| Genesis of CompleteNoobs]] * Discord: https://discord.gg/TdtmRQ6D '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==CompleteNoobs BlockChain Project== <div class="toccolours mw-collapsible mw-collapsed"> '''CompletNoobs Blockchain''': A Value-for-Value Producer Platform <div class="mw-collapsible-content"> * '''Core Idea''': A decentralized blockchain enabling creators and consumers to exchange value directly through a wiki-style system. Content is stored on-chain or via '''IPFS''', with transparent contributions and user-driven value distribution. * '''Key Features''': ** '''Named Accounts''': *** '''Human-readable account names''' (e.g., @UserName). *** '''Public/private key pairs''' for security. *** Optional: Separate '''master key''' (for account control) and '''posting key''' (for content submission), inspired by EOS/BitShares for safer key management. ** '''Decentralized Wiki''': *** '''Text Content''': Wiki pages stored directly on the blockchain. *** '''Media Content''': Images, videos, audio, and source code stored as '''IPFS hashes'''. Browser extensions can fetch and display this content. *** '''Page Metadata''': Tracks contributors, edit history (diffs), and links to original sources or '''IPFS hashes'''. ** '''Value-for-Value System''': *** '''User Ratings''': Users with '''producer wallets''' rate pages (0–10) based on value received. *** '''Donations''': Users fund a '''drop/share wallet''' with crypto (e.g., project coin, Bitcoin, or Lightning Network). *** '''Fund Splitting''': At a set time/date, funds from the '''drop/share wallet''' are split among pages based on ratings. Each page’s funds are further split among its contributors. *** '''User Control''': Users can override suggested splits to decide which contributors receive funds (or none). ** '''Contributor Rewards''': *** Each contributor has a '''crypto address''' (project coin, Bitcoin, or Lightning) to receive donations or split funds. *** Suggested splits per page, but users have final say on distribution. * '''Goal''': Empower creators to produce valuable content and let users reward them directly, with full transparency and control, on a decentralized platform. </div> </div> * [[N33Bcoin| Currently learning more about the genesis of blockchain projects, Bitcoin.]] ** https://www.completenoobs.com/noobs/N33Bcoin ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[https://www.completenoobs.com/noobs/DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate| Example Content of CompleteNoobz]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} birc9qc3p2n4d90ergz4k8aimaj7kvz 560 552 2025-06-03T22:27:34Z NobleMage 17 /* In Concept Mode */ 560 wikitext text/x-wiki =In Concept Mode= * [[CompleteNoobs_Genesis| Genesis of CompleteNoobs]] * Discord: https://discord.gg/TdtmRQ6D '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. edit test <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==CompleteNoobs BlockChain Project== <div class="toccolours mw-collapsible mw-collapsed"> '''CompletNoobs Blockchain''': A Value-for-Value Producer Platform <div class="mw-collapsible-content"> * '''Core Idea''': A decentralized blockchain enabling creators and consumers to exchange value directly through a wiki-style system. Content is stored on-chain or via '''IPFS''', with transparent contributions and user-driven value distribution. * '''Key Features''': ** '''Named Accounts''': *** '''Human-readable account names''' (e.g., @UserName). *** '''Public/private key pairs''' for security. *** Optional: Separate '''master key''' (for account control) and '''posting key''' (for content submission), inspired by EOS/BitShares for safer key management. ** '''Decentralized Wiki''': *** '''Text Content''': Wiki pages stored directly on the blockchain. *** '''Media Content''': Images, videos, audio, and source code stored as '''IPFS hashes'''. Browser extensions can fetch and display this content. *** '''Page Metadata''': Tracks contributors, edit history (diffs), and links to original sources or '''IPFS hashes'''. ** '''Value-for-Value System''': *** '''User Ratings''': Users with '''producer wallets''' rate pages (0–10) based on value received. *** '''Donations''': Users fund a '''drop/share wallet''' with crypto (e.g., project coin, Bitcoin, or Lightning Network). *** '''Fund Splitting''': At a set time/date, funds from the '''drop/share wallet''' are split among pages based on ratings. Each page’s funds are further split among its contributors. *** '''User Control''': Users can override suggested splits to decide which contributors receive funds (or none). ** '''Contributor Rewards''': *** Each contributor has a '''crypto address''' (project coin, Bitcoin, or Lightning) to receive donations or split funds. *** Suggested splits per page, but users have final say on distribution. * '''Goal''': Empower creators to produce valuable content and let users reward them directly, with full transparency and control, on a decentralized platform. </div> </div> * [[N33Bcoin| Currently learning more about the genesis of blockchain projects, Bitcoin.]] ** https://www.completenoobs.com/noobs/N33Bcoin ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[https://www.completenoobs.com/noobs/DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate| Example Content of CompleteNoobz]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} kbz9yr557ydsxszyjm18ig2yot9gwk5 561 560 2025-06-03T22:28:00Z NobleMage 17 /* In Concept Mode */ 561 wikitext text/x-wiki =In Concept Mode= * [[CompleteNoobs_Genesis| Genesis of CompleteNoobs]] * Discord: https://discord.gg/TdtmRQ6D '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==CompleteNoobs BlockChain Project== <div class="toccolours mw-collapsible mw-collapsed"> '''CompletNoobs Blockchain''': A Value-for-Value Producer Platform <div class="mw-collapsible-content"> * '''Core Idea''': A decentralized blockchain enabling creators and consumers to exchange value directly through a wiki-style system. Content is stored on-chain or via '''IPFS''', with transparent contributions and user-driven value distribution. * '''Key Features''': ** '''Named Accounts''': *** '''Human-readable account names''' (e.g., @UserName). *** '''Public/private key pairs''' for security. *** Optional: Separate '''master key''' (for account control) and '''posting key''' (for content submission), inspired by EOS/BitShares for safer key management. ** '''Decentralized Wiki''': *** '''Text Content''': Wiki pages stored directly on the blockchain. *** '''Media Content''': Images, videos, audio, and source code stored as '''IPFS hashes'''. Browser extensions can fetch and display this content. *** '''Page Metadata''': Tracks contributors, edit history (diffs), and links to original sources or '''IPFS hashes'''. ** '''Value-for-Value System''': *** '''User Ratings''': Users with '''producer wallets''' rate pages (0–10) based on value received. *** '''Donations''': Users fund a '''drop/share wallet''' with crypto (e.g., project coin, Bitcoin, or Lightning Network). *** '''Fund Splitting''': At a set time/date, funds from the '''drop/share wallet''' are split among pages based on ratings. Each page’s funds are further split among its contributors. *** '''User Control''': Users can override suggested splits to decide which contributors receive funds (or none). ** '''Contributor Rewards''': *** Each contributor has a '''crypto address''' (project coin, Bitcoin, or Lightning) to receive donations or split funds. *** Suggested splits per page, but users have final say on distribution. * '''Goal''': Empower creators to produce valuable content and let users reward them directly, with full transparency and control, on a decentralized platform. </div> </div> * [[N33Bcoin| Currently learning more about the genesis of blockchain projects, Bitcoin.]] ** https://www.completenoobs.com/noobs/N33Bcoin ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[https://www.completenoobs.com/noobs/DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate| Example Content of CompleteNoobz]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} g8838xvkhzf0pjh1c31picogrfp4upf 562 561 2025-06-03T22:31:03Z NobleMage 17 /* In Concept Mode */ 562 wikitext text/x-wiki =In Concept development Mode - a wiki you can download= * [[CompleteNoobs_Genesis| Genesis of CompleteNoobs]] * Discord: https://discord.gg/TdtmRQ6D '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==CompleteNoobs BlockChain Project== <div class="toccolours mw-collapsible mw-collapsed"> '''CompletNoobs Blockchain''': A Value-for-Value Producer Platform <div class="mw-collapsible-content"> * '''Core Idea''': A decentralized blockchain enabling creators and consumers to exchange value directly through a wiki-style system. Content is stored on-chain or via '''IPFS''', with transparent contributions and user-driven value distribution. * '''Key Features''': ** '''Named Accounts''': *** '''Human-readable account names''' (e.g., @UserName). *** '''Public/private key pairs''' for security. *** Optional: Separate '''master key''' (for account control) and '''posting key''' (for content submission), inspired by EOS/BitShares for safer key management. ** '''Decentralized Wiki''': *** '''Text Content''': Wiki pages stored directly on the blockchain. *** '''Media Content''': Images, videos, audio, and source code stored as '''IPFS hashes'''. Browser extensions can fetch and display this content. *** '''Page Metadata''': Tracks contributors, edit history (diffs), and links to original sources or '''IPFS hashes'''. ** '''Value-for-Value System''': *** '''User Ratings''': Users with '''producer wallets''' rate pages (0–10) based on value received. *** '''Donations''': Users fund a '''drop/share wallet''' with crypto (e.g., project coin, Bitcoin, or Lightning Network). *** '''Fund Splitting''': At a set time/date, funds from the '''drop/share wallet''' are split among pages based on ratings. Each page’s funds are further split among its contributors. *** '''User Control''': Users can override suggested splits to decide which contributors receive funds (or none). ** '''Contributor Rewards''': *** Each contributor has a '''crypto address''' (project coin, Bitcoin, or Lightning) to receive donations or split funds. *** Suggested splits per page, but users have final say on distribution. * '''Goal''': Empower creators to produce valuable content and let users reward them directly, with full transparency and control, on a decentralized platform. </div> </div> * [[N33Bcoin| Currently learning more about the genesis of blockchain projects, Bitcoin.]] ** https://www.completenoobs.com/noobs/N33Bcoin ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[https://www.completenoobs.com/noobs/DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate| Example Content of CompleteNoobz]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} js289jihu9ts4yy0uuhx4m70qx6ysoe 564 562 2025-06-05T00:10:58Z AwesomO 5 /* We All Start as Noobs */ 564 wikitext text/x-wiki =In Concept development Mode - a wiki you can download= * [[CompleteNoobs_Genesis| Genesis of CompleteNoobs]] * Discord: https://discord.gg/TdtmRQ6D '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==CompleteNoobs BlockChain Project== <div class="toccolours mw-collapsible mw-collapsed"> '''CompletNoobs Blockchain''': A Value-for-Value Producer Platform <div class="mw-collapsible-content"> * '''Core Idea''': A decentralized blockchain enabling creators and consumers to exchange value directly through a wiki-style system. Content is stored on-chain or via '''IPFS''', with transparent contributions and user-driven value distribution. * '''Key Features''': ** '''Named Accounts''': *** '''Human-readable account names''' (e.g., @UserName). *** '''Public/private key pairs''' for security. *** Optional: Separate '''master key''' (for account control) and '''posting key''' (for content submission), inspired by EOS/BitShares for safer key management. ** '''Decentralized Wiki''': *** '''Text Content''': Wiki pages stored directly on the blockchain. *** '''Media Content''': Images, videos, audio, and source code stored as '''IPFS hashes'''. Browser extensions can fetch and display this content. *** '''Page Metadata''': Tracks contributors, edit history (diffs), and links to original sources or '''IPFS hashes'''. ** '''Value-for-Value System''': *** '''User Ratings''': Users with '''producer wallets''' rate pages (0–10) based on value received. *** '''Donations''': Users fund a '''drop/share wallet''' with crypto (e.g., project coin, Bitcoin, or Lightning Network). *** '''Fund Splitting''': At a set time/date, funds from the '''drop/share wallet''' are split among pages based on ratings. Each page’s funds are further split among its contributors. *** '''User Control''': Users can override suggested splits to decide which contributors receive funds (or none). ** '''Contributor Rewards''': *** Each contributor has a '''crypto address''' (project coin, Bitcoin, or Lightning) to receive donations or split funds. *** Suggested splits per page, but users have final say on distribution. * '''Goal''': Empower creators to produce valuable content and let users reward them directly, with full transparency and control, on a decentralized platform. </div> </div> * [[N33Bcoin| Currently learning more about the genesis of blockchain projects, Bitcoin.]] ** https://www.completenoobs.com/noobs/N33Bcoin ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate| Example Content of CompleteNoobz]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 09m4b7tq1cut1x0uscp8wgun0ty10s3 587 564 2025-06-24T01:24:16Z AwesomO 5 587 wikitext text/x-wiki =In Concept development Mode - a wiki you can download= * [[CompleteNoobs_Genesis| Genesis of CompleteNoobs]] * Discord: https://discord.gg/TdtmRQ6D '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==CompleteNoobs BlockChain Project== <div class="toccolours mw-collapsible mw-collapsed"> '''CompletNoobs Blockchain''': A Value-for-Value Producer Platform <div class="mw-collapsible-content"> * '''Core Idea''': A decentralized blockchain enabling creators and consumers to exchange value directly through a wiki-style system. Content is stored on-chain or via '''IPFS''', with transparent contributions and user-driven value distribution. * '''Key Features''': ** '''Named Accounts''': *** '''Human-readable account names''' (e.g., @UserName). *** '''Public/private key pairs''' for security. *** Optional: Separate '''master key''' (for account control) and '''posting key''' (for content submission), inspired by EOS/BitShares for safer key management. ** '''Decentralized Wiki''': *** '''Text Content''': Wiki pages stored directly on the blockchain. *** '''Media Content''': Images, videos, audio, and source code stored as '''IPFS hashes'''. Browser extensions can fetch and display this content. *** '''Page Metadata''': Tracks contributors, edit history (diffs), and links to original sources or '''IPFS hashes'''. ** '''Value-for-Value System''': *** '''User Ratings''': Users with '''producer wallets''' rate pages (0–10) based on value received. *** '''Donations''': Users fund a '''drop/share wallet''' with crypto (e.g., project coin, Bitcoin, or Lightning Network). *** '''Fund Splitting''': At a set time/date, funds from the '''drop/share wallet''' are split among pages based on ratings. Each page’s funds are further split among its contributors. *** '''User Control''': Users can override suggested splits to decide which contributors receive funds (or none). ** '''Contributor Rewards''': *** Each contributor has a '''crypto address''' (project coin, Bitcoin, or Lightning) to receive donations or split funds. *** Suggested splits per page, but users have final say on distribution. * '''Goal''': Empower creators to produce valuable content and let users reward them directly, with full transparency and control, on a decentralized platform. </div> </div> * [[N33Bcoin| Currently learning more about the genesis of blockchain projects, Bitcoin.]] ** https://www.completenoobs.com/noobs/N33Bcoin ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate| Example Content of CompleteNoobz]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} {{Special:PopularPages/10}} gwlch851nahtrbbvz6j7cis412e3vg4 592 587 2025-06-25T13:18:50Z AwesomO 5 /* Essential Links */ 592 wikitext text/x-wiki =In Concept development Mode - a wiki you can download= * [[CompleteNoobs_Genesis| Genesis of CompleteNoobs]] * Discord: https://discord.gg/TdtmRQ6D '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==CompleteNoobs BlockChain Project== <div class="toccolours mw-collapsible mw-collapsed"> '''CompletNoobs Blockchain''': A Value-for-Value Producer Platform <div class="mw-collapsible-content"> * '''Core Idea''': A decentralized blockchain enabling creators and consumers to exchange value directly through a wiki-style system. Content is stored on-chain or via '''IPFS''', with transparent contributions and user-driven value distribution. * '''Key Features''': ** '''Named Accounts''': *** '''Human-readable account names''' (e.g., @UserName). *** '''Public/private key pairs''' for security. *** Optional: Separate '''master key''' (for account control) and '''posting key''' (for content submission), inspired by EOS/BitShares for safer key management. ** '''Decentralized Wiki''': *** '''Text Content''': Wiki pages stored directly on the blockchain. *** '''Media Content''': Images, videos, audio, and source code stored as '''IPFS hashes'''. Browser extensions can fetch and display this content. *** '''Page Metadata''': Tracks contributors, edit history (diffs), and links to original sources or '''IPFS hashes'''. ** '''Value-for-Value System''': *** '''User Ratings''': Users with '''producer wallets''' rate pages (0–10) based on value received. *** '''Donations''': Users fund a '''drop/share wallet''' with crypto (e.g., project coin, Bitcoin, or Lightning Network). *** '''Fund Splitting''': At a set time/date, funds from the '''drop/share wallet''' are split among pages based on ratings. Each page’s funds are further split among its contributors. *** '''User Control''': Users can override suggested splits to decide which contributors receive funds (or none). ** '''Contributor Rewards''': *** Each contributor has a '''crypto address''' (project coin, Bitcoin, or Lightning) to receive donations or split funds. *** Suggested splits per page, but users have final say on distribution. * '''Goal''': Empower creators to produce valuable content and let users reward them directly, with full transparency and control, on a decentralized platform. </div> </div> * [[N33Bcoin| Currently learning more about the genesis of blockchain projects, Bitcoin.]] ** https://www.completenoobs.com/noobs/N33Bcoin ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate| Example Content of CompleteNoobz]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] - SET EDITOR can be added to page with: <nowiki>{{:SET_EDITOR}}</nowiki> :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} {{Special:PopularPages/10}} i7k37lpoqturkrrys4ukzfjqjyvehir 644 592 2025-08-29T09:09:48Z AwesomO 5 /* In Concept development Mode - a wiki you can download */ 644 wikitext text/x-wiki =In Concept development Mode - a wiki you can download= * Discord: https://discord.gg/TdtmRQ6D '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==CompleteNoobs BlockChain Project== <div class="toccolours mw-collapsible mw-collapsed"> '''CompletNoobs Blockchain''': A Value-for-Value Producer Platform <div class="mw-collapsible-content"> * '''Core Idea''': A decentralized blockchain enabling creators and consumers to exchange value directly through a wiki-style system. Content is stored on-chain or via '''IPFS''', with transparent contributions and user-driven value distribution. * '''Key Features''': ** '''Named Accounts''': *** '''Human-readable account names''' (e.g., @UserName). *** '''Public/private key pairs''' for security. *** Optional: Separate '''master key''' (for account control) and '''posting key''' (for content submission), inspired by EOS/BitShares for safer key management. ** '''Decentralized Wiki''': *** '''Text Content''': Wiki pages stored directly on the blockchain. *** '''Media Content''': Images, videos, audio, and source code stored as '''IPFS hashes'''. Browser extensions can fetch and display this content. *** '''Page Metadata''': Tracks contributors, edit history (diffs), and links to original sources or '''IPFS hashes'''. ** '''Value-for-Value System''': *** '''User Ratings''': Users with '''producer wallets''' rate pages (0–10) based on value received. *** '''Donations''': Users fund a '''drop/share wallet''' with crypto (e.g., project coin, Bitcoin, or Lightning Network). *** '''Fund Splitting''': At a set time/date, funds from the '''drop/share wallet''' are split among pages based on ratings. Each page’s funds are further split among its contributors. *** '''User Control''': Users can override suggested splits to decide which contributors receive funds (or none). ** '''Contributor Rewards''': *** Each contributor has a '''crypto address''' (project coin, Bitcoin, or Lightning) to receive donations or split funds. *** Suggested splits per page, but users have final say on distribution. * '''Goal''': Empower creators to produce valuable content and let users reward them directly, with full transparency and control, on a decentralized platform. </div> </div> * [[N33Bcoin| Currently learning more about the genesis of blockchain projects, Bitcoin.]] ** https://www.completenoobs.com/noobs/N33Bcoin ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate| Example Content of CompleteNoobz]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] - SET EDITOR can be added to page with: <nowiki>{{:SET_EDITOR}}</nowiki> :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} {{Special:PopularPages/10}} 5kfwe0buuzn83kkip9ts3z1yjmbuia5 655 644 2025-09-01T17:59:32Z AwesomO 5 655 wikitext text/x-wiki =In Concept development Mode - a wiki you can download= = CompleteNoobs: A Downloadable Wiki for Reproducible Computer Tutorials = '''CompleteNoobs''' is a open-source wiki offering free, reproducible computer science tutorials. * [[https://www.completenoobs.com/noobs/Ubuntu2404_Install_Docker_and_Docker_Compose| Download the wiki as a '''Docker image''' to run locally on your computer or fork it to contribute and share knowledge.]] == About CompleteNoobs == Our mission is to provide accessible, libre-licensed resources for hobbyists, sysadmins, students, teachers, and computer science enthusiasts. All content is available under a '''Creative Commons BY-NC-SA''' license, ensuring the freedoms to: * Read * Edit/Modify * Copy * Share freely Download the wiki as an XML file at [https://xml.completenoobs.com xml.completenoobs.com] or access data-heavy content (images, videos, audio) via '''IPFS''' hashes. == Get Started == * '''Download the Wiki''': Run CompleteNoobs locally using our [[/Local_CompleteNoobs_Wiki|Manually install guides or Docker image]]. * '''Host Your Own''': Set up your own MediaWiki instance with our guide: [[Host_Your_Own_Mediawiki_Online|Host Your Own MediaWiki Online]]. == CompleteNoobs Blockchain Project == As Noobs we want to learn more about bitcoin, without losing any real bitcoin First we are learning how to fork bitcoin version 0.14.3, best way to learn is by tinkering with it. * [[N33Bcoin| n33b.com]] == Essential Links == * [[Main_Index|Main Index Page]] * [[Special:AllPages|All Pages]] * [[Wiki_Basic_Syntax|Wiki Basic Syntax]] * [[COMPLETENOOBS_FUNDING|Support Us]] == Licenses == All content is libre-licensed for free copying, modification, and distribution. Add a license header to your contributions using: <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} == Disclaimer == <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> Content on CompleteNoobs is for informational and educational purposes only. We make no warranties about accuracy or reliability. Use at your own risk. Links to external sites are not endorsements, and we are not responsible for their content or availability. The site may be temporarily unavailable due to technical issues beyond our control. </div> </div> {{Special:ContributionScores/10/5}} {{Special:PopularPages/10}} ngwa3m86e86r9fe617jcxi33myxg3ep 656 655 2025-09-01T18:00:22Z AwesomO 5 /* Get Started */ 656 wikitext text/x-wiki =In Concept development Mode - a wiki you can download= = CompleteNoobs: A Downloadable Wiki for Reproducible Computer Tutorials = '''CompleteNoobs''' is a open-source wiki offering free, reproducible computer science tutorials. * [[https://www.completenoobs.com/noobs/Ubuntu2404_Install_Docker_and_Docker_Compose| Download the wiki as a '''Docker image''' to run locally on your computer or fork it to contribute and share knowledge.]] == About CompleteNoobs == Our mission is to provide accessible, libre-licensed resources for hobbyists, sysadmins, students, teachers, and computer science enthusiasts. All content is available under a '''Creative Commons BY-NC-SA''' license, ensuring the freedoms to: * Read * Edit/Modify * Copy * Share freely Download the wiki as an XML file at [https://xml.completenoobs.com xml.completenoobs.com] or access data-heavy content (images, videos, audio) via '''IPFS''' hashes. == Get Started == * '''Download the Wiki''': Run CompleteNoobs locally using our [[Local_CompleteNoobs_Wiki|Manually install guides or Docker image]]. * '''Host Your Own''': Set up your own MediaWiki instance with our guide: [[Host_Your_Own_Mediawiki_Online|Host Your Own MediaWiki Online]]. == CompleteNoobs Blockchain Project == As Noobs we want to learn more about bitcoin, without losing any real bitcoin First we are learning how to fork bitcoin version 0.14.3, best way to learn is by tinkering with it. * [[N33Bcoin| n33b.com]] == Essential Links == * [[Main_Index|Main Index Page]] * [[Special:AllPages|All Pages]] * [[Wiki_Basic_Syntax|Wiki Basic Syntax]] * [[COMPLETENOOBS_FUNDING|Support Us]] == Licenses == All content is libre-licensed for free copying, modification, and distribution. Add a license header to your contributions using: <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} == Disclaimer == <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> Content on CompleteNoobs is for informational and educational purposes only. We make no warranties about accuracy or reliability. Use at your own risk. Links to external sites are not endorsements, and we are not responsible for their content or availability. The site may be temporarily unavailable due to technical issues beyond our control. </div> </div> {{Special:ContributionScores/10/5}} {{Special:PopularPages/10}} trgggorplfsz8v5bt7vp19w9ma0jqc2 657 656 2025-09-01T18:37:56Z AwesomO 5 /* CompleteNoobs: A Downloadable Wiki for Reproducible Computer Tutorials */ 657 wikitext text/x-wiki =In Concept development Mode - a wiki you can download= = CompleteNoobs: A Downloadable Wiki for Reproducible Computer Tutorials = '''CompleteNoobs''' is a open-source wiki offering free, reproducible computer science tutorials. * [[Ubuntu2404_Install_Docker_and_Docker_Compose| Download the wiki as a '''Docker image''' to run locally on your computer or fork it to contribute and share knowledge.]] == About CompleteNoobs == Our mission is to provide accessible, libre-licensed resources for hobbyists, sysadmins, students, teachers, and computer science enthusiasts. All content is available under a '''Creative Commons BY-NC-SA''' license, ensuring the freedoms to: * Read * Edit/Modify * Copy * Share freely Download the wiki as an XML file at [https://xml.completenoobs.com xml.completenoobs.com] or access data-heavy content (images, videos, audio) via '''IPFS''' hashes. == Get Started == * '''Download the Wiki''': Run CompleteNoobs locally using our [[Local_CompleteNoobs_Wiki|Manually install guides or Docker image]]. * '''Host Your Own''': Set up your own MediaWiki instance with our guide: [[Host_Your_Own_Mediawiki_Online|Host Your Own MediaWiki Online]]. == CompleteNoobs Blockchain Project == As Noobs we want to learn more about bitcoin, without losing any real bitcoin First we are learning how to fork bitcoin version 0.14.3, best way to learn is by tinkering with it. * [[N33Bcoin| n33b.com]] == Essential Links == * [[Main_Index|Main Index Page]] * [[Special:AllPages|All Pages]] * [[Wiki_Basic_Syntax|Wiki Basic Syntax]] * [[COMPLETENOOBS_FUNDING|Support Us]] == Licenses == All content is libre-licensed for free copying, modification, and distribution. Add a license header to your contributions using: <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} == Disclaimer == <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> Content on CompleteNoobs is for informational and educational purposes only. We make no warranties about accuracy or reliability. Use at your own risk. Links to external sites are not endorsements, and we are not responsible for their content or availability. The site may be temporarily unavailable due to technical issues beyond our control. </div> </div> {{Special:ContributionScores/10/5}} {{Special:PopularPages/10}} nfaun5ixcf6xvmboetcni3ri0dbatn9 739 657 2026-04-19T14:16:23Z AwesomO 5 /* Licenses */ 739 wikitext text/x-wiki =In Concept development Mode - a wiki you can download= = CompleteNoobs: A Downloadable Wiki for Reproducible Computer Tutorials = '''CompleteNoobs''' is a open-source wiki offering free, reproducible computer science tutorials. * [[Ubuntu2404_Install_Docker_and_Docker_Compose| Download the wiki as a '''Docker image''' to run locally on your computer or fork it to contribute and share knowledge.]] == About CompleteNoobs == Our mission is to provide accessible, libre-licensed resources for hobbyists, sysadmins, students, teachers, and computer science enthusiasts. All content is available under a '''Creative Commons BY-NC-SA''' license, ensuring the freedoms to: * Read * Edit/Modify * Copy * Share freely Download the wiki as an XML file at [https://xml.completenoobs.com xml.completenoobs.com] or access data-heavy content (images, videos, audio) via '''IPFS''' hashes. == Get Started == * '''Download the Wiki''': Run CompleteNoobs locally using our [[Local_CompleteNoobs_Wiki|Manually install guides or Docker image]]. * '''Host Your Own''': Set up your own MediaWiki instance with our guide: [[Host_Your_Own_Mediawiki_Online|Host Your Own MediaWiki Online]]. == CompleteNoobs Blockchain Project == As Noobs we want to learn more about bitcoin, without losing any real bitcoin First we are learning how to fork bitcoin version 0.14.3, best way to learn is by tinkering with it. * [[N33Bcoin| n33b.com]] == Essential Links == * [[Main_Index|Main Index Page]] * [[Special:AllPages|All Pages]] * [[Wiki_Basic_Syntax|Wiki Basic Syntax]] * [[COMPLETENOOBS_FUNDING|Support Us]] == Licenses == [[LICENCE_HEADERS]] All content is libre-licensed for free copying, modification, and distribution. Add a license header to your contributions using: <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} == Disclaimer == <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> Content on CompleteNoobs is for informational and educational purposes only. We make no warranties about accuracy or reliability. Use at your own risk. Links to external sites are not endorsements, and we are not responsible for their content or availability. The site may be temporarily unavailable due to technical issues beyond our control. </div> </div> {{Special:ContributionScores/10/5}} {{Special:PopularPages/10}} fkv7l2vx4b3og33x1swffzhqu0g7zh6 8 2 3 2023-03-01T16:02:12Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" |Please Select a [[LICENCE_HEADERS|Licence]] from the [[LICENCE_HEADERS]] page<br \> |And place at top of your page<br \> |If no Licence is Selected/Appended, Default will be CC0<br \> <div class="toccolours mw-collapsible mw-collapsed"> Default Licence <b>IF there is no Licence placed below this notice!</b> When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br..." 3 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" |Please Select a [[LICENCE_HEADERS|Licence]] from the [[LICENCE_HEADERS]] page<br \> |And place at top of your page<br \> |If no Licence is Selected/Appended, Default will be CC0<br \> <div class="toccolours mw-collapsible mw-collapsed"> Default Licence <b>IF there is no Licence placed below this notice!</b> When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> <div class="mw-collapsible-content"> <b>LICENCE</b>: More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code><br \><br \> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> </div> </div> |} 8nk6gg98hipq7gaqka7r0ulxg2gl7j3 0 3 4 2023-03-01T16:25:22Z Noob 1 Created page with "* Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENC..." 4 wikitext text/x-wiki * Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENCE_HEADER_APACHE2}}</nowiki></b> {{:LICENCE_HEADER_APACHE2}} <!-- delete below if mess up --> <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste to your page: <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </pre> </div> </div> |} </nowiki> </div> </div> ==BDS0== [[LICENCE_HEADER_BSD0]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD0}}</nowiki></b> {{:LICENCE_HEADER_BSD0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==BSD1== [[LICENCE_HEADER_BSD]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD}}</nowiki></b> {{:LICENCE_HEADER_BSD}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD2== [[LICENCE_HEADER_BSD2]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD2}}</nowiki></b> {{:LICENCE_HEADER_BSD2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD3== [[LICENCE_HEADER_BSD3]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD3}}</nowiki></b> {{:LICENCE_HEADER_BSD3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==CC0== [[LICENCE_HEADER_CC0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> {{:LICENCE_HEADER_CC0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} </nowiki> </div> </div> ==CC-BY== [[LICENCE_HEADER_CC_BY]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY}}</nowiki></b> {{:LICENCE_HEADER_CC_BY}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CDDLv1.0== [[LICENCE_HEADER_CDDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CDDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_CDDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} </nowiki> </div> </div> ==EPLv2.0== [[LICENCE_HEADER_EPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_EPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_EPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.1== [[LICENCE_HEADER_GFDL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDL}}</nowiki></b> {{:LICENCE_HEADER_GFDL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.2== [[LICENCE_HEADER_GFDLv1.2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.2}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.3== [[LICENCE_HEADER_GFDLv1.3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.3}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GPLv1== [[LICENCE_HEADER_GPL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPL}}</nowiki></b> {{:LICENCE_HEADER_GPL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==GPLv2== [[LICENCE_HEADER_GPLv2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv2}}</nowiki></b> {{:LICENCE_HEADER_GPLv2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div> </div> |} </nowiki> </div> </div> ==GPLv3== [[LICENCE_HEADER_GPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv3}}</nowiki></b> {{:LICENCE_HEADER_GPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div> </div> |} </nowiki> </div> </div> ==LGPLv2.1== [[LICENCE_HEADER_LGPLv2.1]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv2.1}}</nowiki></b> {{:LICENCE_HEADER_LGPLv2.1}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. � 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS � How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==LGPLv3== [[LICENCE_HEADER_LGPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv3}}</nowiki></b> {{:LICENCE_HEADER_LGPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div> </div> |} </nowiki> </div> </div> ==MIT== [[LICENCE_HEADER_MIT]]<br \> <b><nowiki>{{:LICENCE_HEADER_MIT}}</nowiki></b> {{:LICENCE_HEADER_MIT}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==MPLv2.0== [[LICENCE_HEADER_MPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_MPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_MPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div> </div> |} </nowiki> </div> </div> ==PDLv1.0== [[LICENCE_HEADER_PDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_PDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_PDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div> </div> |} </nowiki> </div> </div> ==PIRATE== This Licence is for shits and giggles, don't use on public server<br \> [[LICENCE_HEADER_PIRATE]]<br \> <b><nowiki>{{:LICENCE_HEADER_PIRATE}}</nowiki></b> {{:LICENCE_HEADER_PIRATE}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence??? LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div> </div> |} </nowiki> </div> </div> hintszbrk550aw5dy4e95tllr8resxr 80 4 2023-03-03T02:56:28Z Noob 1 /* PIRATE */ 80 wikitext text/x-wiki * Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENCE_HEADER_APACHE2}}</nowiki></b> {{:LICENCE_HEADER_APACHE2}} <!-- delete below if mess up --> <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste to your page: <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </pre> </div> </div> |} </nowiki> </div> </div> ==BDS0== [[LICENCE_HEADER_BSD0]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD0}}</nowiki></b> {{:LICENCE_HEADER_BSD0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==BSD1== [[LICENCE_HEADER_BSD]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD}}</nowiki></b> {{:LICENCE_HEADER_BSD}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD2== [[LICENCE_HEADER_BSD2]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD2}}</nowiki></b> {{:LICENCE_HEADER_BSD2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD3== [[LICENCE_HEADER_BSD3]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD3}}</nowiki></b> {{:LICENCE_HEADER_BSD3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==CC0== [[LICENCE_HEADER_CC0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> {{:LICENCE_HEADER_CC0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} </nowiki> </div> </div> ==CC-BY== [[LICENCE_HEADER_CC_BY]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY}}</nowiki></b> {{:LICENCE_HEADER_CC_BY}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CDDLv1.0== [[LICENCE_HEADER_CDDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CDDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_CDDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} </nowiki> </div> </div> ==EPLv2.0== [[LICENCE_HEADER_EPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_EPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_EPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.1== [[LICENCE_HEADER_GFDL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDL}}</nowiki></b> {{:LICENCE_HEADER_GFDL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.2== [[LICENCE_HEADER_GFDLv1.2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.2}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.3== [[LICENCE_HEADER_GFDLv1.3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.3}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GPLv1== [[LICENCE_HEADER_GPL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPL}}</nowiki></b> {{:LICENCE_HEADER_GPL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==GPLv2== [[LICENCE_HEADER_GPLv2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv2}}</nowiki></b> {{:LICENCE_HEADER_GPLv2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div> </div> |} </nowiki> </div> </div> ==GPLv3== [[LICENCE_HEADER_GPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv3}}</nowiki></b> {{:LICENCE_HEADER_GPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div> </div> |} </nowiki> </div> </div> ==LGPLv2.1== [[LICENCE_HEADER_LGPLv2.1]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv2.1}}</nowiki></b> {{:LICENCE_HEADER_LGPLv2.1}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. � 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS � How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==LGPLv3== [[LICENCE_HEADER_LGPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv3}}</nowiki></b> {{:LICENCE_HEADER_LGPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div> </div> |} </nowiki> </div> </div> ==MIT== [[LICENCE_HEADER_MIT]]<br \> <b><nowiki>{{:LICENCE_HEADER_MIT}}</nowiki></b> {{:LICENCE_HEADER_MIT}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==MPLv2.0== [[LICENCE_HEADER_MPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_MPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_MPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div> </div> |} </nowiki> </div> </div> ==PDLv1.0== [[LICENCE_HEADER_PDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_PDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_PDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div> </div> |} </nowiki> </div> </div> ==PIRATE== This Licence is for shits and giggles, don't use on public server<br \> [[LICENCE_HEADER_PIRATE]]<br \> <b><nowiki>{{:LICENCE_HEADER_PIRATE}}</nowiki></b> {{:LICENCE_HEADER_PIRATE}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence! LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div> </div> |} </nowiki> </div> </div> 41esm907qkhuklvtqho05zl3y6ijt2c 139 80 2023-03-06T10:55:29Z Noob 1 /* CC BY-SA */ 139 wikitext text/x-wiki * Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENCE_HEADER_APACHE2}}</nowiki></b> {{:LICENCE_HEADER_APACHE2}} <!-- delete below if mess up --> <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste to your page: <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </pre> </div> </div> |} </nowiki> </div> </div> ==BDS0== [[LICENCE_HEADER_BSD0]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD0}}</nowiki></b> {{:LICENCE_HEADER_BSD0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==BSD1== [[LICENCE_HEADER_BSD]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD}}</nowiki></b> {{:LICENCE_HEADER_BSD}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD2== [[LICENCE_HEADER_BSD2]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD2}}</nowiki></b> {{:LICENCE_HEADER_BSD2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD3== [[LICENCE_HEADER_BSD3]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD3}}</nowiki></b> {{:LICENCE_HEADER_BSD3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==CC0== [[LICENCE_HEADER_CC0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> {{:LICENCE_HEADER_CC0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} </nowiki> </div> </div> ==CC-BY== [[LICENCE_HEADER_CC_BY]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY}}</nowiki></b> {{:LICENCE_HEADER_CC_BY}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CC BY-NC-SA 4.0== ==CDDLv1.0== [[LICENCE_HEADER_CDDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CDDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_CDDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} </nowiki> </div> </div> ==EPLv2.0== [[LICENCE_HEADER_EPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_EPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_EPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.1== [[LICENCE_HEADER_GFDL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDL}}</nowiki></b> {{:LICENCE_HEADER_GFDL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.2== [[LICENCE_HEADER_GFDLv1.2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.2}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.3== [[LICENCE_HEADER_GFDLv1.3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.3}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GPLv1== [[LICENCE_HEADER_GPL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPL}}</nowiki></b> {{:LICENCE_HEADER_GPL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==GPLv2== [[LICENCE_HEADER_GPLv2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv2}}</nowiki></b> {{:LICENCE_HEADER_GPLv2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div> </div> |} </nowiki> </div> </div> ==GPLv3== [[LICENCE_HEADER_GPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv3}}</nowiki></b> {{:LICENCE_HEADER_GPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div> </div> |} </nowiki> </div> </div> ==LGPLv2.1== [[LICENCE_HEADER_LGPLv2.1]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv2.1}}</nowiki></b> {{:LICENCE_HEADER_LGPLv2.1}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. � 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS � How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==LGPLv3== [[LICENCE_HEADER_LGPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv3}}</nowiki></b> {{:LICENCE_HEADER_LGPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div> </div> |} </nowiki> </div> </div> ==MIT== [[LICENCE_HEADER_MIT]]<br \> <b><nowiki>{{:LICENCE_HEADER_MIT}}</nowiki></b> {{:LICENCE_HEADER_MIT}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==MPLv2.0== [[LICENCE_HEADER_MPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_MPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_MPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div> </div> |} </nowiki> </div> </div> ==PDLv1.0== [[LICENCE_HEADER_PDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_PDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_PDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div> </div> |} </nowiki> </div> </div> ==PIRATE== This Licence is for shits and giggles, don't use on public server<br \> [[LICENCE_HEADER_PIRATE]]<br \> <b><nowiki>{{:LICENCE_HEADER_PIRATE}}</nowiki></b> {{:LICENCE_HEADER_PIRATE}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence! LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div> </div> |} </nowiki> </div> </div> qw9dsrid17oxdliyg6xqzivae3mdt0n 140 139 2023-03-06T10:56:09Z Noob 1 /* CC BY-NC-SA 4.0 */ 140 wikitext text/x-wiki * Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENCE_HEADER_APACHE2}}</nowiki></b> {{:LICENCE_HEADER_APACHE2}} <!-- delete below if mess up --> <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste to your page: <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </pre> </div> </div> |} </nowiki> </div> </div> ==BDS0== [[LICENCE_HEADER_BSD0]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD0}}</nowiki></b> {{:LICENCE_HEADER_BSD0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==BSD1== [[LICENCE_HEADER_BSD]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD}}</nowiki></b> {{:LICENCE_HEADER_BSD}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD2== [[LICENCE_HEADER_BSD2]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD2}}</nowiki></b> {{:LICENCE_HEADER_BSD2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD3== [[LICENCE_HEADER_BSD3]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD3}}</nowiki></b> {{:LICENCE_HEADER_BSD3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==CC0== [[LICENCE_HEADER_CC0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> {{:LICENCE_HEADER_CC0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} </nowiki> </div> </div> ==CC-BY== [[LICENCE_HEADER_CC_BY]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY}}</nowiki></b> {{:LICENCE_HEADER_CC_BY}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CC BY-NC-SA 4.0== ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CDDLv1.0== [[LICENCE_HEADER_CDDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CDDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_CDDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} </nowiki> </div> </div> ==EPLv2.0== [[LICENCE_HEADER_EPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_EPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_EPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.1== [[LICENCE_HEADER_GFDL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDL}}</nowiki></b> {{:LICENCE_HEADER_GFDL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.2== [[LICENCE_HEADER_GFDLv1.2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.2}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.3== [[LICENCE_HEADER_GFDLv1.3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.3}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GPLv1== [[LICENCE_HEADER_GPL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPL}}</nowiki></b> {{:LICENCE_HEADER_GPL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==GPLv2== [[LICENCE_HEADER_GPLv2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv2}}</nowiki></b> {{:LICENCE_HEADER_GPLv2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div> </div> |} </nowiki> </div> </div> ==GPLv3== [[LICENCE_HEADER_GPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv3}}</nowiki></b> {{:LICENCE_HEADER_GPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div> </div> |} </nowiki> </div> </div> ==LGPLv2.1== [[LICENCE_HEADER_LGPLv2.1]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv2.1}}</nowiki></b> {{:LICENCE_HEADER_LGPLv2.1}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. � 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS � How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==LGPLv3== [[LICENCE_HEADER_LGPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv3}}</nowiki></b> {{:LICENCE_HEADER_LGPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div> </div> |} </nowiki> </div> </div> ==MIT== [[LICENCE_HEADER_MIT]]<br \> <b><nowiki>{{:LICENCE_HEADER_MIT}}</nowiki></b> {{:LICENCE_HEADER_MIT}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==MPLv2.0== [[LICENCE_HEADER_MPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_MPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_MPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div> </div> |} </nowiki> </div> </div> ==PDLv1.0== [[LICENCE_HEADER_PDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_PDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_PDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div> </div> |} </nowiki> </div> </div> ==PIRATE== This Licence is for shits and giggles, don't use on public server<br \> [[LICENCE_HEADER_PIRATE]]<br \> <b><nowiki>{{:LICENCE_HEADER_PIRATE}}</nowiki></b> {{:LICENCE_HEADER_PIRATE}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence! LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div> </div> |} </nowiki> </div> </div> 6a6mvrci6480akxdwhkypka2mnlbdwr 141 140 2023-03-06T10:57:16Z Noob 1 /* CC BY-SA */ 141 wikitext text/x-wiki * Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENCE_HEADER_APACHE2}}</nowiki></b> {{:LICENCE_HEADER_APACHE2}} <!-- delete below if mess up --> <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste to your page: <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </pre> </div> </div> |} </nowiki> </div> </div> ==BDS0== [[LICENCE_HEADER_BSD0]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD0}}</nowiki></b> {{:LICENCE_HEADER_BSD0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==BSD1== [[LICENCE_HEADER_BSD]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD}}</nowiki></b> {{:LICENCE_HEADER_BSD}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD2== [[LICENCE_HEADER_BSD2]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD2}}</nowiki></b> {{:LICENCE_HEADER_BSD2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD3== [[LICENCE_HEADER_BSD3]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD3}}</nowiki></b> {{:LICENCE_HEADER_BSD3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==CC0== [[LICENCE_HEADER_CC0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> {{:LICENCE_HEADER_CC0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} </nowiki> </div> </div> ==CC-BY== [[LICENCE_HEADER_CC_BY]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY}}</nowiki></b> {{:LICENCE_HEADER_CC_BY}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CC BY-NC-SA 4.0== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CDDLv1.0== [[LICENCE_HEADER_CDDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CDDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_CDDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} </nowiki> </div> </div> ==EPLv2.0== [[LICENCE_HEADER_EPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_EPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_EPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.1== [[LICENCE_HEADER_GFDL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDL}}</nowiki></b> {{:LICENCE_HEADER_GFDL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.2== [[LICENCE_HEADER_GFDLv1.2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.2}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.3== [[LICENCE_HEADER_GFDLv1.3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.3}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GPLv1== [[LICENCE_HEADER_GPL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPL}}</nowiki></b> {{:LICENCE_HEADER_GPL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==GPLv2== [[LICENCE_HEADER_GPLv2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv2}}</nowiki></b> {{:LICENCE_HEADER_GPLv2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div> </div> |} </nowiki> </div> </div> ==GPLv3== [[LICENCE_HEADER_GPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv3}}</nowiki></b> {{:LICENCE_HEADER_GPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div> </div> |} </nowiki> </div> </div> ==LGPLv2.1== [[LICENCE_HEADER_LGPLv2.1]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv2.1}}</nowiki></b> {{:LICENCE_HEADER_LGPLv2.1}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. � 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS � How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==LGPLv3== [[LICENCE_HEADER_LGPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv3}}</nowiki></b> {{:LICENCE_HEADER_LGPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div> </div> |} </nowiki> </div> </div> ==MIT== [[LICENCE_HEADER_MIT]]<br \> <b><nowiki>{{:LICENCE_HEADER_MIT}}</nowiki></b> {{:LICENCE_HEADER_MIT}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==MPLv2.0== [[LICENCE_HEADER_MPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_MPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_MPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div> </div> |} </nowiki> </div> </div> ==PDLv1.0== [[LICENCE_HEADER_PDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_PDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_PDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div> </div> |} </nowiki> </div> </div> ==PIRATE== This Licence is for shits and giggles, don't use on public server<br \> [[LICENCE_HEADER_PIRATE]]<br \> <b><nowiki>{{:LICENCE_HEADER_PIRATE}}</nowiki></b> {{:LICENCE_HEADER_PIRATE}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence! LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div> </div> |} </nowiki> </div> </div> 9d714jg3rqbadc801btbh0lzqe076w0 142 141 2023-03-06T10:58:48Z Noob 1 /* CC BY-NC-SA 4.0 */ 142 wikitext text/x-wiki * Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENCE_HEADER_APACHE2}}</nowiki></b> {{:LICENCE_HEADER_APACHE2}} <!-- delete below if mess up --> <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste to your page: <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </pre> </div> </div> |} </nowiki> </div> </div> ==BDS0== [[LICENCE_HEADER_BSD0]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD0}}</nowiki></b> {{:LICENCE_HEADER_BSD0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==BSD1== [[LICENCE_HEADER_BSD]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD}}</nowiki></b> {{:LICENCE_HEADER_BSD}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD2== [[LICENCE_HEADER_BSD2]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD2}}</nowiki></b> {{:LICENCE_HEADER_BSD2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD3== [[LICENCE_HEADER_BSD3]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD3}}</nowiki></b> {{:LICENCE_HEADER_BSD3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==CC0== [[LICENCE_HEADER_CC0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> {{:LICENCE_HEADER_CC0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} </nowiki> </div> </div> ==CC-BY== [[LICENCE_HEADER_CC_BY]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY}}</nowiki></b> {{:LICENCE_HEADER_CC_BY}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CC BY-NC-SA 4.0== [[LICENCE_HEADER_CC_BY-NC-SA_4.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-NC-SA_4.0}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-NC-SA_4.0 Licence</b><br \> More information about the <b>CC BY-NC-SA_4.0 licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CDDLv1.0== [[LICENCE_HEADER_CDDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CDDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_CDDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} </nowiki> </div> </div> ==EPLv2.0== [[LICENCE_HEADER_EPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_EPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_EPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.1== [[LICENCE_HEADER_GFDL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDL}}</nowiki></b> {{:LICENCE_HEADER_GFDL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.2== [[LICENCE_HEADER_GFDLv1.2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.2}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.3== [[LICENCE_HEADER_GFDLv1.3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.3}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GPLv1== [[LICENCE_HEADER_GPL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPL}}</nowiki></b> {{:LICENCE_HEADER_GPL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==GPLv2== [[LICENCE_HEADER_GPLv2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv2}}</nowiki></b> {{:LICENCE_HEADER_GPLv2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div> </div> |} </nowiki> </div> </div> ==GPLv3== [[LICENCE_HEADER_GPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv3}}</nowiki></b> {{:LICENCE_HEADER_GPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div> </div> |} </nowiki> </div> </div> ==LGPLv2.1== [[LICENCE_HEADER_LGPLv2.1]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv2.1}}</nowiki></b> {{:LICENCE_HEADER_LGPLv2.1}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. � 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS � How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==LGPLv3== [[LICENCE_HEADER_LGPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv3}}</nowiki></b> {{:LICENCE_HEADER_LGPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div> </div> |} </nowiki> </div> </div> ==MIT== [[LICENCE_HEADER_MIT]]<br \> <b><nowiki>{{:LICENCE_HEADER_MIT}}</nowiki></b> {{:LICENCE_HEADER_MIT}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==MPLv2.0== [[LICENCE_HEADER_MPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_MPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_MPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div> </div> |} </nowiki> </div> </div> ==PDLv1.0== [[LICENCE_HEADER_PDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_PDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_PDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div> </div> |} </nowiki> </div> </div> ==PIRATE== This Licence is for shits and giggles, don't use on public server<br \> [[LICENCE_HEADER_PIRATE]]<br \> <b><nowiki>{{:LICENCE_HEADER_PIRATE}}</nowiki></b> {{:LICENCE_HEADER_PIRATE}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence! LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div> </div> |} </nowiki> </div> </div> 802bvmvr6mxxc22ips9c61crm86tlro 143 142 2023-03-06T11:00:13Z Noob 1 /* CC BY-NC-SA 4.0 */ 143 wikitext text/x-wiki * Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENCE_HEADER_APACHE2}}</nowiki></b> {{:LICENCE_HEADER_APACHE2}} <!-- delete below if mess up --> <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste to your page: <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </pre> </div> </div> |} </nowiki> </div> </div> ==BDS0== [[LICENCE_HEADER_BSD0]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD0}}</nowiki></b> {{:LICENCE_HEADER_BSD0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==BSD1== [[LICENCE_HEADER_BSD]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD}}</nowiki></b> {{:LICENCE_HEADER_BSD}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD2== [[LICENCE_HEADER_BSD2]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD2}}</nowiki></b> {{:LICENCE_HEADER_BSD2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==BSD3== [[LICENCE_HEADER_BSD3]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD3}}</nowiki></b> {{:LICENCE_HEADER_BSD3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </nowiki> </div> </div> ==CC0== [[LICENCE_HEADER_CC0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> {{:LICENCE_HEADER_CC0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} </nowiki> </div> </div> ==CC-BY== [[LICENCE_HEADER_CC_BY]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY}}</nowiki></b> {{:LICENCE_HEADER_CC_BY}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </nowiki> </div> </div> ==CC BY-NC-SA 4.0== [[LICENCE_HEADER_CC_BY-NC-SA_4.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-NC-SA_4.0}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-NC-SA_4.0 Licence</b><br \> More information about the <b>CC BY-NC-SA_4.0 licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> <pre> You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> <pre> Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License ("Public License"). To the extent this Public License may be interpreted as a contract, You are granted the Licensed Rights in consideration of Your acceptance of these terms and conditions, and the Licensor grants You such rights in consideration of benefits the Licensor receives from making the Licensed Material available under these terms and conditions. Section 1 – Definitions. Adapted Material means material subject to Copyright and Similar Rights that is derived from or based upon the Licensed Material and in which the Licensed Material is translated, altered, arranged, transformed, or otherwise modified in a manner requiring permission under the Copyright and Similar Rights held by the Licensor. For purposes of this Public License, where the Licensed Material is a musical work, performance, or sound recording, Adapted Material is always produced where the Licensed Material is synched in timed relation with a moving image. Adapter's License means the license You apply to Your Copyright and Similar Rights in Your contributions to Adapted Material in accordance with the terms and conditions of this Public License. BY-NC-SA Compatible License means a license listed at creativecommons.org/compatiblelicenses, approved by Creative Commons as essentially the equivalent of this Public License. Copyright and Similar Rights means copyright and/or similar rights closely related to copyright including, without limitation, performance, broadcast, sound recording, and Sui Generis Database Rights, without regard to how the rights are labeled or categorized. For purposes of this Public License, the rights specified in Section 2(b)(1)-(2) are not Copyright and Similar Rights. Effective Technological Measures means those measures that, in the absence of proper authority, may not be circumvented under laws fulfilling obligations under Article 11 of the WIPO Copyright Treaty adopted on December 20, 1996, and/or similar international agreements. Exceptions and Limitations means fair use, fair dealing, and/or any other exception or limitation to Copyright and Similar Rights that applies to Your use of the Licensed Material. License Elements means the license attributes listed in the name of a Creative Commons Public License. The License Elements of this Public License are Attribution, NonCommercial, and ShareAlike. Licensed Material means the artistic or literary work, database, or other material to which the Licensor applied this Public License. Licensed Rights means the rights granted to You subject to the terms and conditions of this Public License, which are limited to all Copyright and Similar Rights that apply to Your use of the Licensed Material and that the Licensor has authority to license. Licensor means the individual(s) or entity(ies) granting rights under this Public License. NonCommercial means not primarily intended for or directed towards commercial advantage or monetary compensation. For purposes of this Public License, the exchange of the Licensed Material for other material subject to Copyright and Similar Rights by digital file-sharing or similar means is NonCommercial provided there is no payment of monetary compensation in connection with the exchange. Share means to provide material to the public by any means or process that requires permission under the Licensed Rights, such as reproduction, public display, public performance, distribution, dissemination, communication, or importation, and to make material available to the public including in ways that members of the public may access the material from a place and at a time individually chosen by them. Sui Generis Database Rights means rights other than copyright resulting from Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, as amended and/or succeeded, as well as other essentially equivalent rights anywhere in the world. You means the individual or entity exercising the Licensed Rights under this Public License. Your has a corresponding meaning. Section 2 – Scope. License grant. Subject to the terms and conditions of this Public License, the Licensor hereby grants You a worldwide, royalty-free, non-sublicensable, non-exclusive, irrevocable license to exercise the Licensed Rights in the Licensed Material to: reproduce and Share the Licensed Material, in whole or in part, for NonCommercial purposes only; and produce, reproduce, and Share Adapted Material for NonCommercial purposes only. Exceptions and Limitations. For the avoidance of doubt, where Exceptions and Limitations apply to Your use, this Public License does not apply, and You do not need to comply with its terms and conditions. Term. The term of this Public License is specified in Section 6(a). Media and formats; technical modifications allowed. The Licensor authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this Public License, simply making modifications authorized by this Section 2(a)(4) never produces Adapted Material. Downstream recipients. Offer from the Licensor – Licensed Material. Every recipient of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights under the terms and conditions of this Public License. Additional offer from the Licensor – Adapted Material. Every recipient of Adapted Material from You automatically receives an offer from the Licensor to exercise the Licensed Rights in the Adapted Material under the conditions of the Adapter’s License You apply. No downstream restrictions. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, the Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed Material. No endorsement. Nothing in this Public License constitutes or may be construed as permission to assert or imply that You are, or that Your use of the Licensed Material is, connected with, or sponsored, endorsed, or granted official status by, the Licensor or others designated to receive attribution as provided in Section 3(a)(1)(A)(i). Other rights. Moral rights, such as the right of integrity, are not licensed under this Public License, nor are publicity, privacy, and/or other similar personality rights; however, to the extent possible, the Licensor waives and/or agrees not to assert any such rights held by the Licensor to the limited extent necessary to allow You to exercise the Licensed Rights, but not otherwise. Patent and trademark rights are not licensed under this Public License. To the extent possible, the Licensor waives any right to collect royalties from You for the exercise of the Licensed Rights, whether directly or through a collecting society under any voluntary or waivable statutory or compulsory licensing scheme. In all other cases the Licensor expressly reserves any right to collect such royalties, including when the Licensed Material is used other than for NonCommercial purposes. Section 3 – License Conditions. Your exercise of the Licensed Rights is expressly made subject to the following conditions. Attribution. If You Share the Licensed Material (including in modified form), You must: retain the following if it is supplied by the Licensor with the Licensed Material: identification of the creator(s) of the Licensed Material and any others designated to receive attribution, in any reasonable manner requested by the Licensor (including by pseudonym if designated); a copyright notice; a notice that refers to this Public License; a notice that refers to the disclaimer of warranties; a URI or hyperlink to the Licensed Material to the extent reasonably practicable; indicate if You modified the Licensed Material and retain an indication of any previous modifications; and indicate the Licensed Material is licensed under this Public License, and include the text of, or the URI or hyperlink to, this Public License. You may satisfy the conditions in Section 3(a)(1) in any reasonable manner based on the medium, means, and context in which You Share the Licensed Material. For example, it may be reasonable to satisfy the conditions by providing a URI or hyperlink to a resource that includes the required information. If requested by the Licensor, You must remove any of the information required by Section 3(a)(1)(A) to the extent reasonably practicable. ShareAlike. In addition to the conditions in Section 3(a), if You Share Adapted Material You produce, the following conditions also apply. The Adapter’s License You apply must be a Creative Commons license with the same License Elements, this version or later, or a BY-NC-SA Compatible License. You must include the text of, or the URI or hyperlink to, the Adapter's License You apply. You may satisfy this condition in any reasonable manner based on the medium, means, and context in which You Share Adapted Material. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, Adapted Material that restrict exercise of the rights granted under the Adapter's License You apply. Section 4 – Sui Generis Database Rights. Where the Licensed Rights include Sui Generis Database Rights that apply to Your use of the Licensed Material: for the avoidance of doubt, Section 2(a)(1) grants You the right to extract, reuse, reproduce, and Share all or a substantial portion of the contents of the database for NonCommercial purposes only; if You include all or a substantial portion of the database contents in a database in which You have Sui Generis Database Rights, then the database in which You have Sui Generis Database Rights (but not its individual contents) is Adapted Material, including for purposes of Section 3(b); and You must comply with the conditions in Section 3(a) if You Share all or a substantial portion of the contents of the database. For the avoidance of doubt, this Section 4 supplements and does not replace Your obligations under this Public License where the Licensed Rights include other Copyright and Similar Rights. Section 5 – Disclaimer of Warranties and Limitation of Liability. Unless otherwise separately undertaken by the Licensor, to the extent possible, the Licensor offers the Licensed Material as-is and as-available, and makes no representations or warranties of any kind concerning the Licensed Material, whether express, implied, statutory, or other. This includes, without limitation, warranties of title, merchantability, fitness for a particular purpose, non-infringement, absence of latent or other defects, accuracy, or the presence or absence of errors, whether or not known or discoverable. Where disclaimers of warranties are not allowed in full or in part, this disclaimer may not apply to You. To the extent possible, in no event will the Licensor be liable to You on any legal theory (including, without limitation, negligence) or otherwise for any direct, special, indirect, incidental, consequential, punitive, exemplary, or other losses, costs, expenses, or damages arising out of this Public License or use of the Licensed Material, even if the Licensor has been advised of the possibility of such losses, costs, expenses, or damages. Where a limitation of liability is not allowed in full or in part, this limitation may not apply to You. The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the extent possible, most closely approximates an absolute disclaimer and waiver of all liability. Section 6 – Term and Termination. This Public License applies for the term of the Copyright and Similar Rights licensed here. However, if You fail to comply with this Public License, then Your rights under this Public License terminate automatically. Where Your right to use the Licensed Material has terminated under Section 6(a), it reinstates: automatically as of the date the violation is cured, provided it is cured within 30 days of Your discovery of the violation; or upon express reinstatement by the Licensor. For the avoidance of doubt, this Section 6(b) does not affect any right the Licensor may have to seek remedies for Your violations of this Public License. For the avoidance of doubt, the Licensor may also offer the Licensed Material under separate terms or conditions or stop distributing the Licensed Material at any time; however, doing so will not terminate this Public License. Sections 1, 5, 6, 7, and 8 survive termination of this Public License. Section 7 – Other Terms and Conditions. The Licensor shall not be bound by any additional or different terms or conditions communicated by You unless expressly agreed. Any arrangements, understandings, or agreements regarding the Licensed Material not stated herein are separate from and independent of the terms and conditions of this Public License. Section 8 – Interpretation. For the avoidance of doubt, this Public License does not, and shall not be interpreted to, reduce, limit, restrict, or impose conditions on any use of the Licensed Material that could lawfully be made without permission under this Public License. To the extent possible, if any provision of this Public License is deemed unenforceable, it shall be automatically reformed to the minimum extent necessary to make it enforceable. If the provision cannot be reformed, it shall be severed from this Public License without affecting the enforceability of the remaining terms and conditions. No term or condition of this Public License will be waived and no failure to comply consented to unless expressly agreed to by the Licensor. Nothing in this Public License constitutes or may be interpreted as a limitation upon, or waiver of, any privileges and immunities that apply to the Licensor or You, including from the legal processes of any jurisdiction or authority. </pre> </div> </div> |} </nowiki> </div> </div> ==CDDLv1.0== [[LICENCE_HEADER_CDDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CDDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_CDDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} </nowiki> </div> </div> ==EPLv2.0== [[LICENCE_HEADER_EPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_EPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_EPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.1== [[LICENCE_HEADER_GFDL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDL}}</nowiki></b> {{:LICENCE_HEADER_GFDL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.2== [[LICENCE_HEADER_GFDLv1.2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.2}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GFDLv1.3== [[LICENCE_HEADER_GFDLv1.3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.3}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </nowiki> </div> </div> ==GPLv1== [[LICENCE_HEADER_GPL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPL}}</nowiki></b> {{:LICENCE_HEADER_GPL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==GPLv2== [[LICENCE_HEADER_GPLv2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv2}}</nowiki></b> {{:LICENCE_HEADER_GPLv2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div> </div> |} </nowiki> </div> </div> ==GPLv3== [[LICENCE_HEADER_GPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv3}}</nowiki></b> {{:LICENCE_HEADER_GPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div> </div> |} </nowiki> </div> </div> ==LGPLv2.1== [[LICENCE_HEADER_LGPLv2.1]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv2.1}}</nowiki></b> {{:LICENCE_HEADER_LGPLv2.1}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. � 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS � How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div> </div> |} </nowiki> </div> </div> ==LGPLv3== [[LICENCE_HEADER_LGPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv3}}</nowiki></b> {{:LICENCE_HEADER_LGPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div> </div> |} </nowiki> </div> </div> ==MIT== [[LICENCE_HEADER_MIT]]<br \> <b><nowiki>{{:LICENCE_HEADER_MIT}}</nowiki></b> {{:LICENCE_HEADER_MIT}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div> </div> |} </nowiki> </div> </div> ==MPLv2.0== [[LICENCE_HEADER_MPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_MPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_MPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div> </div> |} </nowiki> </div> </div> ==PDLv1.0== [[LICENCE_HEADER_PDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_PDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_PDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div> </div> |} </nowiki> </div> </div> ==PIRATE== This Licence is for shits and giggles, don't use on public server<br \> [[LICENCE_HEADER_PIRATE]]<br \> <b><nowiki>{{:LICENCE_HEADER_PIRATE}}</nowiki></b> {{:LICENCE_HEADER_PIRATE}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence! LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div> </div> |} </nowiki> </div> </div> g7p0dalkwqg6py2fkmzvda7tobasrjf 369 143 2023-04-27T22:55:52Z AwesomO 5 369 wikitext text/x-wiki * Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> ==Blank Template== This Licence is for Importing Licences from other projects that are eligable to be posted/imported on this site<br \> [[LICENCE_HEADER_BLANK]]<br \> <b><nowiki>{{:LICENCE_HEADER_BLANK}}</nowiki></b> {{:LICENCE_HEADER_BLANK}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>ENTER LICENCE NAME</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> ENTER LICENCE HERE </div> </div> |} </pre> </div> </div> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENCE_HEADER_APACHE2}}</nowiki></b> {{:LICENCE_HEADER_APACHE2}} <!-- delete below if mess up --> <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste to your page: <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </div> </div> |} </pre> </div> </div> ==BDS0== [[LICENCE_HEADER_BSD0]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD0}}</nowiki></b> {{:LICENCE_HEADER_BSD0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} </pre> </div> </div> ==BSD1== [[LICENCE_HEADER_BSD]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD}}</nowiki></b> {{:LICENCE_HEADER_BSD}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div></div> |} </pre> </div> </div> ==BSD2== [[LICENCE_HEADER_BSD2]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD2}}</nowiki></b> {{:LICENCE_HEADER_BSD2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==BSD3== [[LICENCE_HEADER_BSD3]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD3}}</nowiki></b> {{:LICENCE_HEADER_BSD3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==CC0== [[LICENCE_HEADER_CC0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> {{:LICENCE_HEADER_CC0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} </pre> </div> </div> ==CC-BY== [[LICENCE_HEADER_CC_BY]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY}}</nowiki></b> {{:LICENCE_HEADER_CC_BY}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </pre> </div> </div> ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </pre> </div> </div> ==CC BY-NC-SA 4.0== [[LICENCE_HEADER_CC_BY-NC-SA_4.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-NC-SA_4.0}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre style="color: red"> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-NC-SA_4.0 Licence</b><br \> More information about the <b>CC BY-NC-SA_4.0 licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> &lt;pre&gt; You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits. &lt;/pre&gt; </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> <pre> Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License ("Public License"). To the extent this Public License may be interpreted as a contract, You are granted the Licensed Rights in consideration of Your acceptance of these terms and conditions, and the Licensor grants You such rights in consideration of benefits the Licensor receives from making the Licensed Material available under these terms and conditions. Section 1 – Definitions. Adapted Material means material subject to Copyright and Similar Rights that is derived from or based upon the Licensed Material and in which the Licensed Material is translated, altered, arranged, transformed, or otherwise modified in a manner requiring permission under the Copyright and Similar Rights held by the Licensor. For purposes of this Public License, where the Licensed Material is a musical work, performance, or sound recording, Adapted Material is always produced where the Licensed Material is synched in timed relation with a moving image. Adapter's License means the license You apply to Your Copyright and Similar Rights in Your contributions to Adapted Material in accordance with the terms and conditions of this Public License. BY-NC-SA Compatible License means a license listed at creativecommons.org/compatiblelicenses, approved by Creative Commons as essentially the equivalent of this Public License. Copyright and Similar Rights means copyright and/or similar rights closely related to copyright including, without limitation, performance, broadcast, sound recording, and Sui Generis Database Rights, without regard to how the rights are labeled or categorized. For purposes of this Public License, the rights specified in Section 2(b)(1)-(2) are not Copyright and Similar Rights. Effective Technological Measures means those measures that, in the absence of proper authority, may not be circumvented under laws fulfilling obligations under Article 11 of the WIPO Copyright Treaty adopted on December 20, 1996, and/or similar international agreements. Exceptions and Limitations means fair use, fair dealing, and/or any other exception or limitation to Copyright and Similar Rights that applies to Your use of the Licensed Material. License Elements means the license attributes listed in the name of a Creative Commons Public License. The License Elements of this Public License are Attribution, NonCommercial, and ShareAlike. Licensed Material means the artistic or literary work, database, or other material to which the Licensor applied this Public License. Licensed Rights means the rights granted to You subject to the terms and conditions of this Public License, which are limited to all Copyright and Similar Rights that apply to Your use of the Licensed Material and that the Licensor has authority to license. Licensor means the individual(s) or entity(ies) granting rights under this Public License. NonCommercial means not primarily intended for or directed towards commercial advantage or monetary compensation. For purposes of this Public License, the exchange of the Licensed Material for other material subject to Copyright and Similar Rights by digital file-sharing or similar means is NonCommercial provided there is no payment of monetary compensation in connection with the exchange. Share means to provide material to the public by any means or process that requires permission under the Licensed Rights, such as reproduction, public display, public performance, distribution, dissemination, communication, or importation, and to make material available to the public including in ways that members of the public may access the material from a place and at a time individually chosen by them. Sui Generis Database Rights means rights other than copyright resulting from Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, as amended and/or succeeded, as well as other essentially equivalent rights anywhere in the world. You means the individual or entity exercising the Licensed Rights under this Public License. Your has a corresponding meaning. Section 2 – Scope. License grant. Subject to the terms and conditions of this Public License, the Licensor hereby grants You a worldwide, royalty-free, non-sublicensable, non-exclusive, irrevocable license to exercise the Licensed Rights in the Licensed Material to: reproduce and Share the Licensed Material, in whole or in part, for NonCommercial purposes only; and produce, reproduce, and Share Adapted Material for NonCommercial purposes only. Exceptions and Limitations. For the avoidance of doubt, where Exceptions and Limitations apply to Your use, this Public License does not apply, and You do not need to comply with its terms and conditions. Term. The term of this Public License is specified in Section 6(a). Media and formats; technical modifications allowed. The Licensor authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this Public License, simply making modifications authorized by this Section 2(a)(4) never produces Adapted Material. Downstream recipients. Offer from the Licensor – Licensed Material. Every recipient of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights under the terms and conditions of this Public License. Additional offer from the Licensor – Adapted Material. Every recipient of Adapted Material from You automatically receives an offer from the Licensor to exercise the Licensed Rights in the Adapted Material under the conditions of the Adapter’s License You apply. No downstream restrictions. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, the Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed Material. No endorsement. Nothing in this Public License constitutes or may be construed as permission to assert or imply that You are, or that Your use of the Licensed Material is, connected with, or sponsored, endorsed, or granted official status by, the Licensor or others designated to receive attribution as provided in Section 3(a)(1)(A)(i). Other rights. Moral rights, such as the right of integrity, are not licensed under this Public License, nor are publicity, privacy, and/or other similar personality rights; however, to the extent possible, the Licensor waives and/or agrees not to assert any such rights held by the Licensor to the limited extent necessary to allow You to exercise the Licensed Rights, but not otherwise. Patent and trademark rights are not licensed under this Public License. To the extent possible, the Licensor waives any right to collect royalties from You for the exercise of the Licensed Rights, whether directly or through a collecting society under any voluntary or waivable statutory or compulsory licensing scheme. In all other cases the Licensor expressly reserves any right to collect such royalties, including when the Licensed Material is used other than for NonCommercial purposes. Section 3 – License Conditions. Your exercise of the Licensed Rights is expressly made subject to the following conditions. Attribution. If You Share the Licensed Material (including in modified form), You must: retain the following if it is supplied by the Licensor with the Licensed Material: identification of the creator(s) of the Licensed Material and any others designated to receive attribution, in any reasonable manner requested by the Licensor (including by pseudonym if designated); a copyright notice; a notice that refers to this Public License; a notice that refers to the disclaimer of warranties; a URI or hyperlink to the Licensed Material to the extent reasonably practicable; indicate if You modified the Licensed Material and retain an indication of any previous modifications; and indicate the Licensed Material is licensed under this Public License, and include the text of, or the URI or hyperlink to, this Public License. You may satisfy the conditions in Section 3(a)(1) in any reasonable manner based on the medium, means, and context in which You Share the Licensed Material. For example, it may be reasonable to satisfy the conditions by providing a URI or hyperlink to a resource that includes the required information. If requested by the Licensor, You must remove any of the information required by Section 3(a)(1)(A) to the extent reasonably practicable. ShareAlike. In addition to the conditions in Section 3(a), if You Share Adapted Material You produce, the following conditions also apply. The Adapter’s License You apply must be a Creative Commons license with the same License Elements, this version or later, or a BY-NC-SA Compatible License. You must include the text of, or the URI or hyperlink to, the Adapter's License You apply. You may satisfy this condition in any reasonable manner based on the medium, means, and context in which You Share Adapted Material. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, Adapted Material that restrict exercise of the rights granted under the Adapter's License You apply. Section 4 – Sui Generis Database Rights. Where the Licensed Rights include Sui Generis Database Rights that apply to Your use of the Licensed Material: for the avoidance of doubt, Section 2(a)(1) grants You the right to extract, reuse, reproduce, and Share all or a substantial portion of the contents of the database for NonCommercial purposes only; if You include all or a substantial portion of the database contents in a database in which You have Sui Generis Database Rights, then the database in which You have Sui Generis Database Rights (but not its individual contents) is Adapted Material, including for purposes of Section 3(b); and You must comply with the conditions in Section 3(a) if You Share all or a substantial portion of the contents of the database. For the avoidance of doubt, this Section 4 supplements and does not replace Your obligations under this Public License where the Licensed Rights include other Copyright and Similar Rights. Section 5 – Disclaimer of Warranties and Limitation of Liability. Unless otherwise separately undertaken by the Licensor, to the extent possible, the Licensor offers the Licensed Material as-is and as-available, and makes no representations or warranties of any kind concerning the Licensed Material, whether express, implied, statutory, or other. This includes, without limitation, warranties of title, merchantability, fitness for a particular purpose, non-infringement, absence of latent or other defects, accuracy, or the presence or absence of errors, whether or not known or discoverable. Where disclaimers of warranties are not allowed in full or in part, this disclaimer may not apply to You. To the extent possible, in no event will the Licensor be liable to You on any legal theory (including, without limitation, negligence) or otherwise for any direct, special, indirect, incidental, consequential, punitive, exemplary, or other losses, costs, expenses, or damages arising out of this Public License or use of the Licensed Material, even if the Licensor has been advised of the possibility of such losses, costs, expenses, or damages. Where a limitation of liability is not allowed in full or in part, this limitation may not apply to You. The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the extent possible, most closely approximates an absolute disclaimer and waiver of all liability. Section 6 – Term and Termination. This Public License applies for the term of the Copyright and Similar Rights licensed here. However, if You fail to comply with this Public License, then Your rights under this Public License terminate automatically. Where Your right to use the Licensed Material has terminated under Section 6(a), it reinstates: automatically as of the date the violation is cured, provided it is cured within 30 days of Your discovery of the violation; or upon express reinstatement by the Licensor. For the avoidance of doubt, this Section 6(b) does not affect any right the Licensor may have to seek remedies for Your violations of this Public License. For the avoidance of doubt, the Licensor may also offer the Licensed Material under separate terms or conditions or stop distributing the Licensed Material at any time; however, doing so will not terminate this Public License. Sections 1, 5, 6, 7, and 8 survive termination of this Public License. Section 7 – Other Terms and Conditions. The Licensor shall not be bound by any additional or different terms or conditions communicated by You unless expressly agreed. Any arrangements, understandings, or agreements regarding the Licensed Material not stated herein are separate from and independent of the terms and conditions of this Public License. Section 8 – Interpretation. For the avoidance of doubt, this Public License does not, and shall not be interpreted to, reduce, limit, restrict, or impose conditions on any use of the Licensed Material that could lawfully be made without permission under this Public License. To the extent possible, if any provision of this Public License is deemed unenforceable, it shall be automatically reformed to the minimum extent necessary to make it enforceable. If the provision cannot be reformed, it shall be severed from this Public License without affecting the enforceability of the remaining terms and conditions. No term or condition of this Public License will be waived and no failure to comply consented to unless expressly agreed to by the Licensor. Nothing in this Public License constitutes or may be interpreted as a limitation upon, or waiver of, any privileges and immunities that apply to the Licensor or You, including from the legal processes of any jurisdiction or authority. </div> </div> |} </pre> </div> </div> ==CDDLv1.0== [[LICENCE_HEADER_CDDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CDDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_CDDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} </pre> </div> </div> ==EPLv2.0== [[LICENCE_HEADER_EPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_EPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_EPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. |} </div> </div> </pre> </div> </div> ==FreeBSD documentation== [[LICENCE_HEADER_FreeBSD_Documentation]]<br \> <b><nowiki>{{:LICENCE_HEADER_FreeBSD_Documentation}}</nowiki></b> {{:LICENCE_HEADER_FreeBSD_Documentation}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>FreeBSD Documentation License</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> <pre> Copyright (c) YEAR <YEAR OF DOCUMENTATION>, <AUTHOR NAME>. All rights reserved. Redistribution and use in source (SGML DocBook) and 'compiled' forms (SGML, HTML, PDF, PostScript, RTF and so forth) with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code (SGML DocBook) must retain the above copyright notice, this list of conditions and the following disclaimer as the first lines of this file unmodified. 2. Redistributions in compiled form (transformed to other DTDs, converted to PDF, PostScript, RTF and other formats) must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==GFDLv1.1== [[LICENCE_HEADER_GFDL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDL}}</nowiki></b> {{:LICENCE_HEADER_GFDL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </pre> </div> </div> ==GFDLv1.2== [[LICENCE_HEADER_GFDLv1.2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.2}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div></div> |} </pre> </div> </div> ==GFDLv1.3== [[LICENCE_HEADER_GFDLv1.3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.3}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div></div> |} </pre> </div> </div> ==GPLv1== [[LICENCE_HEADER_GPL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPL}}</nowiki></b> {{:LICENCE_HEADER_GPL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div></div> |} </pre> </div> </div> ==GPLv2== [[LICENCE_HEADER_GPLv2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv2}}</nowiki></b> {{:LICENCE_HEADER_GPLv2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div></div> |} </pre> </div> </div> ==GPLv3== [[LICENCE_HEADER_GPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv3}}</nowiki></b> {{:LICENCE_HEADER_GPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div></div> |} </pre> </div> </div> ==LGPLv2.1== [[LICENCE_HEADER_LGPLv2.1]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv2.1}}</nowiki></b> {{:LICENCE_HEADER_LGPLv2.1}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div></div> |} </pre> </div> </div> ==LGPLv3== [[LICENCE_HEADER_LGPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv3}}</nowiki></b> {{:LICENCE_HEADER_LGPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div></div> |} </pre> </div> </div> ==MIT== [[LICENCE_HEADER_MIT]]<br \> <b><nowiki>{{:LICENCE_HEADER_MIT}}</nowiki></b> {{:LICENCE_HEADER_MIT}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div></div> |} </pre> </div> </div> ==MPLv2.0== [[LICENCE_HEADER_MPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_MPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_MPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div></div> |} </pre> </div> </div> ==PDLv1.0== [[LICENCE_HEADER_PDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_PDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_PDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div></div> |} </pre> </div> </div> ==PIRATE== This Licence is for shits and giggles, don't use on public server<br \> [[LICENCE_HEADER_PIRATE]]<br \> <b><nowiki>{{:LICENCE_HEADER_PIRATE}}</nowiki></b> {{:LICENCE_HEADER_PIRATE}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence! LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div></div> |} </pre> </div> </div> tkzyc7as7fgmv2onkkbxj06mkl4wkci 370 369 2023-04-27T22:57:31Z AwesomO 5 370 wikitext text/x-wiki * Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> : * [[Find_the_License_of_Man_Pages|How to find the license of a '''Man''' Page]] ==Blank Template== This Licence is for Importing Licences from other projects that are eligable to be posted/imported on this site<br \> [[LICENCE_HEADER_BLANK]]<br \> <b><nowiki>{{:LICENCE_HEADER_BLANK}}</nowiki></b> {{:LICENCE_HEADER_BLANK}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>ENTER LICENCE NAME</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> ENTER LICENCE HERE </div> </div> |} </pre> </div> </div> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENCE_HEADER_APACHE2}}</nowiki></b> {{:LICENCE_HEADER_APACHE2}} <!-- delete below if mess up --> <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste to your page: <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </div> </div> |} </pre> </div> </div> ==BDS0== [[LICENCE_HEADER_BSD0]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD0}}</nowiki></b> {{:LICENCE_HEADER_BSD0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} </pre> </div> </div> ==BSD1== [[LICENCE_HEADER_BSD]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD}}</nowiki></b> {{:LICENCE_HEADER_BSD}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div></div> |} </pre> </div> </div> ==BSD2== [[LICENCE_HEADER_BSD2]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD2}}</nowiki></b> {{:LICENCE_HEADER_BSD2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==BSD3== [[LICENCE_HEADER_BSD3]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD3}}</nowiki></b> {{:LICENCE_HEADER_BSD3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==CC0== [[LICENCE_HEADER_CC0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> {{:LICENCE_HEADER_CC0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} </pre> </div> </div> ==CC-BY== [[LICENCE_HEADER_CC_BY]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY}}</nowiki></b> {{:LICENCE_HEADER_CC_BY}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </pre> </div> </div> ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </pre> </div> </div> ==CC BY-NC-SA 4.0== [[LICENCE_HEADER_CC_BY-NC-SA_4.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-NC-SA_4.0}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre style="color: red"> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-NC-SA_4.0 Licence</b><br \> More information about the <b>CC BY-NC-SA_4.0 licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> &lt;pre&gt; You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits. &lt;/pre&gt; </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> <pre> Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License ("Public License"). To the extent this Public License may be interpreted as a contract, You are granted the Licensed Rights in consideration of Your acceptance of these terms and conditions, and the Licensor grants You such rights in consideration of benefits the Licensor receives from making the Licensed Material available under these terms and conditions. Section 1 – Definitions. Adapted Material means material subject to Copyright and Similar Rights that is derived from or based upon the Licensed Material and in which the Licensed Material is translated, altered, arranged, transformed, or otherwise modified in a manner requiring permission under the Copyright and Similar Rights held by the Licensor. For purposes of this Public License, where the Licensed Material is a musical work, performance, or sound recording, Adapted Material is always produced where the Licensed Material is synched in timed relation with a moving image. Adapter's License means the license You apply to Your Copyright and Similar Rights in Your contributions to Adapted Material in accordance with the terms and conditions of this Public License. BY-NC-SA Compatible License means a license listed at creativecommons.org/compatiblelicenses, approved by Creative Commons as essentially the equivalent of this Public License. Copyright and Similar Rights means copyright and/or similar rights closely related to copyright including, without limitation, performance, broadcast, sound recording, and Sui Generis Database Rights, without regard to how the rights are labeled or categorized. For purposes of this Public License, the rights specified in Section 2(b)(1)-(2) are not Copyright and Similar Rights. Effective Technological Measures means those measures that, in the absence of proper authority, may not be circumvented under laws fulfilling obligations under Article 11 of the WIPO Copyright Treaty adopted on December 20, 1996, and/or similar international agreements. Exceptions and Limitations means fair use, fair dealing, and/or any other exception or limitation to Copyright and Similar Rights that applies to Your use of the Licensed Material. License Elements means the license attributes listed in the name of a Creative Commons Public License. The License Elements of this Public License are Attribution, NonCommercial, and ShareAlike. Licensed Material means the artistic or literary work, database, or other material to which the Licensor applied this Public License. Licensed Rights means the rights granted to You subject to the terms and conditions of this Public License, which are limited to all Copyright and Similar Rights that apply to Your use of the Licensed Material and that the Licensor has authority to license. Licensor means the individual(s) or entity(ies) granting rights under this Public License. NonCommercial means not primarily intended for or directed towards commercial advantage or monetary compensation. For purposes of this Public License, the exchange of the Licensed Material for other material subject to Copyright and Similar Rights by digital file-sharing or similar means is NonCommercial provided there is no payment of monetary compensation in connection with the exchange. Share means to provide material to the public by any means or process that requires permission under the Licensed Rights, such as reproduction, public display, public performance, distribution, dissemination, communication, or importation, and to make material available to the public including in ways that members of the public may access the material from a place and at a time individually chosen by them. Sui Generis Database Rights means rights other than copyright resulting from Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, as amended and/or succeeded, as well as other essentially equivalent rights anywhere in the world. You means the individual or entity exercising the Licensed Rights under this Public License. Your has a corresponding meaning. Section 2 – Scope. License grant. Subject to the terms and conditions of this Public License, the Licensor hereby grants You a worldwide, royalty-free, non-sublicensable, non-exclusive, irrevocable license to exercise the Licensed Rights in the Licensed Material to: reproduce and Share the Licensed Material, in whole or in part, for NonCommercial purposes only; and produce, reproduce, and Share Adapted Material for NonCommercial purposes only. Exceptions and Limitations. For the avoidance of doubt, where Exceptions and Limitations apply to Your use, this Public License does not apply, and You do not need to comply with its terms and conditions. Term. The term of this Public License is specified in Section 6(a). Media and formats; technical modifications allowed. The Licensor authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this Public License, simply making modifications authorized by this Section 2(a)(4) never produces Adapted Material. Downstream recipients. Offer from the Licensor – Licensed Material. Every recipient of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights under the terms and conditions of this Public License. Additional offer from the Licensor – Adapted Material. Every recipient of Adapted Material from You automatically receives an offer from the Licensor to exercise the Licensed Rights in the Adapted Material under the conditions of the Adapter’s License You apply. No downstream restrictions. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, the Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed Material. No endorsement. Nothing in this Public License constitutes or may be construed as permission to assert or imply that You are, or that Your use of the Licensed Material is, connected with, or sponsored, endorsed, or granted official status by, the Licensor or others designated to receive attribution as provided in Section 3(a)(1)(A)(i). Other rights. Moral rights, such as the right of integrity, are not licensed under this Public License, nor are publicity, privacy, and/or other similar personality rights; however, to the extent possible, the Licensor waives and/or agrees not to assert any such rights held by the Licensor to the limited extent necessary to allow You to exercise the Licensed Rights, but not otherwise. Patent and trademark rights are not licensed under this Public License. To the extent possible, the Licensor waives any right to collect royalties from You for the exercise of the Licensed Rights, whether directly or through a collecting society under any voluntary or waivable statutory or compulsory licensing scheme. In all other cases the Licensor expressly reserves any right to collect such royalties, including when the Licensed Material is used other than for NonCommercial purposes. Section 3 – License Conditions. Your exercise of the Licensed Rights is expressly made subject to the following conditions. Attribution. If You Share the Licensed Material (including in modified form), You must: retain the following if it is supplied by the Licensor with the Licensed Material: identification of the creator(s) of the Licensed Material and any others designated to receive attribution, in any reasonable manner requested by the Licensor (including by pseudonym if designated); a copyright notice; a notice that refers to this Public License; a notice that refers to the disclaimer of warranties; a URI or hyperlink to the Licensed Material to the extent reasonably practicable; indicate if You modified the Licensed Material and retain an indication of any previous modifications; and indicate the Licensed Material is licensed under this Public License, and include the text of, or the URI or hyperlink to, this Public License. You may satisfy the conditions in Section 3(a)(1) in any reasonable manner based on the medium, means, and context in which You Share the Licensed Material. For example, it may be reasonable to satisfy the conditions by providing a URI or hyperlink to a resource that includes the required information. If requested by the Licensor, You must remove any of the information required by Section 3(a)(1)(A) to the extent reasonably practicable. ShareAlike. In addition to the conditions in Section 3(a), if You Share Adapted Material You produce, the following conditions also apply. The Adapter’s License You apply must be a Creative Commons license with the same License Elements, this version or later, or a BY-NC-SA Compatible License. You must include the text of, or the URI or hyperlink to, the Adapter's License You apply. You may satisfy this condition in any reasonable manner based on the medium, means, and context in which You Share Adapted Material. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, Adapted Material that restrict exercise of the rights granted under the Adapter's License You apply. Section 4 – Sui Generis Database Rights. Where the Licensed Rights include Sui Generis Database Rights that apply to Your use of the Licensed Material: for the avoidance of doubt, Section 2(a)(1) grants You the right to extract, reuse, reproduce, and Share all or a substantial portion of the contents of the database for NonCommercial purposes only; if You include all or a substantial portion of the database contents in a database in which You have Sui Generis Database Rights, then the database in which You have Sui Generis Database Rights (but not its individual contents) is Adapted Material, including for purposes of Section 3(b); and You must comply with the conditions in Section 3(a) if You Share all or a substantial portion of the contents of the database. For the avoidance of doubt, this Section 4 supplements and does not replace Your obligations under this Public License where the Licensed Rights include other Copyright and Similar Rights. Section 5 – Disclaimer of Warranties and Limitation of Liability. Unless otherwise separately undertaken by the Licensor, to the extent possible, the Licensor offers the Licensed Material as-is and as-available, and makes no representations or warranties of any kind concerning the Licensed Material, whether express, implied, statutory, or other. This includes, without limitation, warranties of title, merchantability, fitness for a particular purpose, non-infringement, absence of latent or other defects, accuracy, or the presence or absence of errors, whether or not known or discoverable. Where disclaimers of warranties are not allowed in full or in part, this disclaimer may not apply to You. To the extent possible, in no event will the Licensor be liable to You on any legal theory (including, without limitation, negligence) or otherwise for any direct, special, indirect, incidental, consequential, punitive, exemplary, or other losses, costs, expenses, or damages arising out of this Public License or use of the Licensed Material, even if the Licensor has been advised of the possibility of such losses, costs, expenses, or damages. Where a limitation of liability is not allowed in full or in part, this limitation may not apply to You. The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the extent possible, most closely approximates an absolute disclaimer and waiver of all liability. Section 6 – Term and Termination. This Public License applies for the term of the Copyright and Similar Rights licensed here. However, if You fail to comply with this Public License, then Your rights under this Public License terminate automatically. Where Your right to use the Licensed Material has terminated under Section 6(a), it reinstates: automatically as of the date the violation is cured, provided it is cured within 30 days of Your discovery of the violation; or upon express reinstatement by the Licensor. For the avoidance of doubt, this Section 6(b) does not affect any right the Licensor may have to seek remedies for Your violations of this Public License. For the avoidance of doubt, the Licensor may also offer the Licensed Material under separate terms or conditions or stop distributing the Licensed Material at any time; however, doing so will not terminate this Public License. Sections 1, 5, 6, 7, and 8 survive termination of this Public License. Section 7 – Other Terms and Conditions. The Licensor shall not be bound by any additional or different terms or conditions communicated by You unless expressly agreed. Any arrangements, understandings, or agreements regarding the Licensed Material not stated herein are separate from and independent of the terms and conditions of this Public License. Section 8 – Interpretation. For the avoidance of doubt, this Public License does not, and shall not be interpreted to, reduce, limit, restrict, or impose conditions on any use of the Licensed Material that could lawfully be made without permission under this Public License. To the extent possible, if any provision of this Public License is deemed unenforceable, it shall be automatically reformed to the minimum extent necessary to make it enforceable. If the provision cannot be reformed, it shall be severed from this Public License without affecting the enforceability of the remaining terms and conditions. No term or condition of this Public License will be waived and no failure to comply consented to unless expressly agreed to by the Licensor. Nothing in this Public License constitutes or may be interpreted as a limitation upon, or waiver of, any privileges and immunities that apply to the Licensor or You, including from the legal processes of any jurisdiction or authority. </div> </div> |} </pre> </div> </div> ==CDDLv1.0== [[LICENCE_HEADER_CDDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CDDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_CDDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} </pre> </div> </div> ==EPLv2.0== [[LICENCE_HEADER_EPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_EPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_EPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. |} </div> </div> </pre> </div> </div> ==FreeBSD documentation== [[LICENCE_HEADER_FreeBSD_Documentation]]<br \> <b><nowiki>{{:LICENCE_HEADER_FreeBSD_Documentation}}</nowiki></b> {{:LICENCE_HEADER_FreeBSD_Documentation}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>FreeBSD Documentation License</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> <pre> Copyright (c) YEAR <YEAR OF DOCUMENTATION>, <AUTHOR NAME>. All rights reserved. Redistribution and use in source (SGML DocBook) and 'compiled' forms (SGML, HTML, PDF, PostScript, RTF and so forth) with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code (SGML DocBook) must retain the above copyright notice, this list of conditions and the following disclaimer as the first lines of this file unmodified. 2. Redistributions in compiled form (transformed to other DTDs, converted to PDF, PostScript, RTF and other formats) must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==GFDLv1.1== [[LICENCE_HEADER_GFDL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDL}}</nowiki></b> {{:LICENCE_HEADER_GFDL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </pre> </div> </div> ==GFDLv1.2== [[LICENCE_HEADER_GFDLv1.2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.2}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div></div> |} </pre> </div> </div> ==GFDLv1.3== [[LICENCE_HEADER_GFDLv1.3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.3}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div></div> |} </pre> </div> </div> ==GPLv1== [[LICENCE_HEADER_GPL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPL}}</nowiki></b> {{:LICENCE_HEADER_GPL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div></div> |} </pre> </div> </div> ==GPLv2== [[LICENCE_HEADER_GPLv2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv2}}</nowiki></b> {{:LICENCE_HEADER_GPLv2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div></div> |} </pre> </div> </div> ==GPLv3== [[LICENCE_HEADER_GPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv3}}</nowiki></b> {{:LICENCE_HEADER_GPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div></div> |} </pre> </div> </div> ==LGPLv2.1== [[LICENCE_HEADER_LGPLv2.1]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv2.1}}</nowiki></b> {{:LICENCE_HEADER_LGPLv2.1}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div></div> |} </pre> </div> </div> ==LGPLv3== [[LICENCE_HEADER_LGPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv3}}</nowiki></b> {{:LICENCE_HEADER_LGPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div></div> |} </pre> </div> </div> ==MIT== [[LICENCE_HEADER_MIT]]<br \> <b><nowiki>{{:LICENCE_HEADER_MIT}}</nowiki></b> {{:LICENCE_HEADER_MIT}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div></div> |} </pre> </div> </div> ==MPLv2.0== [[LICENCE_HEADER_MPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_MPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_MPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div></div> |} </pre> </div> </div> ==PDLv1.0== [[LICENCE_HEADER_PDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_PDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_PDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div></div> |} </pre> </div> </div> ==PIRATE== This Licence is for shits and giggles, don't use on public server<br \> [[LICENCE_HEADER_PIRATE]]<br \> <b><nowiki>{{:LICENCE_HEADER_PIRATE}}</nowiki></b> {{:LICENCE_HEADER_PIRATE}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence! LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div></div> |} </pre> </div> </div> hlz2745ukilx9diaaa6gznyp8g53u4s 380 370 2023-05-03T12:19:10Z AwesomO 5 /* FreeBSD documentation */ 380 wikitext text/x-wiki * Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> : * [[Find_the_License_of_Man_Pages|How to find the license of a '''Man''' Page]] ==Blank Template== This Licence is for Importing Licences from other projects that are eligable to be posted/imported on this site<br \> [[LICENCE_HEADER_BLANK]]<br \> <b><nowiki>{{:LICENCE_HEADER_BLANK}}</nowiki></b> {{:LICENCE_HEADER_BLANK}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>ENTER LICENCE NAME</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> ENTER LICENCE HERE </div> </div> |} </pre> </div> </div> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENCE_HEADER_APACHE2}}</nowiki></b> {{:LICENCE_HEADER_APACHE2}} <!-- delete below if mess up --> <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste to your page: <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </div> </div> |} </pre> </div> </div> ==BDS0== [[LICENCE_HEADER_BSD0]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD0}}</nowiki></b> {{:LICENCE_HEADER_BSD0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} </pre> </div> </div> ==BSD1== [[LICENCE_HEADER_BSD]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD}}</nowiki></b> {{:LICENCE_HEADER_BSD}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div></div> |} </pre> </div> </div> ==BSD2== [[LICENCE_HEADER_BSD2]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD2}}</nowiki></b> {{:LICENCE_HEADER_BSD2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==BSD3== [[LICENCE_HEADER_BSD3]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD3}}</nowiki></b> {{:LICENCE_HEADER_BSD3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==CC0== [[LICENCE_HEADER_CC0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> {{:LICENCE_HEADER_CC0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} </pre> </div> </div> ==CC-BY== [[LICENCE_HEADER_CC_BY]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY}}</nowiki></b> {{:LICENCE_HEADER_CC_BY}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </pre> </div> </div> ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </pre> </div> </div> ==CC BY-NC-SA 4.0== [[LICENCE_HEADER_CC_BY-NC-SA_4.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-NC-SA_4.0}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre style="color: red"> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-NC-SA_4.0 Licence</b><br \> More information about the <b>CC BY-NC-SA_4.0 licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> &lt;pre&gt; You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits. &lt;/pre&gt; </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> <pre> Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License ("Public License"). To the extent this Public License may be interpreted as a contract, You are granted the Licensed Rights in consideration of Your acceptance of these terms and conditions, and the Licensor grants You such rights in consideration of benefits the Licensor receives from making the Licensed Material available under these terms and conditions. Section 1 – Definitions. Adapted Material means material subject to Copyright and Similar Rights that is derived from or based upon the Licensed Material and in which the Licensed Material is translated, altered, arranged, transformed, or otherwise modified in a manner requiring permission under the Copyright and Similar Rights held by the Licensor. For purposes of this Public License, where the Licensed Material is a musical work, performance, or sound recording, Adapted Material is always produced where the Licensed Material is synched in timed relation with a moving image. Adapter's License means the license You apply to Your Copyright and Similar Rights in Your contributions to Adapted Material in accordance with the terms and conditions of this Public License. BY-NC-SA Compatible License means a license listed at creativecommons.org/compatiblelicenses, approved by Creative Commons as essentially the equivalent of this Public License. Copyright and Similar Rights means copyright and/or similar rights closely related to copyright including, without limitation, performance, broadcast, sound recording, and Sui Generis Database Rights, without regard to how the rights are labeled or categorized. For purposes of this Public License, the rights specified in Section 2(b)(1)-(2) are not Copyright and Similar Rights. Effective Technological Measures means those measures that, in the absence of proper authority, may not be circumvented under laws fulfilling obligations under Article 11 of the WIPO Copyright Treaty adopted on December 20, 1996, and/or similar international agreements. Exceptions and Limitations means fair use, fair dealing, and/or any other exception or limitation to Copyright and Similar Rights that applies to Your use of the Licensed Material. License Elements means the license attributes listed in the name of a Creative Commons Public License. The License Elements of this Public License are Attribution, NonCommercial, and ShareAlike. Licensed Material means the artistic or literary work, database, or other material to which the Licensor applied this Public License. Licensed Rights means the rights granted to You subject to the terms and conditions of this Public License, which are limited to all Copyright and Similar Rights that apply to Your use of the Licensed Material and that the Licensor has authority to license. Licensor means the individual(s) or entity(ies) granting rights under this Public License. NonCommercial means not primarily intended for or directed towards commercial advantage or monetary compensation. For purposes of this Public License, the exchange of the Licensed Material for other material subject to Copyright and Similar Rights by digital file-sharing or similar means is NonCommercial provided there is no payment of monetary compensation in connection with the exchange. Share means to provide material to the public by any means or process that requires permission under the Licensed Rights, such as reproduction, public display, public performance, distribution, dissemination, communication, or importation, and to make material available to the public including in ways that members of the public may access the material from a place and at a time individually chosen by them. Sui Generis Database Rights means rights other than copyright resulting from Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, as amended and/or succeeded, as well as other essentially equivalent rights anywhere in the world. You means the individual or entity exercising the Licensed Rights under this Public License. Your has a corresponding meaning. Section 2 – Scope. License grant. Subject to the terms and conditions of this Public License, the Licensor hereby grants You a worldwide, royalty-free, non-sublicensable, non-exclusive, irrevocable license to exercise the Licensed Rights in the Licensed Material to: reproduce and Share the Licensed Material, in whole or in part, for NonCommercial purposes only; and produce, reproduce, and Share Adapted Material for NonCommercial purposes only. Exceptions and Limitations. For the avoidance of doubt, where Exceptions and Limitations apply to Your use, this Public License does not apply, and You do not need to comply with its terms and conditions. Term. The term of this Public License is specified in Section 6(a). Media and formats; technical modifications allowed. The Licensor authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this Public License, simply making modifications authorized by this Section 2(a)(4) never produces Adapted Material. Downstream recipients. Offer from the Licensor – Licensed Material. Every recipient of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights under the terms and conditions of this Public License. Additional offer from the Licensor – Adapted Material. Every recipient of Adapted Material from You automatically receives an offer from the Licensor to exercise the Licensed Rights in the Adapted Material under the conditions of the Adapter’s License You apply. No downstream restrictions. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, the Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed Material. No endorsement. Nothing in this Public License constitutes or may be construed as permission to assert or imply that You are, or that Your use of the Licensed Material is, connected with, or sponsored, endorsed, or granted official status by, the Licensor or others designated to receive attribution as provided in Section 3(a)(1)(A)(i). Other rights. Moral rights, such as the right of integrity, are not licensed under this Public License, nor are publicity, privacy, and/or other similar personality rights; however, to the extent possible, the Licensor waives and/or agrees not to assert any such rights held by the Licensor to the limited extent necessary to allow You to exercise the Licensed Rights, but not otherwise. Patent and trademark rights are not licensed under this Public License. To the extent possible, the Licensor waives any right to collect royalties from You for the exercise of the Licensed Rights, whether directly or through a collecting society under any voluntary or waivable statutory or compulsory licensing scheme. In all other cases the Licensor expressly reserves any right to collect such royalties, including when the Licensed Material is used other than for NonCommercial purposes. Section 3 – License Conditions. Your exercise of the Licensed Rights is expressly made subject to the following conditions. Attribution. If You Share the Licensed Material (including in modified form), You must: retain the following if it is supplied by the Licensor with the Licensed Material: identification of the creator(s) of the Licensed Material and any others designated to receive attribution, in any reasonable manner requested by the Licensor (including by pseudonym if designated); a copyright notice; a notice that refers to this Public License; a notice that refers to the disclaimer of warranties; a URI or hyperlink to the Licensed Material to the extent reasonably practicable; indicate if You modified the Licensed Material and retain an indication of any previous modifications; and indicate the Licensed Material is licensed under this Public License, and include the text of, or the URI or hyperlink to, this Public License. You may satisfy the conditions in Section 3(a)(1) in any reasonable manner based on the medium, means, and context in which You Share the Licensed Material. For example, it may be reasonable to satisfy the conditions by providing a URI or hyperlink to a resource that includes the required information. If requested by the Licensor, You must remove any of the information required by Section 3(a)(1)(A) to the extent reasonably practicable. ShareAlike. In addition to the conditions in Section 3(a), if You Share Adapted Material You produce, the following conditions also apply. The Adapter’s License You apply must be a Creative Commons license with the same License Elements, this version or later, or a BY-NC-SA Compatible License. You must include the text of, or the URI or hyperlink to, the Adapter's License You apply. You may satisfy this condition in any reasonable manner based on the medium, means, and context in which You Share Adapted Material. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, Adapted Material that restrict exercise of the rights granted under the Adapter's License You apply. Section 4 – Sui Generis Database Rights. Where the Licensed Rights include Sui Generis Database Rights that apply to Your use of the Licensed Material: for the avoidance of doubt, Section 2(a)(1) grants You the right to extract, reuse, reproduce, and Share all or a substantial portion of the contents of the database for NonCommercial purposes only; if You include all or a substantial portion of the database contents in a database in which You have Sui Generis Database Rights, then the database in which You have Sui Generis Database Rights (but not its individual contents) is Adapted Material, including for purposes of Section 3(b); and You must comply with the conditions in Section 3(a) if You Share all or a substantial portion of the contents of the database. For the avoidance of doubt, this Section 4 supplements and does not replace Your obligations under this Public License where the Licensed Rights include other Copyright and Similar Rights. Section 5 – Disclaimer of Warranties and Limitation of Liability. Unless otherwise separately undertaken by the Licensor, to the extent possible, the Licensor offers the Licensed Material as-is and as-available, and makes no representations or warranties of any kind concerning the Licensed Material, whether express, implied, statutory, or other. This includes, without limitation, warranties of title, merchantability, fitness for a particular purpose, non-infringement, absence of latent or other defects, accuracy, or the presence or absence of errors, whether or not known or discoverable. Where disclaimers of warranties are not allowed in full or in part, this disclaimer may not apply to You. To the extent possible, in no event will the Licensor be liable to You on any legal theory (including, without limitation, negligence) or otherwise for any direct, special, indirect, incidental, consequential, punitive, exemplary, or other losses, costs, expenses, or damages arising out of this Public License or use of the Licensed Material, even if the Licensor has been advised of the possibility of such losses, costs, expenses, or damages. Where a limitation of liability is not allowed in full or in part, this limitation may not apply to You. The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the extent possible, most closely approximates an absolute disclaimer and waiver of all liability. Section 6 – Term and Termination. This Public License applies for the term of the Copyright and Similar Rights licensed here. However, if You fail to comply with this Public License, then Your rights under this Public License terminate automatically. Where Your right to use the Licensed Material has terminated under Section 6(a), it reinstates: automatically as of the date the violation is cured, provided it is cured within 30 days of Your discovery of the violation; or upon express reinstatement by the Licensor. For the avoidance of doubt, this Section 6(b) does not affect any right the Licensor may have to seek remedies for Your violations of this Public License. For the avoidance of doubt, the Licensor may also offer the Licensed Material under separate terms or conditions or stop distributing the Licensed Material at any time; however, doing so will not terminate this Public License. Sections 1, 5, 6, 7, and 8 survive termination of this Public License. Section 7 – Other Terms and Conditions. The Licensor shall not be bound by any additional or different terms or conditions communicated by You unless expressly agreed. Any arrangements, understandings, or agreements regarding the Licensed Material not stated herein are separate from and independent of the terms and conditions of this Public License. Section 8 – Interpretation. For the avoidance of doubt, this Public License does not, and shall not be interpreted to, reduce, limit, restrict, or impose conditions on any use of the Licensed Material that could lawfully be made without permission under this Public License. To the extent possible, if any provision of this Public License is deemed unenforceable, it shall be automatically reformed to the minimum extent necessary to make it enforceable. If the provision cannot be reformed, it shall be severed from this Public License without affecting the enforceability of the remaining terms and conditions. No term or condition of this Public License will be waived and no failure to comply consented to unless expressly agreed to by the Licensor. Nothing in this Public License constitutes or may be interpreted as a limitation upon, or waiver of, any privileges and immunities that apply to the Licensor or You, including from the legal processes of any jurisdiction or authority. </div> </div> |} </pre> </div> </div> ==CDDLv1.0== [[LICENCE_HEADER_CDDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CDDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_CDDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} </pre> </div> </div> ==EPLv2.0== [[LICENCE_HEADER_EPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_EPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_EPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. |} </div> </div> </pre> </div> </div> ==FreeBSD documentation== [[LICENCE_HEADER_FreeBSD_Documentation]]<br \> <b><nowiki>{{:LICENCE_HEADER_FreeBSD_Documentation}}</nowiki></b><br> {{:LICENCE_HEADER_FreeBSD_Documentation}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>FreeBSD Documentation License</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> <pre> Copyright (c) YEAR <YEAR OF DOCUMENTATION>, <AUTHOR NAME>. All rights reserved. Redistribution and use in source (SGML DocBook) and 'compiled' forms (SGML, HTML, PDF, PostScript, RTF and so forth) with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code (SGML DocBook) must retain the above copyright notice, this list of conditions and the following disclaimer as the first lines of this file unmodified. 2. Redistributions in compiled form (transformed to other DTDs, converted to PDF, PostScript, RTF and other formats) must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==GFDLv1.1== [[LICENCE_HEADER_GFDL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDL}}</nowiki></b> {{:LICENCE_HEADER_GFDL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </pre> </div> </div> ==GFDLv1.2== [[LICENCE_HEADER_GFDLv1.2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.2}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div></div> |} </pre> </div> </div> ==GFDLv1.3== [[LICENCE_HEADER_GFDLv1.3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.3}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div></div> |} </pre> </div> </div> ==GPLv1== [[LICENCE_HEADER_GPL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPL}}</nowiki></b> {{:LICENCE_HEADER_GPL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div></div> |} </pre> </div> </div> ==GPLv2== [[LICENCE_HEADER_GPLv2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv2}}</nowiki></b> {{:LICENCE_HEADER_GPLv2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div></div> |} </pre> </div> </div> ==GPLv3== [[LICENCE_HEADER_GPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv3}}</nowiki></b> {{:LICENCE_HEADER_GPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div></div> |} </pre> </div> </div> ==LGPLv2.1== [[LICENCE_HEADER_LGPLv2.1]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv2.1}}</nowiki></b> {{:LICENCE_HEADER_LGPLv2.1}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div></div> |} </pre> </div> </div> ==LGPLv3== [[LICENCE_HEADER_LGPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv3}}</nowiki></b> {{:LICENCE_HEADER_LGPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div></div> |} </pre> </div> </div> ==MIT== [[LICENCE_HEADER_MIT]]<br \> <b><nowiki>{{:LICENCE_HEADER_MIT}}</nowiki></b> {{:LICENCE_HEADER_MIT}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div></div> |} </pre> </div> </div> ==MPLv2.0== [[LICENCE_HEADER_MPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_MPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_MPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div></div> |} </pre> </div> </div> ==PDLv1.0== [[LICENCE_HEADER_PDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_PDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_PDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div></div> |} </pre> </div> </div> ==PIRATE== This Licence is for shits and giggles, don't use on public server<br \> [[LICENCE_HEADER_PIRATE]]<br \> <b><nowiki>{{:LICENCE_HEADER_PIRATE}}</nowiki></b> {{:LICENCE_HEADER_PIRATE}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence! LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div></div> |} </pre> </div> </div> hf82rmy1kerhappjrvuu1jihfzu7293 607 380 2025-07-07T13:18:59Z AwesomO 5 /* CC-BY */ 607 wikitext text/x-wiki * Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> : * [[Find_the_License_of_Man_Pages|How to find the license of a '''Man''' Page]] ==Blank Template== This Licence is for Importing Licences from other projects that are eligable to be posted/imported on this site<br \> [[LICENCE_HEADER_BLANK]]<br \> <b><nowiki>{{:LICENCE_HEADER_BLANK}}</nowiki></b> {{:LICENCE_HEADER_BLANK}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>ENTER LICENCE NAME</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> ENTER LICENCE HERE </div> </div> |} </pre> </div> </div> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENCE_HEADER_APACHE2}}</nowiki></b> {{:LICENCE_HEADER_APACHE2}} <!-- delete below if mess up --> <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste to your page: <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </div> </div> |} </pre> </div> </div> ==BDS0== [[LICENCE_HEADER_BSD0]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD0}}</nowiki></b> {{:LICENCE_HEADER_BSD0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} </pre> </div> </div> ==BSD1== [[LICENCE_HEADER_BSD]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD}}</nowiki></b> {{:LICENCE_HEADER_BSD}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div></div> |} </pre> </div> </div> ==BSD2== [[LICENCE_HEADER_BSD2]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD2}}</nowiki></b> {{:LICENCE_HEADER_BSD2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==BSD3== [[LICENCE_HEADER_BSD3]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD3}}</nowiki></b> {{:LICENCE_HEADER_BSD3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==CC0== [[LICENCE_HEADER_CC0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> {{:LICENCE_HEADER_CC0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} </pre> </div> </div> ==CC-BY== [[LICENCE_HEADER_CC_BY]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY}}</nowiki></b> {{:LICENCE_HEADER_CC_BY}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </pre> </div> </div> ==CC-BY V3 == [[LICENCE_HEADER_CC_BY_V3]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY_V3}}</nowiki></b> {{:LICENCE_HEADER_CC_BY_V3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/3.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> You are free to: * Share — copy and redistribute the material in any medium or format for any purpose, even commercially. * Adapt — remix, transform, and build upon the material for any purpose, even commercially. * The licensor cannot revoke these freedoms as long as you follow the license terms. * https://creativecommons.org/licenses/by/3.0/ Under the following terms: * Attribution — You must give [[https://creativecommons.org/licenses/by/3.0/#ref-appropriate-credit| appropriate credit]] , provide a link to the license, and [[https://creativecommons.org/licenses/by/3.0/#ref-indicate-changes indicate if changes were made]] . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. * No additional restrictions — You may not apply legal terms or [[https://creativecommons.org/licenses/by/3.0/#ref-technological-measures| technological measures]] that legally restrict others from doing anything the license permits. Notices: You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable [[https://creativecommons.org/licenses/by/3.0/#ref-exception-or-limitation| exception or limitation]] . No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as [[https://creativecommons.org/licenses/by/3.0/#ref-publicity-privacy-or-moral-rights| publicity, privacy, or moral rights]] may limit how you use the material. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: https://creativecommons.org/licenses/by/3.0/legalcode.en <div class="mw-collapsible-content"> <pre> Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions Adaptation means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. Collection means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. Distribute means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. Licensor means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. Original Author means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. Work means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. You means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. Publicly Perform means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. Reproduce means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; to Distribute and Publicly Perform the Work including as incorporated in Collections; and, to Distribute and Publicly Perform Adaptations. For the avoidance of doubt: Non-waivable Compulsory License Schemes . In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; Waivable Compulsory License Schemes . In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, Voluntary License Schemes . The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f) , all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b) , as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b) , as requested. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a) , keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and, (iv) consistent with Section 3(b) , in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING AND TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO THIS EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. </pre> </div> </div> |} </nowiki> </div> </div> ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </pre> </div> </div> ==CC BY-NC-SA 4.0== [[LICENCE_HEADER_CC_BY-NC-SA_4.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-NC-SA_4.0}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre style="color: red"> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-NC-SA_4.0 Licence</b><br \> More information about the <b>CC BY-NC-SA_4.0 licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> &lt;pre&gt; You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits. &lt;/pre&gt; </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> <pre> Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License ("Public License"). To the extent this Public License may be interpreted as a contract, You are granted the Licensed Rights in consideration of Your acceptance of these terms and conditions, and the Licensor grants You such rights in consideration of benefits the Licensor receives from making the Licensed Material available under these terms and conditions. Section 1 – Definitions. Adapted Material means material subject to Copyright and Similar Rights that is derived from or based upon the Licensed Material and in which the Licensed Material is translated, altered, arranged, transformed, or otherwise modified in a manner requiring permission under the Copyright and Similar Rights held by the Licensor. For purposes of this Public License, where the Licensed Material is a musical work, performance, or sound recording, Adapted Material is always produced where the Licensed Material is synched in timed relation with a moving image. Adapter's License means the license You apply to Your Copyright and Similar Rights in Your contributions to Adapted Material in accordance with the terms and conditions of this Public License. BY-NC-SA Compatible License means a license listed at creativecommons.org/compatiblelicenses, approved by Creative Commons as essentially the equivalent of this Public License. Copyright and Similar Rights means copyright and/or similar rights closely related to copyright including, without limitation, performance, broadcast, sound recording, and Sui Generis Database Rights, without regard to how the rights are labeled or categorized. For purposes of this Public License, the rights specified in Section 2(b)(1)-(2) are not Copyright and Similar Rights. Effective Technological Measures means those measures that, in the absence of proper authority, may not be circumvented under laws fulfilling obligations under Article 11 of the WIPO Copyright Treaty adopted on December 20, 1996, and/or similar international agreements. Exceptions and Limitations means fair use, fair dealing, and/or any other exception or limitation to Copyright and Similar Rights that applies to Your use of the Licensed Material. License Elements means the license attributes listed in the name of a Creative Commons Public License. The License Elements of this Public License are Attribution, NonCommercial, and ShareAlike. Licensed Material means the artistic or literary work, database, or other material to which the Licensor applied this Public License. Licensed Rights means the rights granted to You subject to the terms and conditions of this Public License, which are limited to all Copyright and Similar Rights that apply to Your use of the Licensed Material and that the Licensor has authority to license. Licensor means the individual(s) or entity(ies) granting rights under this Public License. NonCommercial means not primarily intended for or directed towards commercial advantage or monetary compensation. For purposes of this Public License, the exchange of the Licensed Material for other material subject to Copyright and Similar Rights by digital file-sharing or similar means is NonCommercial provided there is no payment of monetary compensation in connection with the exchange. Share means to provide material to the public by any means or process that requires permission under the Licensed Rights, such as reproduction, public display, public performance, distribution, dissemination, communication, or importation, and to make material available to the public including in ways that members of the public may access the material from a place and at a time individually chosen by them. Sui Generis Database Rights means rights other than copyright resulting from Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, as amended and/or succeeded, as well as other essentially equivalent rights anywhere in the world. You means the individual or entity exercising the Licensed Rights under this Public License. Your has a corresponding meaning. Section 2 – Scope. License grant. Subject to the terms and conditions of this Public License, the Licensor hereby grants You a worldwide, royalty-free, non-sublicensable, non-exclusive, irrevocable license to exercise the Licensed Rights in the Licensed Material to: reproduce and Share the Licensed Material, in whole or in part, for NonCommercial purposes only; and produce, reproduce, and Share Adapted Material for NonCommercial purposes only. Exceptions and Limitations. For the avoidance of doubt, where Exceptions and Limitations apply to Your use, this Public License does not apply, and You do not need to comply with its terms and conditions. Term. The term of this Public License is specified in Section 6(a). Media and formats; technical modifications allowed. The Licensor authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this Public License, simply making modifications authorized by this Section 2(a)(4) never produces Adapted Material. Downstream recipients. Offer from the Licensor – Licensed Material. Every recipient of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights under the terms and conditions of this Public License. Additional offer from the Licensor – Adapted Material. Every recipient of Adapted Material from You automatically receives an offer from the Licensor to exercise the Licensed Rights in the Adapted Material under the conditions of the Adapter’s License You apply. No downstream restrictions. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, the Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed Material. No endorsement. Nothing in this Public License constitutes or may be construed as permission to assert or imply that You are, or that Your use of the Licensed Material is, connected with, or sponsored, endorsed, or granted official status by, the Licensor or others designated to receive attribution as provided in Section 3(a)(1)(A)(i). Other rights. Moral rights, such as the right of integrity, are not licensed under this Public License, nor are publicity, privacy, and/or other similar personality rights; however, to the extent possible, the Licensor waives and/or agrees not to assert any such rights held by the Licensor to the limited extent necessary to allow You to exercise the Licensed Rights, but not otherwise. Patent and trademark rights are not licensed under this Public License. To the extent possible, the Licensor waives any right to collect royalties from You for the exercise of the Licensed Rights, whether directly or through a collecting society under any voluntary or waivable statutory or compulsory licensing scheme. In all other cases the Licensor expressly reserves any right to collect such royalties, including when the Licensed Material is used other than for NonCommercial purposes. Section 3 – License Conditions. Your exercise of the Licensed Rights is expressly made subject to the following conditions. Attribution. If You Share the Licensed Material (including in modified form), You must: retain the following if it is supplied by the Licensor with the Licensed Material: identification of the creator(s) of the Licensed Material and any others designated to receive attribution, in any reasonable manner requested by the Licensor (including by pseudonym if designated); a copyright notice; a notice that refers to this Public License; a notice that refers to the disclaimer of warranties; a URI or hyperlink to the Licensed Material to the extent reasonably practicable; indicate if You modified the Licensed Material and retain an indication of any previous modifications; and indicate the Licensed Material is licensed under this Public License, and include the text of, or the URI or hyperlink to, this Public License. You may satisfy the conditions in Section 3(a)(1) in any reasonable manner based on the medium, means, and context in which You Share the Licensed Material. For example, it may be reasonable to satisfy the conditions by providing a URI or hyperlink to a resource that includes the required information. If requested by the Licensor, You must remove any of the information required by Section 3(a)(1)(A) to the extent reasonably practicable. ShareAlike. In addition to the conditions in Section 3(a), if You Share Adapted Material You produce, the following conditions also apply. The Adapter’s License You apply must be a Creative Commons license with the same License Elements, this version or later, or a BY-NC-SA Compatible License. You must include the text of, or the URI or hyperlink to, the Adapter's License You apply. You may satisfy this condition in any reasonable manner based on the medium, means, and context in which You Share Adapted Material. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, Adapted Material that restrict exercise of the rights granted under the Adapter's License You apply. Section 4 – Sui Generis Database Rights. Where the Licensed Rights include Sui Generis Database Rights that apply to Your use of the Licensed Material: for the avoidance of doubt, Section 2(a)(1) grants You the right to extract, reuse, reproduce, and Share all or a substantial portion of the contents of the database for NonCommercial purposes only; if You include all or a substantial portion of the database contents in a database in which You have Sui Generis Database Rights, then the database in which You have Sui Generis Database Rights (but not its individual contents) is Adapted Material, including for purposes of Section 3(b); and You must comply with the conditions in Section 3(a) if You Share all or a substantial portion of the contents of the database. For the avoidance of doubt, this Section 4 supplements and does not replace Your obligations under this Public License where the Licensed Rights include other Copyright and Similar Rights. Section 5 – Disclaimer of Warranties and Limitation of Liability. Unless otherwise separately undertaken by the Licensor, to the extent possible, the Licensor offers the Licensed Material as-is and as-available, and makes no representations or warranties of any kind concerning the Licensed Material, whether express, implied, statutory, or other. This includes, without limitation, warranties of title, merchantability, fitness for a particular purpose, non-infringement, absence of latent or other defects, accuracy, or the presence or absence of errors, whether or not known or discoverable. Where disclaimers of warranties are not allowed in full or in part, this disclaimer may not apply to You. To the extent possible, in no event will the Licensor be liable to You on any legal theory (including, without limitation, negligence) or otherwise for any direct, special, indirect, incidental, consequential, punitive, exemplary, or other losses, costs, expenses, or damages arising out of this Public License or use of the Licensed Material, even if the Licensor has been advised of the possibility of such losses, costs, expenses, or damages. Where a limitation of liability is not allowed in full or in part, this limitation may not apply to You. The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the extent possible, most closely approximates an absolute disclaimer and waiver of all liability. Section 6 – Term and Termination. This Public License applies for the term of the Copyright and Similar Rights licensed here. However, if You fail to comply with this Public License, then Your rights under this Public License terminate automatically. Where Your right to use the Licensed Material has terminated under Section 6(a), it reinstates: automatically as of the date the violation is cured, provided it is cured within 30 days of Your discovery of the violation; or upon express reinstatement by the Licensor. For the avoidance of doubt, this Section 6(b) does not affect any right the Licensor may have to seek remedies for Your violations of this Public License. For the avoidance of doubt, the Licensor may also offer the Licensed Material under separate terms or conditions or stop distributing the Licensed Material at any time; however, doing so will not terminate this Public License. Sections 1, 5, 6, 7, and 8 survive termination of this Public License. Section 7 – Other Terms and Conditions. The Licensor shall not be bound by any additional or different terms or conditions communicated by You unless expressly agreed. Any arrangements, understandings, or agreements regarding the Licensed Material not stated herein are separate from and independent of the terms and conditions of this Public License. Section 8 – Interpretation. For the avoidance of doubt, this Public License does not, and shall not be interpreted to, reduce, limit, restrict, or impose conditions on any use of the Licensed Material that could lawfully be made without permission under this Public License. To the extent possible, if any provision of this Public License is deemed unenforceable, it shall be automatically reformed to the minimum extent necessary to make it enforceable. If the provision cannot be reformed, it shall be severed from this Public License without affecting the enforceability of the remaining terms and conditions. No term or condition of this Public License will be waived and no failure to comply consented to unless expressly agreed to by the Licensor. Nothing in this Public License constitutes or may be interpreted as a limitation upon, or waiver of, any privileges and immunities that apply to the Licensor or You, including from the legal processes of any jurisdiction or authority. </div> </div> |} </pre> </div> </div> ==CDDLv1.0== [[LICENCE_HEADER_CDDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CDDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_CDDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} </pre> </div> </div> ==EPLv2.0== [[LICENCE_HEADER_EPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_EPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_EPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. |} </div> </div> </pre> </div> </div> ==FreeBSD documentation== [[LICENCE_HEADER_FreeBSD_Documentation]]<br \> <b><nowiki>{{:LICENCE_HEADER_FreeBSD_Documentation}}</nowiki></b><br> {{:LICENCE_HEADER_FreeBSD_Documentation}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>FreeBSD Documentation License</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> <pre> Copyright (c) YEAR <YEAR OF DOCUMENTATION>, <AUTHOR NAME>. All rights reserved. Redistribution and use in source (SGML DocBook) and 'compiled' forms (SGML, HTML, PDF, PostScript, RTF and so forth) with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code (SGML DocBook) must retain the above copyright notice, this list of conditions and the following disclaimer as the first lines of this file unmodified. 2. Redistributions in compiled form (transformed to other DTDs, converted to PDF, PostScript, RTF and other formats) must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==GFDLv1.1== [[LICENCE_HEADER_GFDL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDL}}</nowiki></b> {{:LICENCE_HEADER_GFDL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </pre> </div> </div> ==GFDLv1.2== [[LICENCE_HEADER_GFDLv1.2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.2}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div></div> |} </pre> </div> </div> ==GFDLv1.3== [[LICENCE_HEADER_GFDLv1.3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.3}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div></div> |} </pre> </div> </div> ==GPLv1== [[LICENCE_HEADER_GPL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPL}}</nowiki></b> {{:LICENCE_HEADER_GPL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div></div> |} </pre> </div> </div> ==GPLv2== [[LICENCE_HEADER_GPLv2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv2}}</nowiki></b> {{:LICENCE_HEADER_GPLv2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div></div> |} </pre> </div> </div> ==GPLv3== [[LICENCE_HEADER_GPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv3}}</nowiki></b> {{:LICENCE_HEADER_GPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div></div> |} </pre> </div> </div> ==LGPLv2.1== [[LICENCE_HEADER_LGPLv2.1]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv2.1}}</nowiki></b> {{:LICENCE_HEADER_LGPLv2.1}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div></div> |} </pre> </div> </div> ==LGPLv3== [[LICENCE_HEADER_LGPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv3}}</nowiki></b> {{:LICENCE_HEADER_LGPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div></div> |} </pre> </div> </div> ==MIT== [[LICENCE_HEADER_MIT]]<br \> <b><nowiki>{{:LICENCE_HEADER_MIT}}</nowiki></b> {{:LICENCE_HEADER_MIT}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div></div> |} </pre> </div> </div> ==MPLv2.0== [[LICENCE_HEADER_MPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_MPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_MPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div></div> |} </pre> </div> </div> ==PDLv1.0== [[LICENCE_HEADER_PDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_PDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_PDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div></div> |} </pre> </div> </div> ==PIRATE== This Licence is for shits and giggles, don't use on public server<br \> [[LICENCE_HEADER_PIRATE]]<br \> <b><nowiki>{{:LICENCE_HEADER_PIRATE}}</nowiki></b> {{:LICENCE_HEADER_PIRATE}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence! LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div></div> |} </pre> </div> </div> 16klz8lkwyodqngxz6wq3huu2o61id4 619 607 2025-07-11T19:33:56Z AwesomO 5 /* PIRATE */ 619 wikitext text/x-wiki * Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> : * [[Find_the_License_of_Man_Pages|How to find the license of a '''Man''' Page]] ==Blank Template== This Licence is for Importing Licences from other projects that are eligable to be posted/imported on this site<br \> [[LICENCE_HEADER_BLANK]]<br \> <b><nowiki>{{:LICENCE_HEADER_BLANK}}</nowiki></b> {{:LICENCE_HEADER_BLANK}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>ENTER LICENCE NAME</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> ENTER LICENCE HERE </div> </div> |} </pre> </div> </div> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENCE_HEADER_APACHE2}}</nowiki></b> {{:LICENCE_HEADER_APACHE2}} <!-- delete below if mess up --> <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste to your page: <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </div> </div> |} </pre> </div> </div> ==BDS0== [[LICENCE_HEADER_BSD0]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD0}}</nowiki></b> {{:LICENCE_HEADER_BSD0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} </pre> </div> </div> ==BSD1== [[LICENCE_HEADER_BSD]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD}}</nowiki></b> {{:LICENCE_HEADER_BSD}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div></div> |} </pre> </div> </div> ==BSD2== [[LICENCE_HEADER_BSD2]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD2}}</nowiki></b> {{:LICENCE_HEADER_BSD2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==BSD3== [[LICENCE_HEADER_BSD3]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD3}}</nowiki></b> {{:LICENCE_HEADER_BSD3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==CC0== [[LICENCE_HEADER_CC0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> {{:LICENCE_HEADER_CC0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} </pre> </div> </div> ==CC-BY== [[LICENCE_HEADER_CC_BY]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY}}</nowiki></b> {{:LICENCE_HEADER_CC_BY}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </pre> </div> </div> ==CC-BY V3 == [[LICENCE_HEADER_CC_BY_V3]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY_V3}}</nowiki></b> {{:LICENCE_HEADER_CC_BY_V3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/3.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> You are free to: * Share — copy and redistribute the material in any medium or format for any purpose, even commercially. * Adapt — remix, transform, and build upon the material for any purpose, even commercially. * The licensor cannot revoke these freedoms as long as you follow the license terms. * https://creativecommons.org/licenses/by/3.0/ Under the following terms: * Attribution — You must give [[https://creativecommons.org/licenses/by/3.0/#ref-appropriate-credit| appropriate credit]] , provide a link to the license, and [[https://creativecommons.org/licenses/by/3.0/#ref-indicate-changes indicate if changes were made]] . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. * No additional restrictions — You may not apply legal terms or [[https://creativecommons.org/licenses/by/3.0/#ref-technological-measures| technological measures]] that legally restrict others from doing anything the license permits. Notices: You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable [[https://creativecommons.org/licenses/by/3.0/#ref-exception-or-limitation| exception or limitation]] . No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as [[https://creativecommons.org/licenses/by/3.0/#ref-publicity-privacy-or-moral-rights| publicity, privacy, or moral rights]] may limit how you use the material. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: https://creativecommons.org/licenses/by/3.0/legalcode.en <div class="mw-collapsible-content"> <pre> Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions Adaptation means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. Collection means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. Distribute means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. Licensor means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. Original Author means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. Work means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. You means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. Publicly Perform means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. Reproduce means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; to Distribute and Publicly Perform the Work including as incorporated in Collections; and, to Distribute and Publicly Perform Adaptations. For the avoidance of doubt: Non-waivable Compulsory License Schemes . In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; Waivable Compulsory License Schemes . In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, Voluntary License Schemes . The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f) , all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b) , as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b) , as requested. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a) , keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and, (iv) consistent with Section 3(b) , in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING AND TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO THIS EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. </pre> </div> </div> |} </nowiki> </div> </div> ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </pre> </div> </div> ==CC BY-NC-SA 4.0== [[LICENCE_HEADER_CC_BY-NC-SA_4.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-NC-SA_4.0}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre style="color: red"> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-NC-SA_4.0 Licence</b><br \> More information about the <b>CC BY-NC-SA_4.0 licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> &lt;pre&gt; You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits. &lt;/pre&gt; </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> <pre> Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License ("Public License"). To the extent this Public License may be interpreted as a contract, You are granted the Licensed Rights in consideration of Your acceptance of these terms and conditions, and the Licensor grants You such rights in consideration of benefits the Licensor receives from making the Licensed Material available under these terms and conditions. Section 1 – Definitions. Adapted Material means material subject to Copyright and Similar Rights that is derived from or based upon the Licensed Material and in which the Licensed Material is translated, altered, arranged, transformed, or otherwise modified in a manner requiring permission under the Copyright and Similar Rights held by the Licensor. For purposes of this Public License, where the Licensed Material is a musical work, performance, or sound recording, Adapted Material is always produced where the Licensed Material is synched in timed relation with a moving image. Adapter's License means the license You apply to Your Copyright and Similar Rights in Your contributions to Adapted Material in accordance with the terms and conditions of this Public License. BY-NC-SA Compatible License means a license listed at creativecommons.org/compatiblelicenses, approved by Creative Commons as essentially the equivalent of this Public License. Copyright and Similar Rights means copyright and/or similar rights closely related to copyright including, without limitation, performance, broadcast, sound recording, and Sui Generis Database Rights, without regard to how the rights are labeled or categorized. For purposes of this Public License, the rights specified in Section 2(b)(1)-(2) are not Copyright and Similar Rights. Effective Technological Measures means those measures that, in the absence of proper authority, may not be circumvented under laws fulfilling obligations under Article 11 of the WIPO Copyright Treaty adopted on December 20, 1996, and/or similar international agreements. Exceptions and Limitations means fair use, fair dealing, and/or any other exception or limitation to Copyright and Similar Rights that applies to Your use of the Licensed Material. License Elements means the license attributes listed in the name of a Creative Commons Public License. The License Elements of this Public License are Attribution, NonCommercial, and ShareAlike. Licensed Material means the artistic or literary work, database, or other material to which the Licensor applied this Public License. Licensed Rights means the rights granted to You subject to the terms and conditions of this Public License, which are limited to all Copyright and Similar Rights that apply to Your use of the Licensed Material and that the Licensor has authority to license. Licensor means the individual(s) or entity(ies) granting rights under this Public License. NonCommercial means not primarily intended for or directed towards commercial advantage or monetary compensation. For purposes of this Public License, the exchange of the Licensed Material for other material subject to Copyright and Similar Rights by digital file-sharing or similar means is NonCommercial provided there is no payment of monetary compensation in connection with the exchange. Share means to provide material to the public by any means or process that requires permission under the Licensed Rights, such as reproduction, public display, public performance, distribution, dissemination, communication, or importation, and to make material available to the public including in ways that members of the public may access the material from a place and at a time individually chosen by them. Sui Generis Database Rights means rights other than copyright resulting from Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, as amended and/or succeeded, as well as other essentially equivalent rights anywhere in the world. You means the individual or entity exercising the Licensed Rights under this Public License. Your has a corresponding meaning. Section 2 – Scope. License grant. Subject to the terms and conditions of this Public License, the Licensor hereby grants You a worldwide, royalty-free, non-sublicensable, non-exclusive, irrevocable license to exercise the Licensed Rights in the Licensed Material to: reproduce and Share the Licensed Material, in whole or in part, for NonCommercial purposes only; and produce, reproduce, and Share Adapted Material for NonCommercial purposes only. Exceptions and Limitations. For the avoidance of doubt, where Exceptions and Limitations apply to Your use, this Public License does not apply, and You do not need to comply with its terms and conditions. Term. The term of this Public License is specified in Section 6(a). Media and formats; technical modifications allowed. The Licensor authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this Public License, simply making modifications authorized by this Section 2(a)(4) never produces Adapted Material. Downstream recipients. Offer from the Licensor – Licensed Material. Every recipient of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights under the terms and conditions of this Public License. Additional offer from the Licensor – Adapted Material. Every recipient of Adapted Material from You automatically receives an offer from the Licensor to exercise the Licensed Rights in the Adapted Material under the conditions of the Adapter’s License You apply. No downstream restrictions. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, the Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed Material. No endorsement. Nothing in this Public License constitutes or may be construed as permission to assert or imply that You are, or that Your use of the Licensed Material is, connected with, or sponsored, endorsed, or granted official status by, the Licensor or others designated to receive attribution as provided in Section 3(a)(1)(A)(i). Other rights. Moral rights, such as the right of integrity, are not licensed under this Public License, nor are publicity, privacy, and/or other similar personality rights; however, to the extent possible, the Licensor waives and/or agrees not to assert any such rights held by the Licensor to the limited extent necessary to allow You to exercise the Licensed Rights, but not otherwise. Patent and trademark rights are not licensed under this Public License. To the extent possible, the Licensor waives any right to collect royalties from You for the exercise of the Licensed Rights, whether directly or through a collecting society under any voluntary or waivable statutory or compulsory licensing scheme. In all other cases the Licensor expressly reserves any right to collect such royalties, including when the Licensed Material is used other than for NonCommercial purposes. Section 3 – License Conditions. Your exercise of the Licensed Rights is expressly made subject to the following conditions. Attribution. If You Share the Licensed Material (including in modified form), You must: retain the following if it is supplied by the Licensor with the Licensed Material: identification of the creator(s) of the Licensed Material and any others designated to receive attribution, in any reasonable manner requested by the Licensor (including by pseudonym if designated); a copyright notice; a notice that refers to this Public License; a notice that refers to the disclaimer of warranties; a URI or hyperlink to the Licensed Material to the extent reasonably practicable; indicate if You modified the Licensed Material and retain an indication of any previous modifications; and indicate the Licensed Material is licensed under this Public License, and include the text of, or the URI or hyperlink to, this Public License. You may satisfy the conditions in Section 3(a)(1) in any reasonable manner based on the medium, means, and context in which You Share the Licensed Material. For example, it may be reasonable to satisfy the conditions by providing a URI or hyperlink to a resource that includes the required information. If requested by the Licensor, You must remove any of the information required by Section 3(a)(1)(A) to the extent reasonably practicable. ShareAlike. In addition to the conditions in Section 3(a), if You Share Adapted Material You produce, the following conditions also apply. The Adapter’s License You apply must be a Creative Commons license with the same License Elements, this version or later, or a BY-NC-SA Compatible License. You must include the text of, or the URI or hyperlink to, the Adapter's License You apply. You may satisfy this condition in any reasonable manner based on the medium, means, and context in which You Share Adapted Material. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, Adapted Material that restrict exercise of the rights granted under the Adapter's License You apply. Section 4 – Sui Generis Database Rights. Where the Licensed Rights include Sui Generis Database Rights that apply to Your use of the Licensed Material: for the avoidance of doubt, Section 2(a)(1) grants You the right to extract, reuse, reproduce, and Share all or a substantial portion of the contents of the database for NonCommercial purposes only; if You include all or a substantial portion of the database contents in a database in which You have Sui Generis Database Rights, then the database in which You have Sui Generis Database Rights (but not its individual contents) is Adapted Material, including for purposes of Section 3(b); and You must comply with the conditions in Section 3(a) if You Share all or a substantial portion of the contents of the database. For the avoidance of doubt, this Section 4 supplements and does not replace Your obligations under this Public License where the Licensed Rights include other Copyright and Similar Rights. Section 5 – Disclaimer of Warranties and Limitation of Liability. Unless otherwise separately undertaken by the Licensor, to the extent possible, the Licensor offers the Licensed Material as-is and as-available, and makes no representations or warranties of any kind concerning the Licensed Material, whether express, implied, statutory, or other. This includes, without limitation, warranties of title, merchantability, fitness for a particular purpose, non-infringement, absence of latent or other defects, accuracy, or the presence or absence of errors, whether or not known or discoverable. Where disclaimers of warranties are not allowed in full or in part, this disclaimer may not apply to You. To the extent possible, in no event will the Licensor be liable to You on any legal theory (including, without limitation, negligence) or otherwise for any direct, special, indirect, incidental, consequential, punitive, exemplary, or other losses, costs, expenses, or damages arising out of this Public License or use of the Licensed Material, even if the Licensor has been advised of the possibility of such losses, costs, expenses, or damages. Where a limitation of liability is not allowed in full or in part, this limitation may not apply to You. The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the extent possible, most closely approximates an absolute disclaimer and waiver of all liability. Section 6 – Term and Termination. This Public License applies for the term of the Copyright and Similar Rights licensed here. However, if You fail to comply with this Public License, then Your rights under this Public License terminate automatically. Where Your right to use the Licensed Material has terminated under Section 6(a), it reinstates: automatically as of the date the violation is cured, provided it is cured within 30 days of Your discovery of the violation; or upon express reinstatement by the Licensor. For the avoidance of doubt, this Section 6(b) does not affect any right the Licensor may have to seek remedies for Your violations of this Public License. For the avoidance of doubt, the Licensor may also offer the Licensed Material under separate terms or conditions or stop distributing the Licensed Material at any time; however, doing so will not terminate this Public License. Sections 1, 5, 6, 7, and 8 survive termination of this Public License. Section 7 – Other Terms and Conditions. The Licensor shall not be bound by any additional or different terms or conditions communicated by You unless expressly agreed. Any arrangements, understandings, or agreements regarding the Licensed Material not stated herein are separate from and independent of the terms and conditions of this Public License. Section 8 – Interpretation. For the avoidance of doubt, this Public License does not, and shall not be interpreted to, reduce, limit, restrict, or impose conditions on any use of the Licensed Material that could lawfully be made without permission under this Public License. To the extent possible, if any provision of this Public License is deemed unenforceable, it shall be automatically reformed to the minimum extent necessary to make it enforceable. If the provision cannot be reformed, it shall be severed from this Public License without affecting the enforceability of the remaining terms and conditions. No term or condition of this Public License will be waived and no failure to comply consented to unless expressly agreed to by the Licensor. Nothing in this Public License constitutes or may be interpreted as a limitation upon, or waiver of, any privileges and immunities that apply to the Licensor or You, including from the legal processes of any jurisdiction or authority. </div> </div> |} </pre> </div> </div> ==CDDLv1.0== [[LICENCE_HEADER_CDDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CDDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_CDDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} </pre> </div> </div> ==EPLv2.0== [[LICENCE_HEADER_EPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_EPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_EPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. |} </div> </div> </pre> </div> </div> ==FreeBSD documentation== [[LICENCE_HEADER_FreeBSD_Documentation]]<br \> <b><nowiki>{{:LICENCE_HEADER_FreeBSD_Documentation}}</nowiki></b><br> {{:LICENCE_HEADER_FreeBSD_Documentation}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>FreeBSD Documentation License</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> <pre> Copyright (c) YEAR <YEAR OF DOCUMENTATION>, <AUTHOR NAME>. All rights reserved. Redistribution and use in source (SGML DocBook) and 'compiled' forms (SGML, HTML, PDF, PostScript, RTF and so forth) with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code (SGML DocBook) must retain the above copyright notice, this list of conditions and the following disclaimer as the first lines of this file unmodified. 2. Redistributions in compiled form (transformed to other DTDs, converted to PDF, PostScript, RTF and other formats) must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==GFDLv1.1== [[LICENCE_HEADER_GFDL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDL}}</nowiki></b> {{:LICENCE_HEADER_GFDL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </pre> </div> </div> ==GFDLv1.2== [[LICENCE_HEADER_GFDLv1.2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.2}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div></div> |} </pre> </div> </div> ==GFDLv1.3== [[LICENCE_HEADER_GFDLv1.3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.3}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div></div> |} </pre> </div> </div> ==GPLv1== [[LICENCE_HEADER_GPL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPL}}</nowiki></b> {{:LICENCE_HEADER_GPL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div></div> |} </pre> </div> </div> ==GPLv2== [[LICENCE_HEADER_GPLv2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv2}}</nowiki></b> {{:LICENCE_HEADER_GPLv2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div></div> |} </pre> </div> </div> ==GPLv3== [[LICENCE_HEADER_GPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv3}}</nowiki></b> {{:LICENCE_HEADER_GPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div></div> |} </pre> </div> </div> ==LGPLv2.1== [[LICENCE_HEADER_LGPLv2.1]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv2.1}}</nowiki></b> {{:LICENCE_HEADER_LGPLv2.1}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div></div> |} </pre> </div> </div> ==LGPLv3== [[LICENCE_HEADER_LGPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv3}}</nowiki></b> {{:LICENCE_HEADER_LGPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div></div> |} </pre> </div> </div> ==MIT== [[LICENCE_HEADER_MIT]]<br \> <b><nowiki>{{:LICENCE_HEADER_MIT}}</nowiki></b> {{:LICENCE_HEADER_MIT}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div></div> |} </pre> </div> </div> ==MPLv2.0== [[LICENCE_HEADER_MPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_MPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_MPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div></div> |} </pre> </div> </div> ==PDLv1.0== [[LICENCE_HEADER_PDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_PDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_PDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div></div> |} </pre> </div> </div> ==PIRATE== This Licence is for shits and giggles, don't use on public server<br \> [[LICENCE_HEADER_PIRATE]]<br \> <b><nowiki>{{:LICENCE_HEADER_PIRATE}}</nowiki></b> {{:LICENCE_HEADER_PIRATE}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence! LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div></div> |} </pre> </div> </div> ==UNLICENSE== <b><nowiki>{{:LICENCE_HEADER_UNLICENSE}}</nowiki></b> {{:LICENSE_HEADER_UNLICENSE}} <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>UnLicense</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> This is free and unencumbered software released into the public domain. Anyone is free to copy, modify, publish, use, compile, sell, or distribute this software, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means. In jurisdictions that recognize copyright laws, the author or authors of this software dedicate any and all copyright interest in the software to the public domain. We make this dedication for the benefit of the public at large and to the detriment of our heirs and successors. We intend this dedication to be an overt act of relinquishment in perpetuity of all present and future rights to this software under copyright law. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. For more information, please refer to <https://unlicense.org> </div> </div> |} </pre> </div> </div> 2tu325xqpylgjkdn645sgtrhoanovyh 620 619 2025-07-11T19:34:26Z AwesomO 5 /* UNLICENSE */ 620 wikitext text/x-wiki * Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute. * To do so add a Licence header at the top of your page. * example:<b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> * using the header may not be a good idea for some licences ** click the link and copy the content ** and append the correct <code>Copyright [yyyy] [name of copyright owner] </code> : * [[Find_the_License_of_Man_Pages|How to find the license of a '''Man''' Page]] ==Blank Template== This Licence is for Importing Licences from other projects that are eligable to be posted/imported on this site<br \> [[LICENCE_HEADER_BLANK]]<br \> <b><nowiki>{{:LICENCE_HEADER_BLANK}}</nowiki></b> {{:LICENCE_HEADER_BLANK}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>ENTER LICENCE NAME</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> ENTER LICENCE HERE </div> </div> |} </pre> </div> </div> ==APACHE2== [[LICENCE_HEADER_APACHE2]]<br \> <b><nowiki>{{:LICENCE_HEADER_APACHE2}}</nowiki></b> {{:LICENCE_HEADER_APACHE2}} <!-- delete below if mess up --> <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste to your page: <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </div> </div> |} </pre> </div> </div> ==BDS0== [[LICENCE_HEADER_BSD0]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD0}}</nowiki></b> {{:LICENCE_HEADER_BSD0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} </pre> </div> </div> ==BSD1== [[LICENCE_HEADER_BSD]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD}}</nowiki></b> {{:LICENCE_HEADER_BSD}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div></div> |} </pre> </div> </div> ==BSD2== [[LICENCE_HEADER_BSD2]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD2}}</nowiki></b> {{:LICENCE_HEADER_BSD2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==BSD3== [[LICENCE_HEADER_BSD3]]<br \> <b><nowiki>{{:LICENCE_HEADER_BSD3}}</nowiki></b> {{:LICENCE_HEADER_BSD3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==CC0== [[LICENCE_HEADER_CC0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC0}}</nowiki></b> {{:LICENCE_HEADER_CC0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} </pre> </div> </div> ==CC-BY== [[LICENCE_HEADER_CC_BY]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY}}</nowiki></b> {{:LICENCE_HEADER_CC_BY}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </pre> </div> </div> ==CC-BY V3 == [[LICENCE_HEADER_CC_BY_V3]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY_V3}}</nowiki></b> {{:LICENCE_HEADER_CC_BY_V3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <nowiki> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/3.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> You are free to: * Share — copy and redistribute the material in any medium or format for any purpose, even commercially. * Adapt — remix, transform, and build upon the material for any purpose, even commercially. * The licensor cannot revoke these freedoms as long as you follow the license terms. * https://creativecommons.org/licenses/by/3.0/ Under the following terms: * Attribution — You must give [[https://creativecommons.org/licenses/by/3.0/#ref-appropriate-credit| appropriate credit]] , provide a link to the license, and [[https://creativecommons.org/licenses/by/3.0/#ref-indicate-changes indicate if changes were made]] . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. * No additional restrictions — You may not apply legal terms or [[https://creativecommons.org/licenses/by/3.0/#ref-technological-measures| technological measures]] that legally restrict others from doing anything the license permits. Notices: You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable [[https://creativecommons.org/licenses/by/3.0/#ref-exception-or-limitation| exception or limitation]] . No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as [[https://creativecommons.org/licenses/by/3.0/#ref-publicity-privacy-or-moral-rights| publicity, privacy, or moral rights]] may limit how you use the material. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: https://creativecommons.org/licenses/by/3.0/legalcode.en <div class="mw-collapsible-content"> <pre> Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions Adaptation means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. Collection means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. Distribute means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. Licensor means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. Original Author means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. Work means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. You means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. Publicly Perform means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. Reproduce means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; to Distribute and Publicly Perform the Work including as incorporated in Collections; and, to Distribute and Publicly Perform Adaptations. For the avoidance of doubt: Non-waivable Compulsory License Schemes . In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; Waivable Compulsory License Schemes . In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, Voluntary License Schemes . The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f) , all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b) , as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b) , as requested. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a) , keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and, (iv) consistent with Section 3(b) , in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING AND TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO THIS EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. </pre> </div> </div> |} </nowiki> </div> </div> ==CC BY-SA== [[LICENCE_HEADER_CC_BY-SA]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-SA}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} </pre> </div> </div> ==CC BY-NC-SA 4.0== [[LICENCE_HEADER_CC_BY-NC-SA_4.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CC_BY-NC-SA_4.0}}</nowiki></b> {{:LICENCE_HEADER_CC_BY-SA}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre style="color: red"> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-NC-SA_4.0 Licence</b><br \> More information about the <b>CC BY-NC-SA_4.0 licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> &lt;pre&gt; You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits. &lt;/pre&gt; </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> <pre> Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License ("Public License"). To the extent this Public License may be interpreted as a contract, You are granted the Licensed Rights in consideration of Your acceptance of these terms and conditions, and the Licensor grants You such rights in consideration of benefits the Licensor receives from making the Licensed Material available under these terms and conditions. Section 1 – Definitions. Adapted Material means material subject to Copyright and Similar Rights that is derived from or based upon the Licensed Material and in which the Licensed Material is translated, altered, arranged, transformed, or otherwise modified in a manner requiring permission under the Copyright and Similar Rights held by the Licensor. For purposes of this Public License, where the Licensed Material is a musical work, performance, or sound recording, Adapted Material is always produced where the Licensed Material is synched in timed relation with a moving image. Adapter's License means the license You apply to Your Copyright and Similar Rights in Your contributions to Adapted Material in accordance with the terms and conditions of this Public License. BY-NC-SA Compatible License means a license listed at creativecommons.org/compatiblelicenses, approved by Creative Commons as essentially the equivalent of this Public License. Copyright and Similar Rights means copyright and/or similar rights closely related to copyright including, without limitation, performance, broadcast, sound recording, and Sui Generis Database Rights, without regard to how the rights are labeled or categorized. For purposes of this Public License, the rights specified in Section 2(b)(1)-(2) are not Copyright and Similar Rights. Effective Technological Measures means those measures that, in the absence of proper authority, may not be circumvented under laws fulfilling obligations under Article 11 of the WIPO Copyright Treaty adopted on December 20, 1996, and/or similar international agreements. Exceptions and Limitations means fair use, fair dealing, and/or any other exception or limitation to Copyright and Similar Rights that applies to Your use of the Licensed Material. License Elements means the license attributes listed in the name of a Creative Commons Public License. The License Elements of this Public License are Attribution, NonCommercial, and ShareAlike. Licensed Material means the artistic or literary work, database, or other material to which the Licensor applied this Public License. Licensed Rights means the rights granted to You subject to the terms and conditions of this Public License, which are limited to all Copyright and Similar Rights that apply to Your use of the Licensed Material and that the Licensor has authority to license. Licensor means the individual(s) or entity(ies) granting rights under this Public License. NonCommercial means not primarily intended for or directed towards commercial advantage or monetary compensation. For purposes of this Public License, the exchange of the Licensed Material for other material subject to Copyright and Similar Rights by digital file-sharing or similar means is NonCommercial provided there is no payment of monetary compensation in connection with the exchange. Share means to provide material to the public by any means or process that requires permission under the Licensed Rights, such as reproduction, public display, public performance, distribution, dissemination, communication, or importation, and to make material available to the public including in ways that members of the public may access the material from a place and at a time individually chosen by them. Sui Generis Database Rights means rights other than copyright resulting from Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, as amended and/or succeeded, as well as other essentially equivalent rights anywhere in the world. You means the individual or entity exercising the Licensed Rights under this Public License. Your has a corresponding meaning. Section 2 – Scope. License grant. Subject to the terms and conditions of this Public License, the Licensor hereby grants You a worldwide, royalty-free, non-sublicensable, non-exclusive, irrevocable license to exercise the Licensed Rights in the Licensed Material to: reproduce and Share the Licensed Material, in whole or in part, for NonCommercial purposes only; and produce, reproduce, and Share Adapted Material for NonCommercial purposes only. Exceptions and Limitations. For the avoidance of doubt, where Exceptions and Limitations apply to Your use, this Public License does not apply, and You do not need to comply with its terms and conditions. Term. The term of this Public License is specified in Section 6(a). Media and formats; technical modifications allowed. The Licensor authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this Public License, simply making modifications authorized by this Section 2(a)(4) never produces Adapted Material. Downstream recipients. Offer from the Licensor – Licensed Material. Every recipient of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights under the terms and conditions of this Public License. Additional offer from the Licensor – Adapted Material. Every recipient of Adapted Material from You automatically receives an offer from the Licensor to exercise the Licensed Rights in the Adapted Material under the conditions of the Adapter’s License You apply. No downstream restrictions. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, the Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed Material. No endorsement. Nothing in this Public License constitutes or may be construed as permission to assert or imply that You are, or that Your use of the Licensed Material is, connected with, or sponsored, endorsed, or granted official status by, the Licensor or others designated to receive attribution as provided in Section 3(a)(1)(A)(i). Other rights. Moral rights, such as the right of integrity, are not licensed under this Public License, nor are publicity, privacy, and/or other similar personality rights; however, to the extent possible, the Licensor waives and/or agrees not to assert any such rights held by the Licensor to the limited extent necessary to allow You to exercise the Licensed Rights, but not otherwise. Patent and trademark rights are not licensed under this Public License. To the extent possible, the Licensor waives any right to collect royalties from You for the exercise of the Licensed Rights, whether directly or through a collecting society under any voluntary or waivable statutory or compulsory licensing scheme. In all other cases the Licensor expressly reserves any right to collect such royalties, including when the Licensed Material is used other than for NonCommercial purposes. Section 3 – License Conditions. Your exercise of the Licensed Rights is expressly made subject to the following conditions. Attribution. If You Share the Licensed Material (including in modified form), You must: retain the following if it is supplied by the Licensor with the Licensed Material: identification of the creator(s) of the Licensed Material and any others designated to receive attribution, in any reasonable manner requested by the Licensor (including by pseudonym if designated); a copyright notice; a notice that refers to this Public License; a notice that refers to the disclaimer of warranties; a URI or hyperlink to the Licensed Material to the extent reasonably practicable; indicate if You modified the Licensed Material and retain an indication of any previous modifications; and indicate the Licensed Material is licensed under this Public License, and include the text of, or the URI or hyperlink to, this Public License. You may satisfy the conditions in Section 3(a)(1) in any reasonable manner based on the medium, means, and context in which You Share the Licensed Material. For example, it may be reasonable to satisfy the conditions by providing a URI or hyperlink to a resource that includes the required information. If requested by the Licensor, You must remove any of the information required by Section 3(a)(1)(A) to the extent reasonably practicable. ShareAlike. In addition to the conditions in Section 3(a), if You Share Adapted Material You produce, the following conditions also apply. The Adapter’s License You apply must be a Creative Commons license with the same License Elements, this version or later, or a BY-NC-SA Compatible License. You must include the text of, or the URI or hyperlink to, the Adapter's License You apply. You may satisfy this condition in any reasonable manner based on the medium, means, and context in which You Share Adapted Material. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, Adapted Material that restrict exercise of the rights granted under the Adapter's License You apply. Section 4 – Sui Generis Database Rights. Where the Licensed Rights include Sui Generis Database Rights that apply to Your use of the Licensed Material: for the avoidance of doubt, Section 2(a)(1) grants You the right to extract, reuse, reproduce, and Share all or a substantial portion of the contents of the database for NonCommercial purposes only; if You include all or a substantial portion of the database contents in a database in which You have Sui Generis Database Rights, then the database in which You have Sui Generis Database Rights (but not its individual contents) is Adapted Material, including for purposes of Section 3(b); and You must comply with the conditions in Section 3(a) if You Share all or a substantial portion of the contents of the database. For the avoidance of doubt, this Section 4 supplements and does not replace Your obligations under this Public License where the Licensed Rights include other Copyright and Similar Rights. Section 5 – Disclaimer of Warranties and Limitation of Liability. Unless otherwise separately undertaken by the Licensor, to the extent possible, the Licensor offers the Licensed Material as-is and as-available, and makes no representations or warranties of any kind concerning the Licensed Material, whether express, implied, statutory, or other. This includes, without limitation, warranties of title, merchantability, fitness for a particular purpose, non-infringement, absence of latent or other defects, accuracy, or the presence or absence of errors, whether or not known or discoverable. Where disclaimers of warranties are not allowed in full or in part, this disclaimer may not apply to You. To the extent possible, in no event will the Licensor be liable to You on any legal theory (including, without limitation, negligence) or otherwise for any direct, special, indirect, incidental, consequential, punitive, exemplary, or other losses, costs, expenses, or damages arising out of this Public License or use of the Licensed Material, even if the Licensor has been advised of the possibility of such losses, costs, expenses, or damages. Where a limitation of liability is not allowed in full or in part, this limitation may not apply to You. The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the extent possible, most closely approximates an absolute disclaimer and waiver of all liability. Section 6 – Term and Termination. This Public License applies for the term of the Copyright and Similar Rights licensed here. However, if You fail to comply with this Public License, then Your rights under this Public License terminate automatically. Where Your right to use the Licensed Material has terminated under Section 6(a), it reinstates: automatically as of the date the violation is cured, provided it is cured within 30 days of Your discovery of the violation; or upon express reinstatement by the Licensor. For the avoidance of doubt, this Section 6(b) does not affect any right the Licensor may have to seek remedies for Your violations of this Public License. For the avoidance of doubt, the Licensor may also offer the Licensed Material under separate terms or conditions or stop distributing the Licensed Material at any time; however, doing so will not terminate this Public License. Sections 1, 5, 6, 7, and 8 survive termination of this Public License. Section 7 – Other Terms and Conditions. The Licensor shall not be bound by any additional or different terms or conditions communicated by You unless expressly agreed. Any arrangements, understandings, or agreements regarding the Licensed Material not stated herein are separate from and independent of the terms and conditions of this Public License. Section 8 – Interpretation. For the avoidance of doubt, this Public License does not, and shall not be interpreted to, reduce, limit, restrict, or impose conditions on any use of the Licensed Material that could lawfully be made without permission under this Public License. To the extent possible, if any provision of this Public License is deemed unenforceable, it shall be automatically reformed to the minimum extent necessary to make it enforceable. If the provision cannot be reformed, it shall be severed from this Public License without affecting the enforceability of the remaining terms and conditions. No term or condition of this Public License will be waived and no failure to comply consented to unless expressly agreed to by the Licensor. Nothing in this Public License constitutes or may be interpreted as a limitation upon, or waiver of, any privileges and immunities that apply to the Licensor or You, including from the legal processes of any jurisdiction or authority. </div> </div> |} </pre> </div> </div> ==CDDLv1.0== [[LICENCE_HEADER_CDDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_CDDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_CDDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} </pre> </div> </div> ==EPLv2.0== [[LICENCE_HEADER_EPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_EPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_EPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. |} </div> </div> </pre> </div> </div> ==FreeBSD documentation== [[LICENCE_HEADER_FreeBSD_Documentation]]<br \> <b><nowiki>{{:LICENCE_HEADER_FreeBSD_Documentation}}</nowiki></b><br> {{:LICENCE_HEADER_FreeBSD_Documentation}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>FreeBSD Documentation License</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> <pre> Copyright (c) YEAR <YEAR OF DOCUMENTATION>, <AUTHOR NAME>. All rights reserved. Redistribution and use in source (SGML DocBook) and 'compiled' forms (SGML, HTML, PDF, PostScript, RTF and so forth) with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code (SGML DocBook) must retain the above copyright notice, this list of conditions and the following disclaimer as the first lines of this file unmodified. 2. Redistributions in compiled form (transformed to other DTDs, converted to PDF, PostScript, RTF and other formats) must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} </pre> </div> </div> ==GFDLv1.1== [[LICENCE_HEADER_GFDL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDL}}</nowiki></b> {{:LICENCE_HEADER_GFDL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} </pre> </div> </div> ==GFDLv1.2== [[LICENCE_HEADER_GFDLv1.2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.2}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div></div> |} </pre> </div> </div> ==GFDLv1.3== [[LICENCE_HEADER_GFDLv1.3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GFDLv1.3}}</nowiki></b> {{:LICENCE_HEADER_GFDLv1.3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div></div> |} </pre> </div> </div> ==GPLv1== [[LICENCE_HEADER_GPL]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPL}}</nowiki></b> {{:LICENCE_HEADER_GPL}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div></div> |} </pre> </div> </div> ==GPLv2== [[LICENCE_HEADER_GPLv2]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv2}}</nowiki></b> {{:LICENCE_HEADER_GPLv2}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div></div> |} </pre> </div> </div> ==GPLv3== [[LICENCE_HEADER_GPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_GPLv3}}</nowiki></b> {{:LICENCE_HEADER_GPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div></div> |} </pre> </div> </div> ==LGPLv2.1== [[LICENCE_HEADER_LGPLv2.1]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv2.1}}</nowiki></b> {{:LICENCE_HEADER_LGPLv2.1}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div></div> |} </pre> </div> </div> ==LGPLv3== [[LICENCE_HEADER_LGPLv3]]<br \> <b><nowiki>{{:LICENCE_HEADER_LGPLv3}}</nowiki></b> {{:LICENCE_HEADER_LGPLv3}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div></div> |} </pre> </div> </div> ==MIT== [[LICENCE_HEADER_MIT]]<br \> <b><nowiki>{{:LICENCE_HEADER_MIT}}</nowiki></b> {{:LICENCE_HEADER_MIT}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div></div> |} </pre> </div> </div> ==MPLv2.0== [[LICENCE_HEADER_MPLv2.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_MPLv2.0}}</nowiki></b> {{:LICENCE_HEADER_MPLv2.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div></div> |} </pre> </div> </div> ==PDLv1.0== [[LICENCE_HEADER_PDLv1.0]]<br \> <b><nowiki>{{:LICENCE_HEADER_PDLv1.0}}</nowiki></b> {{:LICENCE_HEADER_PDLv1.0}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div></div> |} </pre> </div> </div> ==PIRATE== This Licence is for shits and giggles, don't use on public server<br \> [[LICENCE_HEADER_PIRATE]]<br \> <b><nowiki>{{:LICENCE_HEADER_PIRATE}}</nowiki></b> {{:LICENCE_HEADER_PIRATE}} <div class="toccolours mw-collapsible mw-collapsed"> Copy and Paste <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence! LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div></div> |} </pre> </div> </div> ==UNLICENSE== <b><nowiki>{{:LICENCE_HEADER_UNLICENSE}}</nowiki></b> {{:LICENSE_HEADER_UNLICENSE}} <div class="toccolours mw-collapsible mw-collapsed"> copy and paste: <div class="mw-collapsible-content"> <pre> {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>UnLicense</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> This is free and unencumbered software released into the public domain. Anyone is free to copy, modify, publish, use, compile, sell, or distribute this software, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means. In jurisdictions that recognize copyright laws, the author or authors of this software dedicate any and all copyright interest in the software to the public domain. We make this dedication for the benefit of the public at large and to the detriment of our heirs and successors. We intend this dedication to be an overt act of relinquishment in perpetuity of all present and future rights to this software under copyright law. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. For more information, please refer to <https://unlicense.org> </div> </div> |} </pre> </div> </div> tw7cknww9u6sdlb180rvvo4tjxu9477 0 4 5 2023-03-01T16:26:19Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by appli..." 5 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>APACHE2 Licence</b><br \> Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. <div class="toccolours mw-collapsible mw-collapsed"> Apache2 Licence: <div class="mw-collapsible-content"> <pre> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. </pre> </div> </div> |} 621aw59w9odqn360vuwo1nc7p5v912y 0 5 6 2023-03-01T17:00:10Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS..." 6 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (C) [year] by [copyright holder] <[email]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. </div> </div> |} 0y9utcci00go43n1wjax1zq8u0kvcv2 0 6 7 2023-03-01T17:01:17Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are..." 7 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright (c) [Year] [Name] [All rights reserved]. * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY [Name of Organization] “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL [Name of Organisation] BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} rtbe3qipinal2bb3f2c0om68irlwgtf 0 7 8 2023-03-01T17:01:47Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistr..." 8 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} rn2thkg087xfp1d8xhjn6ortb0uv0sg 0 8 9 2023-03-01T17:02:18Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistr..." 9 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>BSD3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} on50ftodgorg2fnymv7asa48t71xaz1 0 9 10 2023-03-01T17:02:46Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with thi..." 10 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC0 Licence</b><br \> More information about the <b>cc0 licence</b> can be found here:<br \> <code>https://creativecommons.org/share-your-work/public-domain/cc0</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.<br \> You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. </div> </div> |} bnlro261kbypmbtgk1py4rixjmjyo0q 0 10 11 2023-03-01T17:03:26Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium..." 11 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Creative Commons Legal Code Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. c. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. d. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. e. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. f. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. g. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. h. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. i. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b), as requested. b. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Section 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4 (b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. c. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of this License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} qr32sela4nhixt6kqdgmlb9oq60gk9s 0 11 12 2023-03-01T17:04:18Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in..." 12 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-SA Licence</b><br \> More information about the <b>CC BY-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material for any purpose, even commercially. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> Attribution-ShareAlike 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License. c. "Creative Commons Compatible License" means a license that is listed at https://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License. d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike. f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and, d. to Distribute and Publicly Perform Adaptations. e. For the avoidance of doubt: i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested. b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License. c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. Creative Commons Notice Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor. Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License. Creative Commons may be contacted at https://creativecommons.org/. </div> </div> |} bxr01kjnbo4w0nm0s3n1at3zoedsxkf 0 12 13 2023-03-01T17:04:56Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each i..." 13 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CDDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE CDDLv1.0 <div class="mw-collapsible-content"> COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 1. Definitions. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor. 1.3. "Covered Software" means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof. 1.4. "Executable" means the Covered Software in any form other than Source Code. 1.5. "Initial Developer" means the individual or entity that first makes Original Software available under this License. 1.6. "Larger Work" means a work which combines Covered Software or portions thereof with code not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means the Source Code and Executable form of any of the following: A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications; B. Any new file that contains any part of the Original Software or previous Modification; or C. Any new file that is contributed or otherwise made available under the terms of this License. 1.10. "Original Software" means the Source Code and Executable form of computer software code that is originally released under this License. 1.11. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.12. "Source Code" means (a) the common form of computer software code in which modifications are made and (b) associated documentation included in or with such code. 1.13. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants. 2.1. The Initial Developer Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof). (c) The licenses granted in Sections 2.1(a) and (b) are effective on the date Initial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices. 2.2. Contributor Grant. Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Availability of Source Code. Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange. 3.2. Modifications. The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License. 3.3. Required Notices. You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer. 3.4. Application of Additional Terms. You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients' rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.5. Distribution of Executable Versions. You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipient's rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software. 4. Versions of the License. 4.1. New Versions. Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License. 4.2. Effect of New Versions. You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under any subsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward. 4.3. Modified Versions. When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License. 5. DISCLAIMER OF WARRANTY. COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 6. TERMINATION. 6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as "Participant") alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant. 6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination. 7. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 8. U.S. GOVERNMENT END USERS. The Covered Software is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" (as that term is defined at 48 C.F.R. ¤ 252.227-7014(a)(1)) and "commercial computer software documentation" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License. 9. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdiction's conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software. 10. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. </div> </div> |} m7dxyc8j2cqdvzqzjodgmaj83gvmk3r 0 13 14 2023-03-01T17:05:37Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE..." 14 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>EPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE EPLv2.0 <div class="mw-collapsible-content"> Eclipse Public License - v 2.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (“AGREEMENT”). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS “Contribution” means: a) in the case of the initial Contributor, the initial content Distributed under this Agreement, and b) in the case of each subsequent Contributor: i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are Distributed by that particular Contributor. A Contribution “originates” from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include changes or additions to the Program that are not Modified Works. “Contributor” means any person or entity that Distributes the Program. “Licensed Patents” mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. “Program” means the Contributions Distributed in accordance with this Agreement. “Recipient” means anyone who receives the Program under this Agreement or any Secondary License (as applicable), including Contributors. “Derivative Works” shall mean any work, whether in Source Code or other form, that is based on (or derived from) the Program and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. “Modified Works” shall mean any work in Source Code or other form that results from an addition to, deletion from, or modification of the contents of the Program, including, for purposes of clarity any new file in Source Code form that contains any contents of the Program. Modified Works shall not include works that contain only declarations, interfaces, types, classes, structures, or files of the Program solely in each case in order to link to, bind by name, or subclass the Program or Modified Works thereof. “Distribute” means the acts of a) distributing or b) making available in any manner that enables the transfer of a copy. “Source Code” means the form of a Program preferred for making modifications, including but not limited to software source code, documentation source, and configuration files. “Secondary License” means either the GNU General Public License, Version 2.0, or any later versions of that license, including any exceptions or additional permissions as identified by the initial Contributor. 2. GRANT OF RIGHTS a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, Distribute and sublicense the Contribution of such Contributor, if any, and such Derivative Works. b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in Source Code or other form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to Distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. e) Notwithstanding the terms of any Secondary License, no Contributor makes additional grants to any Recipient (other than those set forth in this Agreement) as a result of such Recipient's receipt of the Program under the terms of a Secondary License (if permitted under the terms of Section 3). 3. REQUIREMENTS 3.1 If a Contributor Distributes the Program in any form, then: a) the Program must also be made available as Source Code, in accordance with section 3.2, and the Contributor must accompany the Program with a statement that the Source Code for the Program is available under this Agreement, and informs Recipients how to obtain it in a reasonable manner on or through a medium customarily used for software exchange; and b) the Contributor may Distribute the Program under a license different than this Agreement, provided that such license: i) effectively disclaims on behalf of all other Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; ii) effectively excludes on behalf of all other Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; iii) does not attempt to limit or alter the recipients' rights in the Source Code under section 3.2; and iv) requires any subsequent distribution of the Program by any party to be under a license that satisfies the requirements of this section 3. 3.2 When the Program is Distributed as Source Code: a) it must be made available under this Agreement, or if the Program (i) is combined with other material in a separate file or files made available under a Secondary License, and (ii) the initial Contributor attached to the Source Code the notice described in Exhibit A of this Agreement, then the Program may be made available under the terms of such Secondary Licenses, and b) a copy of this Agreement must be included with each copy of the Program. 3.3 Contributors may not remove or alter any copyright, patent, trademark, attribution notices, disclaimers of warranty, or limitations of liability (‘notices’) contained within the Program from any copy of the Program which they Distribute, provided that Contributors may add their own appropriate notices. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor (“Commercial Contributor”) hereby agrees to defend and indemnify every other Contributor (“Indemnified Contributor”) against any losses, damages and costs (collectively “Losses”) arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be Distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to Distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. Nothing in this Agreement is intended to be enforceable by any entity that is not a Contributor or Recipient. No third-party beneficiary rights are created under this Agreement. Exhibit A – Form of Secondary Licenses Notice “This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: {name license(s), version(s), and exceptions or additional permissions here}.” Simply including a copy of this Agreement, including this Exhibit A is not sufficient to license the Source Code under Secondary Licenses. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. </div> </div> |} tae7usgn26pt0wcj0fzqdhp5q9a8c7e 0 14 15 2023-03-01T17:06:07Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, B..." 15 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.1 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} 9w5y128sjmjr3k1obcaqcsn2oowzoab 0 15 16 2023-03-01T17:06:39Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, F..." 16 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.2 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.2, November 2002 Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} 3fw7m93n0ihun5kzfs7wllyitebp4xe 0 16 17 2023-03-01T17:07:03Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <h..." 17 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GFDLv1.3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GFDLv1.3 <div class="mw-collapsible-content"> GNU Free Documentation License Version 1.3, 3 November 2008 Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that work under the conditions stated herein. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (Thus, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount of text. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML, PostScript or PDF designed for human modification. Examples of transparent image formats include PNG, XCF and JPG. Opaque formats include proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. The "publisher" means any person or entity that distributes copies of the Document to the public. A section "Entitled XYZ" means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a specific section name mentioned below, such as "Acknowledgements", "Dedications", "Endorsements", or "History".) To "Preserve the Title" of such a section when you modify the Document means that it remains a section "Entitled XYZ" according to this definition. The Document may include Warranty Disclaimers next to the notice which states that this License applies to the Document. These Warranty Disclaimers are considered to be included by reference in this License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled "History", Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled "Acknowledgements" or "Dedications", Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled "Endorsements" or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section Entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled "History" in the various original documents, forming one section Entitled "History"; likewise combine any sections Entitled "Acknowledgements", and any sections Entitled "Dedications". You must delete all sections Entitled "Endorsements". 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, is called an "aggregate" if the copyright resulting from the compilation is not used to limit the legal rights of the compilation's users beyond what the individual works permit. When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one half of the entire aggregate, the Document's Cover Texts may be placed on covers that bracket the Document within the aggregate, or the electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled "Acknowledgements", "Dedications", or "History", the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, or distribute it is void, and will automatically terminate your rights under this License. However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See https://www.gnu.org/licenses/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. If the Document specifies that a proxy can decide which future versions of this License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Document. 11. RELICENSING "Massive Multiauthor Collaboration Site" (or "MMC Site") means any World Wide Web server that publishes copyrightable works and also provides prominent facilities for anybody to edit those works. A public wiki that anybody can edit is an example of such a server. A "Massive Multiauthor Collaboration" (or "MMC") contained in the site means any set of copyrightable works thus published on the MMC site. "CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 license published by Creative Commons Corporation, a not-for-profit corporation with a principal place of business in San Francisco, California, as well as future copyleft versions of that license published by that same organization. "Incorporate" means to publish or republish a Document, in whole or in part, as part of another Document. An MMC is "eligible for relicensing" if it is licensed under this License, and if all works that were first published under this License somewhere other than this MMC, and subsequently incorporated in whole or in part into the MMC, (1) had no cover texts or invariant sections, and (2) were thus incorporated prior to November 1, 2008. The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. ADDENDUM: How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the "with...Texts." line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. </div> </div> |} bjpmj57gp2ll0pjar9owu6fzoxbgj4w 0 17 18 2023-03-01T17:07:27Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fif..." 18 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv1 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) 19yy <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice That's all there is to it! </div> </div> |} 0nadmj7r3znqngtlirwxsvaakucnlod 0 18 19 2023-03-01T17:07:51Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,..." 19 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv2 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv2 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. </div> </div> |} ltgzd2sby0d402ex0l7vfc8uo8s9l21 0 19 20 2023-03-01T17:08:20Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permit..." 20 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>GPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE GPLv3 <div class="mw-collapsible-content"> GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the program's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: <program> Copyright (C) <year> <name of author> This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <https://www.gnu.org/licenses/>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <https://www.gnu.org/licenses/why-not-lgpl.html>. </div> </div> |} 4a9p3r9x6c2k7vzuytj4tgfh3e31nns 0 20 21 2023-03-01T17:08:54Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth..." 21 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv2.1 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. � Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. � GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. � 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. � Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. � 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. � 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. � 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. � 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS � How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it! </div> </div> |} le99j9lza72kgyeouwfipnk8nui7f46 0 21 22 2023-03-01T17:10:02Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permi..." 22 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>LGPLv3 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> GNU LESSER GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below. 0. Additional Definitions. As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of the GNU General Public License. "The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below. An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library. A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the "Linked Version". The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version. The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work. 1. Exception to Section 3 of the GNU GPL. You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL. 2. Conveying Modified Versions. If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version: a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy. 3. Object Code Incorporating Material from Library Header Files. The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following: a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the object code with a copy of the GNU GPL and this license document. 4. Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License. b) Accompany the Combined Work with a copy of the GNU GPL and this license document. c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document. d) Do one of the following: 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source. 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version. e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.) 5. Combined Libraries. You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License. b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 6. Revised Versions of the GNU Lesser General Public License. The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation. If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. </div> </div> |} k0t958pl08kba1rcwkj50en3a93qxik 0 22 23 2023-03-01T17:10:47Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal..." 23 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MIT Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Copyright <YEAR> <COPYRIGHT HOLDER> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. </div> </div> |} qpp3b7swvj1xoehp1ufkicklxpsb0rc 0 23 24 2023-03-01T17:11:15Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contr..." 24 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>MPLv2.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE MPLv2.0 <div class="mw-collapsible-content"> Mozilla Public License Version 2.0 -------------------------------- 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. </div> </div> |} r41yf7kr9k4t5urvcwiy028avvhxr45 0 24 25 2023-03-01T17:11:42Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contr..." 25 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PDLv1.0 Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE PDLv1.0 <div class="mw-collapsible-content"> PUBLIC DOCUMENTATION LICENSE Version 1.0 1.0 DEFINITIONS. 1.1. "Commercial Use" means distribution or otherwise making the Documentation available to a third party. 1.2. "Contributor" means a person or entity who creates or contributes to the creation of Modifications. 1.3. "Documentation" means the Original Documentation or Modifications or the combination of the Original Documentation and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted for the electronic transfer of data. 1.5. "Initial Writer" means the individual or entity identified as the Initial Writer in the notice required by the Appendix. 1.6. "Larger Work" means a work which combines Documentation or portions thereof with documentation or other writings not governed by the terms of this License. 1.7. "License" means this document. 1.8. "Modifications" means any addition to or deletion from the substance or structure of either the Original Documentation or any previous Modifications, such as a translation, abridgment, condensation, or any other form in which the Original Documentation or previous Modifications may be recast, transformed or adapted. A work consisting of editorial revisions, annotations, elaborations, and other modifications which, as a whole represent an original work of authorship, is a Modification. For example, when Documentation is released as a series of documents, a Modification is: A. Any addition to or deletion from the contents of the Original Documentation or previous Modifications. B. Any new documentation that contains any part of the Original Documentation or previous Modifications. 1.9. "Original Documentation" means documentation described as Original Documentation in the notice required by the Appendix, and which, at the time of its release under this License is not already Documentation governed by this License. 1.10. "Editable Form" means the preferred form of the Documentation for making Modifications to it. The Documentation can be in an electronic, compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.11. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of this License or a future version of this License issued under Section 5.0 ("Versions of the License"). For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2.0 LICENSE GRANTS. 2.1 Initial Writer Grant. The Initial Writer hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.1 ("Initial Writer Grant") are effective on the date Initial Writer first distributes Original Documentation under the terms of this License. 2.2. Contributor Grant. Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license to use, reproduce, prepare Modifications of, compile, publicly perform, publicly display, demonstrate, market, disclose and distribute the Documentation in any form, on any media or via any Electronic Distribution Mechanism or other method now known or later discovered, and to sublicense the foregoing rights to third parties through multiple tiers of sublicensees in accordance with the terms of this License. The license rights granted in this Section 2.2 ("Contributor Grant") are effective on the date Contributor first makes Commercial Use of the Documentation. 3.0 DISTRIBUTION OBLIGATIONS 3.1. Application of License The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2 ("Contributor Grant"). The Documentation may be distributed only under the terms of this License or a future version of this License released in accordance with Section 5.0 ("Versions of the License"), and You must include a copy of this License with every copy of the Documentation You distribute. You may not offer or impose any terms that alter or restrict the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5 ("Required Notices"). 3.2. Availability of Documentation. Any Modification which You create or to which You contribute must be made available publicly in Editable Form under the terms of this License via a fixed medium or an accepted Electronic Distribution Mechanism. 3.3. Description of Modifications. All Documentation to which You contribute must identify the changes You made to create that Documentation and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Documentation provided by the Initial Writer and include the name of the Initial Writer in the Documentation or via an electronic link that describes the origin or ownership of the Documentation. The foregoing change documentation may be created by using an electronic program that automatically tracks changes to the Documentation, and such changes must be available publicly for at least five years following release of the changed Documentation. 3.4. Intellectual Property Matters. Contributor represents that Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in the Appendix in each file of the Documentation. If it is not possible to put such notice in a particular Documentation file due to its structure, then You must include such notice in a location (such as a relevant directory) where a reader would be likely to look for such a notice, for example, via a hyperlink in each file of the Documentation that takes the reader to a page that describes the origin and ownership of the Documentation. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in the Appendix. You must also duplicate this License in any Documentation file (or with a hyperlink in each file of the Documentation) where You describe recipients' rights or ownership rights. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Documentation. However, You may do so only on Your own behalf, and not on behalf of the Initial Writer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Writer and every Contributor for any liability incurred by the Initial Writer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Larger Works. You may create a Larger Work by combining Documentation with other documents not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Documentation. 4.0 APPLICATION OF THIS LICENSE. This License applies to Documentation to which the Initial Writer has attached this License and the notice in the Appendix. 5.0 VERSIONS OF THE LICENSE. 5.1. New Versions. Initial Writer may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 5.2. Effect of New Versions. Once Documentation has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Documentation under the terms of any subsequent version of the License published by __________________[Insert name of the foundation, company, Initial Writer, or whoever may modify this License]. No one other than _________________ [Insert name of the foundation, company, Initial Writer, or whoever may modify this License] has the right to modify the terms of this License. Filling in the name of the Initial Writer, Original Documentation or Contributor in the notice described in the Appendix shall not be deemed to be Modifications of this License. 6.0 DISCLAIMER OF WARRANTY. DOCUMENTATION IS PROVIDED UNDER THIS LICENSE ON AN "AS IS'' BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENTATION IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENTATION IS WITH YOU. SHOULD ANY DOCUMENTATION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENTATION IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 7.0 TERMINATION. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Documentation which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.0 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL THE INITIAL WRITER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF DOCUMENTATION, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO THE USE OF THE DOCUMENTATION, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. 9.0 U.S. GOVERNMENT END USERS. If Documentation is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 10.0 MISCELLANEOUS. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law, excluding its conflict-of-law provisions. With respect to disputes or any litigation relating to this License, the losing party is responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. Appendix Public Documentation License Notice The contents of this Documentation are subject to the Public Documentation License Version 1.0 (the "License"); you may only use this Documentation if you comply with the terms of this License. A copy of the License is available at __________________[Insert hyperlink]. The Original Documentation is _________________. The Initial Writer of the Original Documentation is ___________ Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Initial Writer contact(s):________________[Insert hyperlink/alias]). Contributor(s): ______________________________________. Portions created by ______ are Copyright (C)_________[Insert year(s)]. All Rights Reserved. (Contributor contact(s):________________[Insert hyperlink/alias]). NOTE: The text of this Appendix may differ slightly from the text of the notices in the files of the Original Documentation. You should use the text of this Appendix rather than the text found in the Original Documentation for Your Modifications. </div> </div> |} 5ad8oamgrrwzhf52phvkl0bvy0ipilt 0 25 26 2023-03-01T17:12:09Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence??? LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div> </div> |}" 26 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence??? LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div> </div> |} 33c88p2v2jm0lxo2sdzf8i15carrnu9 81 26 2023-03-03T02:57:11Z Noob 1 81 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>PIRATE Licence</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> Licence? Licence! LICENCE!!!!!!<br \> WE NO NEED NO STINKING LICENCE! Copyright @ Pirate Licence :P </div> </div> |} 119e30gfxb61455o8sno0rb1lib2vx3 4 26 27 2023-03-01T20:47:26Z Noob 1 Created page with "<!-- We are taking help from http://www.shoutwiki.com/ to speed this up. --> {{:LICENCE_HEADER_CC_BY-SA}} ==Summary== If you only read CompleteNoobs.com, no more information is collected than is typically collected in server logs by web sites in general. If you contribute to CompleteNoobs.com, you are publishing every word you post publicly. If you write something, assume that it will be retained forever. This includes content pages, user pages and talk pages. ==Cooki..." 27 wikitext text/x-wiki <!-- We are taking help from http://www.shoutwiki.com/ to speed this up. --> {{:LICENCE_HEADER_CC_BY-SA}} ==Summary== If you only read CompleteNoobs.com, no more information is collected than is typically collected in server logs by web sites in general. If you contribute to CompleteNoobs.com, you are publishing every word you post publicly. If you write something, assume that it will be retained forever. This includes content pages, user pages and talk pages. ==Cookies== A cookie is a small text file that is stored on a user's computer for record-keeping purposes. We do use cookies on our site. CompleteNoobs.com may use both session ID cookies and persistent cookies. We use session cookies to make it easier for you to navigate our site. A session cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove persistent cookies by following directions provided in your Internet browser's help file. When you login you may select the "Remember me" check box to set a persistent cookie to store your user name and password, so you don't have to enter it more than once. You can remove the session ID cookie by clicking the "log out" link. ==Collection of personal information== User information is stored on servers in the United Kingdom. The only information that you need give is a username, password and eMail address. The username does not need to be your real name. Therefore, any personal information you choose to give is not compulsory. No personal information should be given on the wiki by persons aged less than 13 years. If you choose to enter a real name in your preferences, this will be publicly available. However, this field is optional, and there is no requirement for any user to give a real name. Users under 13 should not give their real name. Information from our server logs may be stored and used to gather aggregate data about users, and used to determine whether the identity of one or more users is the same in cases of abuse. This data includes your IP address, and details about your browser. Your browser must permit cookies to be set (by *.CompleteNoobs.com) in order for you to log in to www.CompleteNoobs.com. If you do not make an account on any wiki, there is no necessity to accept cookie requests from this site. Pages created and Edited by users will show the username, user's IP address in the page history of the article they edited, and also in other places on the site, including watchlists and recent changes, and in any external feeds made of such pages. ==Links to other sites== CompleteNoobs.com may contain links to other sites that are not owned or controlled by CompleteNoobs.com. Please be aware that CompleteNoobs.com is not responsible for the privacy practices of such other sites. We encourage you to be aware when you leave our site and to read the privacy statements of each and every web site that collects personally identifiable information. ==Information sharing== CompleteNoobs.com will not sell or share private information, such as email addresses, with third parties, unless you agree to release this information, or it is required by law to release the information. ==CompleteNoobs.com content== CompleteNoobs.com takes no responsibility for the content uploaded by third parties. CompleteNoobs.com's staff will act to remove copyright violations in a timely manner following the receipt of a DMCA takedown request. CompleteNoobs.com wikis are provided "as is". CompleteNoobs.com has no responsibility for lack of availability of any wiki or of any particular content. You should be aware that the wikis are editable by the public, and, as such, may contain inappropriate content at any time. Any use you make of content hosted by CompleteNoobs.com must be in line with the terms of that wiki's license. Any content you upload or post to any CompleteNoobs.com wiki must be compatible with the relevant license, and not violate another person's intellectual property or infringe on any copyright, patent, trademark, trade secret, or other proprietary rights. No content shall be added which violates any applicable law, including local, state, national, and international laws. No content shall be added to any wiki hosted by CompleteNoobs.com that is tortious, threatening, harmful, hateful, unlawful, libelous, defamatory, harassing, abusive, fraudulent, contains viruses, or is otherwise objectionable or potentially damaging, as reasonably determined by CompleteNoobs.com. Hate sites shall not be created at CompleteNoobs.com. However, please be aware that wikis may still contain content of an adult nature, or content that you find offensive. All content on any wiki is the responsibility of the person who uploaded it or added it to a wiki page. CompleteNoobs.com does not control the content, and does not approve the content before it is published. Although they are not obliged to do so, CompleteNoobs.com, or its designees, have the right to remove any content for any reason, including violation of these terms of use. ==Security of information== CompleteNoobs.com makes '''no guarantee''' against unauthorized access to any information you provide. This information may be available to anyone with access to the servers. ==Private logging== Every time you visit a web page, you send a lot of information to the web server. Most web servers routinely maintain access logs with a portion of this information, which can be used to get an overall picture of what pages are popular, what other sites link to this one, and what web browsers people are using. It is not the intention of CompleteNoobs.com to use this information to keep track of legitimate users. These logs are used to produce the site statistics pages; the raw log data is not made public, and is normally discarded after about three weeks. Here's a sample of what's logged for one page view: <pre> 192.168.2.3 - - [28/Aug/2007:02:03:19 +0000] "GET /wiki/Privacy policy HTTP/1.1" 200 18084 "http://www.completenoobs.com/CompleteNoobs:Privacy_policy" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/85.7 (KHTML, like Gecko) Safari/85.5" </pre> Log data may be examined by server administrators in the course of solving technical problems and in tracking down badly-behaved web spiders that overwhelm the site. IP addresses of users, derived either from those logs or from records in the database, or through records in the database via the CheckUser feature are frequently used to correlate usernames and network addresses of edits in investigating abuse of the wiki, including the suspected use of malicious "sockpuppets" (duplicate accounts), vandalism, harassment of other users, or disruption of the wiki. ==E-mail== An eMail address is required to create an account on CompleteNoobs.com<br \> You can also choose to let others contact you by email through a link on your user or talk page.Also on your [[Special:Preferences|preferences]]<br \> Your email address is not revealed when other users contact you.<br \> Your address will not be revealed to them unless you respond, or possibly if the email bounces.<br \> You can remove your email address from your [[Special:Preferences|preferences]] at any time to prevent it being used.<br \> Data on users, such as the times at which they edited and the number of edits they have made are publicly available via "user contributions" lists, and in aggregated forms published by other users. ==Use of the CompleteNoobs sites== Use of websites hosted by CompleteNoobs.com is at your own risk. Users of this service may not act in a way on CompleteNoobs.com which would be harmful to minors. <br \>Users of this service may not impersonate any other person or entity without good reason. Users may not harass other users or collect or publish personal information about them without their permission. CompleteNoobs.com may terminate your use of the site, and administrators within each wiki may terminate your ability to edit the site. Commercial activities which have not been authorized by CompleteNoobs.com are not permitted on the site. You may not sell or otherwise commercially exploit the use of this service, or access to the service without approval. ==Disclaimer of warranties== Except in those jurisdictions which do not allow the exclusion of certain warranties, CompleteNoobs.com expressly disclaims all warranties of any kind and shall not be liable for any damages or losses whether directly or indirectly related to your use of this site or its content. ==Legal action== You agree to indemnify CompleteNoobs.com, its staff and users from any liability relating to your use of this site, or its content. ==Severability== If any term, condition or clause of these terms of use is found to be invalid then the remaining terms, conditions and clauses, shall remain valid. q9pyp5kptjaskw56eqp431rt05zhjai 41 27 2023-03-01T21:34:21Z Noob 1 Protected "[[CompleteNoobs:Privacy policy]]" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) 27 wikitext text/x-wiki <!-- We are taking help from http://www.shoutwiki.com/ to speed this up. --> {{:LICENCE_HEADER_CC_BY-SA}} ==Summary== If you only read CompleteNoobs.com, no more information is collected than is typically collected in server logs by web sites in general. If you contribute to CompleteNoobs.com, you are publishing every word you post publicly. If you write something, assume that it will be retained forever. This includes content pages, user pages and talk pages. ==Cookies== A cookie is a small text file that is stored on a user's computer for record-keeping purposes. We do use cookies on our site. CompleteNoobs.com may use both session ID cookies and persistent cookies. We use session cookies to make it easier for you to navigate our site. A session cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove persistent cookies by following directions provided in your Internet browser's help file. When you login you may select the "Remember me" check box to set a persistent cookie to store your user name and password, so you don't have to enter it more than once. You can remove the session ID cookie by clicking the "log out" link. ==Collection of personal information== User information is stored on servers in the United Kingdom. The only information that you need give is a username, password and eMail address. The username does not need to be your real name. Therefore, any personal information you choose to give is not compulsory. No personal information should be given on the wiki by persons aged less than 13 years. If you choose to enter a real name in your preferences, this will be publicly available. However, this field is optional, and there is no requirement for any user to give a real name. Users under 13 should not give their real name. Information from our server logs may be stored and used to gather aggregate data about users, and used to determine whether the identity of one or more users is the same in cases of abuse. This data includes your IP address, and details about your browser. Your browser must permit cookies to be set (by *.CompleteNoobs.com) in order for you to log in to www.CompleteNoobs.com. If you do not make an account on any wiki, there is no necessity to accept cookie requests from this site. Pages created and Edited by users will show the username, user's IP address in the page history of the article they edited, and also in other places on the site, including watchlists and recent changes, and in any external feeds made of such pages. ==Links to other sites== CompleteNoobs.com may contain links to other sites that are not owned or controlled by CompleteNoobs.com. Please be aware that CompleteNoobs.com is not responsible for the privacy practices of such other sites. We encourage you to be aware when you leave our site and to read the privacy statements of each and every web site that collects personally identifiable information. ==Information sharing== CompleteNoobs.com will not sell or share private information, such as email addresses, with third parties, unless you agree to release this information, or it is required by law to release the information. ==CompleteNoobs.com content== CompleteNoobs.com takes no responsibility for the content uploaded by third parties. CompleteNoobs.com's staff will act to remove copyright violations in a timely manner following the receipt of a DMCA takedown request. CompleteNoobs.com wikis are provided "as is". CompleteNoobs.com has no responsibility for lack of availability of any wiki or of any particular content. You should be aware that the wikis are editable by the public, and, as such, may contain inappropriate content at any time. Any use you make of content hosted by CompleteNoobs.com must be in line with the terms of that wiki's license. Any content you upload or post to any CompleteNoobs.com wiki must be compatible with the relevant license, and not violate another person's intellectual property or infringe on any copyright, patent, trademark, trade secret, or other proprietary rights. No content shall be added which violates any applicable law, including local, state, national, and international laws. No content shall be added to any wiki hosted by CompleteNoobs.com that is tortious, threatening, harmful, hateful, unlawful, libelous, defamatory, harassing, abusive, fraudulent, contains viruses, or is otherwise objectionable or potentially damaging, as reasonably determined by CompleteNoobs.com. Hate sites shall not be created at CompleteNoobs.com. However, please be aware that wikis may still contain content of an adult nature, or content that you find offensive. All content on any wiki is the responsibility of the person who uploaded it or added it to a wiki page. CompleteNoobs.com does not control the content, and does not approve the content before it is published. Although they are not obliged to do so, CompleteNoobs.com, or its designees, have the right to remove any content for any reason, including violation of these terms of use. ==Security of information== CompleteNoobs.com makes '''no guarantee''' against unauthorized access to any information you provide. This information may be available to anyone with access to the servers. ==Private logging== Every time you visit a web page, you send a lot of information to the web server. Most web servers routinely maintain access logs with a portion of this information, which can be used to get an overall picture of what pages are popular, what other sites link to this one, and what web browsers people are using. It is not the intention of CompleteNoobs.com to use this information to keep track of legitimate users. These logs are used to produce the site statistics pages; the raw log data is not made public, and is normally discarded after about three weeks. Here's a sample of what's logged for one page view: <pre> 192.168.2.3 - - [28/Aug/2007:02:03:19 +0000] "GET /wiki/Privacy policy HTTP/1.1" 200 18084 "http://www.completenoobs.com/CompleteNoobs:Privacy_policy" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/85.7 (KHTML, like Gecko) Safari/85.5" </pre> Log data may be examined by server administrators in the course of solving technical problems and in tracking down badly-behaved web spiders that overwhelm the site. IP addresses of users, derived either from those logs or from records in the database, or through records in the database via the CheckUser feature are frequently used to correlate usernames and network addresses of edits in investigating abuse of the wiki, including the suspected use of malicious "sockpuppets" (duplicate accounts), vandalism, harassment of other users, or disruption of the wiki. ==E-mail== An eMail address is required to create an account on CompleteNoobs.com<br \> You can also choose to let others contact you by email through a link on your user or talk page.Also on your [[Special:Preferences|preferences]]<br \> Your email address is not revealed when other users contact you.<br \> Your address will not be revealed to them unless you respond, or possibly if the email bounces.<br \> You can remove your email address from your [[Special:Preferences|preferences]] at any time to prevent it being used.<br \> Data on users, such as the times at which they edited and the number of edits they have made are publicly available via "user contributions" lists, and in aggregated forms published by other users. ==Use of the CompleteNoobs sites== Use of websites hosted by CompleteNoobs.com is at your own risk. Users of this service may not act in a way on CompleteNoobs.com which would be harmful to minors. <br \>Users of this service may not impersonate any other person or entity without good reason. Users may not harass other users or collect or publish personal information about them without their permission. CompleteNoobs.com may terminate your use of the site, and administrators within each wiki may terminate your ability to edit the site. Commercial activities which have not been authorized by CompleteNoobs.com are not permitted on the site. You may not sell or otherwise commercially exploit the use of this service, or access to the service without approval. ==Disclaimer of warranties== Except in those jurisdictions which do not allow the exclusion of certain warranties, CompleteNoobs.com expressly disclaims all warranties of any kind and shall not be liable for any damages or losses whether directly or indirectly related to your use of this site or its content. ==Legal action== You agree to indemnify CompleteNoobs.com, its staff and users from any liability relating to your use of this site, or its content. ==Severability== If any term, condition or clause of these terms of use is found to be invalid then the remaining terms, conditions and clauses, shall remain valid. q9pyp5kptjaskw56eqp431rt05zhjai 4 27 28 2023-03-01T20:49:22Z Noob 1 Created page with "Computer science should be open, free and reproducible. CompleteNoobs is a place to post and share tutorials, walk throughs and computer science courses and content, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: read edit/modify copy share freely. Affiliate links are not allowed inside the main wiki pages, but you can mention the service you are using. You can have a personal page which cont..." 28 wikitext text/x-wiki Computer science should be open, free and reproducible. CompleteNoobs is a place to post and share tutorials, walk throughs and computer science courses and content, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: read edit/modify copy share freely. Affiliate links are not allowed inside the main wiki pages, but you can mention the service you are using. You can have a personal page which contains affiliate links or funding links for your content, as well as links to your content and projects, a CV, and contact links as to what services you offer and prices charged for service. CompleteNoobs is created with the intention of being downloadable to your local computer, for offline use and which you can host freely on your own website. Give back to tutorials. When you were using a tutorial what else did you need to look up? Did you run into any bugs or errors? How did you fix it? k2df4r775iite02sv1ennkznpi9jpbb 42 28 2023-03-01T21:34:39Z Noob 1 Protected "[[CompleteNoobs:About]]" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) 28 wikitext text/x-wiki Computer science should be open, free and reproducible. CompleteNoobs is a place to post and share tutorials, walk throughs and computer science courses and content, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: read edit/modify copy share freely. Affiliate links are not allowed inside the main wiki pages, but you can mention the service you are using. You can have a personal page which contains affiliate links or funding links for your content, as well as links to your content and projects, a CV, and contact links as to what services you offer and prices charged for service. CompleteNoobs is created with the intention of being downloadable to your local computer, for offline use and which you can host freely on your own website. Give back to tutorials. When you were using a tutorial what else did you need to look up? Did you run into any bugs or errors? How did you fix it? k2df4r775iite02sv1ennkznpi9jpbb 125 42 2023-03-05T21:12:21Z Noob 1 125 wikitext text/x-wiki Computer science should be open, free and reproducible. CompleteNoobs is a place to post and share tutorials, walk throughs and computer science courses and content, that are created or released under a Libre Licence that allows for the following freedoms. The freedom to: * read * edit/modify * copy * share freely. CompleteNoobs is created with the intention of being downloadable to your local computer, for offline use and which you can host freely on your own website. Give back to tutorials. When you were using a tutorial what else did you need to look up? Did you run into any bugs or errors? How did you fix it? qar1fv8iwl8ziy0d2fikwpjw9rpvqdy 4 28 29 2023-03-01T20:52:51Z Noob 1 Created page with "Quote: William Walker Atkinson 1862-1932:<br \> <blockquote> If a thing is good, the greater publicity given it the greater the good.<br \> If a thing is evil, the brighter the searchlight turned upon it, the less danger is there attendant upon it.<br \> The danger of all evil lies in the darkness of concealment, not in the daylight of Publicity.<br \> "Turn on the light" has always been the watchword of progress and civilisation.<br \> </blockquote> Licence: Below text..." 29 wikitext text/x-wiki Quote: William Walker Atkinson 1862-1932:<br \> <blockquote> If a thing is good, the greater publicity given it the greater the good.<br \> If a thing is evil, the brighter the searchlight turned upon it, the less danger is there attendant upon it.<br \> The danger of all evil lies in the darkness of concealment, not in the daylight of Publicity.<br \> "Turn on the light" has always been the watchword of progress and civilisation.<br \> </blockquote> Licence: Below text is available under the Creative Commons Attribution-ShareAlike License. {{:LICENCE_HEADER_CC_BY-SA}} USE CompleteNoobs AT YOUR OWN RISK PLEASE BE AWARE THAT ANY INFORMATION YOU MAY FIND IN CompleteNoobs MAY BE INACCURATE, MISLEADING, DANGEROUS, ADDICTIVE, UNETHICAL OR ILLEGAL. Some information on CompleteNoobs may create an unreasonable risk for readers who choose to apply or use the information in their own activities or to promote the information for use by third parties. None of the authors, contributors, administrators, vandals, or anyone else connected with CompleteNoobs, in any way whatsoever, can be responsible for your use of the information contained in or linked from these web pages. Please take all steps necessary to ascertain that information you receive from CompleteNoobs is correct and has been verified. Check the references at the end of the article. Read the article's talk page and revision history to see if there are outstanding disputes over the contents of the article. Double-check all information with independent sources. If an article contains suggestions regarding dangerous, illegal or unethical activities, remember that anyone can post this information on CompleteNoobs. The authors may not be qualified to provide you with complete information or to inform you about adequate safety precautions and other measures to prevent injury, or other damage to your person, property or reputation. If you need specific advice (for example, medical, legal, financial, marital or risk management) please seek a professional licensed or knowledgeable in that area. CompleteNoobs is not uniformly peer reviewed; while readers may correct errors or remove erroneous suggestions, they have no legal duty to do so. All information found on the site is without any implied warranty of fitness for any purpose or use whatsoever. No consequential damages can be sought against CompleteNoobs, as it is a voluntary association of individuals formed to create freely licensed online educational, cultural and informational resources. This information is being given to you gratuitously and there is no agreement or understanding between you and CompleteNoobs regarding your use or modification of this information beyond the License the document/page was released under. DO NOT RELY UPON ANY INFORMATION FOUND IN CompleteNoobs WITHOUT INDEPENDENT VERIFICATION. q8qjyc80akr8mu22uhj9vzv9a0fja3p 43 29 2023-03-01T21:35:09Z Noob 1 Protected "[[CompleteNoobs:General disclaimer]]" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) 29 wikitext text/x-wiki Quote: William Walker Atkinson 1862-1932:<br \> <blockquote> If a thing is good, the greater publicity given it the greater the good.<br \> If a thing is evil, the brighter the searchlight turned upon it, the less danger is there attendant upon it.<br \> The danger of all evil lies in the darkness of concealment, not in the daylight of Publicity.<br \> "Turn on the light" has always been the watchword of progress and civilisation.<br \> </blockquote> Licence: Below text is available under the Creative Commons Attribution-ShareAlike License. {{:LICENCE_HEADER_CC_BY-SA}} USE CompleteNoobs AT YOUR OWN RISK PLEASE BE AWARE THAT ANY INFORMATION YOU MAY FIND IN CompleteNoobs MAY BE INACCURATE, MISLEADING, DANGEROUS, ADDICTIVE, UNETHICAL OR ILLEGAL. Some information on CompleteNoobs may create an unreasonable risk for readers who choose to apply or use the information in their own activities or to promote the information for use by third parties. None of the authors, contributors, administrators, vandals, or anyone else connected with CompleteNoobs, in any way whatsoever, can be responsible for your use of the information contained in or linked from these web pages. Please take all steps necessary to ascertain that information you receive from CompleteNoobs is correct and has been verified. Check the references at the end of the article. Read the article's talk page and revision history to see if there are outstanding disputes over the contents of the article. Double-check all information with independent sources. If an article contains suggestions regarding dangerous, illegal or unethical activities, remember that anyone can post this information on CompleteNoobs. The authors may not be qualified to provide you with complete information or to inform you about adequate safety precautions and other measures to prevent injury, or other damage to your person, property or reputation. If you need specific advice (for example, medical, legal, financial, marital or risk management) please seek a professional licensed or knowledgeable in that area. CompleteNoobs is not uniformly peer reviewed; while readers may correct errors or remove erroneous suggestions, they have no legal duty to do so. All information found on the site is without any implied warranty of fitness for any purpose or use whatsoever. No consequential damages can be sought against CompleteNoobs, as it is a voluntary association of individuals formed to create freely licensed online educational, cultural and informational resources. This information is being given to you gratuitously and there is no agreement or understanding between you and CompleteNoobs regarding your use or modification of this information beyond the License the document/page was released under. DO NOT RELY UPON ANY INFORMATION FOUND IN CompleteNoobs WITHOUT INDEPENDENT VERIFICATION. q8qjyc80akr8mu22uhj9vzv9a0fja3p 0 29 30 2023-03-01T21:11:24Z Noob 1 Created page with "Donation page" 30 wikitext text/x-wiki Donation page 6tpjy5faevhunkfbnjbamdbifdhbvtj 36 30 2023-03-01T21:22:54Z Noob 1 Protected "[[COMPLETENOOBS FUNDING]]" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) 30 wikitext text/x-wiki Donation page 6tpjy5faevhunkfbnjbamdbifdhbvtj 69 36 2023-03-03T01:15:54Z Noob 1 69 wikitext text/x-wiki Donation page Are Vultr Affiliate link, we receive $35 for every new unique paid user you refer and the user we refer receive $100 to test out the vultr platform*. More details on this affiliate offer can be found here: https://my.vultr.com/referral/special/ https://www.vultr.com/?ref=9053528-8H Please note! This code will be available for a limited time! 5iq2pm1m8471dta8ze48yw0gro48472 70 69 2023-03-03T01:16:14Z Noob 1 70 wikitext text/x-wiki Donation page Are Vultr Affiliate link, we receive $35 for every new unique paid user you refer and the user we refer receive $100 to test out the vultr platform*.<br> More details on this affiliate offer can be found here: https://my.vultr.com/referral/special/<br> https://www.vultr.com/?ref=9053528-8H<br> Please note! This code will be available for a limited time!<br> hvc8arukci0esbampt516v54gb20spm 71 70 2023-03-03T01:17:03Z Noob 1 71 wikitext text/x-wiki Donation page CompleteNoobs is currently hosted on Vultr.com Are Vultr Affiliate link, we receive $35 for every new unique paid user you refer and the user we refer receive $100 to test out the vultr platform*.<br> More details on this affiliate offer can be found here: https://my.vultr.com/referral/special/<br> https://www.vultr.com/?ref=9053528-8H<br> Please note! This code will be available for a limited time!<br> mcexxslfvua0y9x67pfcxxwife896cb 72 71 2023-03-03T01:18:00Z Noob 1 72 wikitext text/x-wiki Donation page CompleteNoobs is currently hosted on Vultr.com Are Vultr Affiliate link, we receive $35 for every new unique paid user you refer and the user we refer receive $100 to test out the vultr platform*(Unused portion of $100 credit expires after 14 days.).<br> More details on this affiliate offer can be found here: https://my.vultr.com/referral/special/<br> https://www.vultr.com/?ref=9053528-8H<br> Please note! This code will be available for a limited time!<br> roubix23oviiye9fpevf4ph5g94w694 158 72 2023-03-06T11:47:16Z Noob 1 158 wikitext text/x-wiki Site is currently looking at being 'NonCommercial' so not sure if can use affiliate links. hpmaac9upyro53fxsg2csuajipkqdbq 175 158 2023-03-11T00:19:54Z Noob 1 175 wikitext text/x-wiki If your looking for a good VPS service, been using <b>Vultr</b> for years and been very happy with there service so far (only one problem, lxd will not issue ip4 address on ubuntu 22.04, works fine on 22.04).<br> <code>https://www.vultr.com/?ref=9053528-8H</code> read <code>https://my.vultr.com/referral/special/</code> for more info on this referral offer. sw6dpwm55g5plp05s6i0z82u4lbd3pz 176 175 2023-03-11T00:20:19Z Noob 1 176 wikitext text/x-wiki If your looking for a good VPS service, been using <b>Vultr</b> for years and been very happy with there service so far (only one problem, lxd will not issue ip4 address on ubuntu 22.04, works fine on 20.04).<br> <code>https://www.vultr.com/?ref=9053528-8H</code> read <code>https://my.vultr.com/referral/special/</code> for more info on this referral offer. f1seeammt4zx8qziya6muhnwdhm3hat 179 176 2023-03-18T12:21:06Z Noob 1 179 wikitext text/x-wiki ==VPS services== ===Vultr.com=== If your looking for a good VPS service, been using <b>Vultr</b> for years and been very happy with there service so far. <br>A Referral link to Vultr's - Tell A Friend about Vultr and Earn up to $35 for referring clients!<br> <code>https://www.vultr.com/?ref=9053528-8H</code><br> * Duplicate accounts not eligible. Referred customer must link a valid credit card or Paypal method to be eligible for the $100 credit. Unused portion of $100 credit expires after 14 days.<br> 1bwuxvddc34apdmc14zs00pzmjwsjl3 180 179 2023-03-18T12:25:50Z Noob 1 /* Vultr.com */ 180 wikitext text/x-wiki ==VPS services== ===Vultr.com=== If your looking for a good VPS service, been using <b>Vultr</b> for years and been very happy with there service so far. <br>A Referral link to Vultr's - Tell A Friend about Vultr and Earn up to $35 for referring clients!<br> <code>https://www.vultr.com/?ref=9053528-8H</code><br> * Duplicate accounts not eligible. Referred customer must link a valid credit card or Paypal method to be eligible for the $100 credit. Unused portion of $100 credit expires after 14 days.<br> Note: you need account to view this page on vultr, sum up below:<br> 1. $35 earned for every new unique paid user you refer.<br> 2. The users you refer receive $100 to test out our platform*.<br> 3. Referred users must be active for 14+ days and use at least $35 in payments to be counted as verified sales.<br> 4. Payouts are finalized and issued on the business day following the 1st and 15th of each month.<br> 5. Your referral link below uniquely identifies your account. Use this code when linking to Vultr.com and start earning today!<br> 1fyc9fp6q9mk4czj8l6swed9wbkxq9t 181 180 2023-03-18T12:47:30Z Noob 1 /* VPS services */ 181 wikitext text/x-wiki ==VPS services== ===Vultr.com=== If your looking for a good VPS service, been using <b>Vultr</b> for years and been very happy with there service so far. <br>A Referral link to Vultr's - Tell A Friend about Vultr and Earn up to $35 for referring clients!<br> <code>https://www.vultr.com/?ref=9053528-8H</code><br> * Duplicate accounts not eligible. Referred customer must link a valid credit card or Paypal method to be eligible for the $100 credit. Unused portion of $100 credit expires after 14 days.<br> Note: you need account to view this page on vultr, sum up below:https://my.vultr.com/referral/special/<br> 1. $35 earned for every new unique paid user you refer.<br> 2. The users you refer receive $100 to test out our platform*.<br> 3. Referred users must be active for 14+ days and use at least $35 in payments to be counted as verified sales.<br> 4. Payouts are finalized and issued on the business day following the 1st and 15th of each month.<br> 5. Your referral link below uniquely identifies your account. Use this code when linking to Vultr.com and start earning today!<br> 3ojco14hd1835806ms2076hn037f4wu 406 181 2023-05-09T10:47:31Z Noob 1 406 wikitext text/x-wiki '''Our Mission''' At CompleteNoobs, we believe in making computer science education open, accessible, and free for everyone. Our goal is to create a comprehensive platform that provides resources, tutorials, and courseware to hobbyists, sysadmins, teachers, students, and anyone interested in the field. '''How Your Support Helps''' As a one-person team, working part-time to make ends meet while developing this project, your support means a lot. Your contributions will enable us to dedicate more time and resources to CompleteNoobs, ensuring that we can create a high-quality educational platform that benefits learners worldwide. ==Direct Bank transfer== Noblemage LTD <br> Account Number: <code>24243132</code><br> Sort Code: <code>60 05 37</code><br> BIC: <code>NWBKGB2L</code><br> IBAN: <code>GB44NWBK60053724243132</code><br> ==PayPal== <code>https://paypal.me/completenoobs</code> ==GoFundMe== <code>https://www.gofundme.com/manage/help-make-computer-science-education-open-free</code> ==VPS services with affiliate link== ===Vultr.com=== If you're looking for a reliable VPS service, we've been using <b>Vultr</b> for years and have been very happy with their service. By signing up through our referral link, you can also support CompleteNoobs. <br>A Referral link to Vultr's - Tell A Friend about Vultr and Earn up to $35 for referring clients!<br> <code>https://www.vultr.com/?ref=9053528-8H</code><br> * Duplicate accounts not eligible. Referred customer must link a valid credit card or Paypal method to be eligible for the $100 credit. Unused portion of $100 credit expires after 14 days.<br> Note: you need account to view this page on vultr, sum up below:https://my.vultr.com/referral/special/<br> 1. $35 earned for every new unique paid user you refer.<br> 2. The users you refer receive $100 to test out our platform*.<br> 3. Referred users must be active for 14+ days and use at least $35 in payments to be counted as verified sales.<br> 4. Payouts are finalized and issued on the business day following the 1st and 15th of each month.<br> 5. Your referral link below uniquely identifies your account. Use this code when linking to Vultr.com and start earning today!<br> p852pvm3af4olwhtw5bf7he6rhhc8ur 443 406 2023-06-13T09:55:05Z Noob 1 /* GoFundMe */ 443 wikitext text/x-wiki '''Our Mission''' At CompleteNoobs, we believe in making computer science education open, accessible, and free for everyone. Our goal is to create a comprehensive platform that provides resources, tutorials, and courseware to hobbyists, sysadmins, teachers, students, and anyone interested in the field. '''How Your Support Helps''' As a one-person team, working part-time to make ends meet while developing this project, your support means a lot. Your contributions will enable us to dedicate more time and resources to CompleteNoobs, ensuring that we can create a high-quality educational platform that benefits learners worldwide. ==Direct Bank transfer== Noblemage LTD <br> Account Number: <code>24243132</code><br> Sort Code: <code>60 05 37</code><br> BIC: <code>NWBKGB2L</code><br> IBAN: <code>GB44NWBK60053724243132</code><br> ==PayPal== <code>https://paypal.me/completenoobs</code> ==VPS services with affiliate link== ===Vultr.com=== If you're looking for a reliable VPS service, we've been using <b>Vultr</b> for years and have been very happy with their service. By signing up through our referral link, you can also support CompleteNoobs. <br>A Referral link to Vultr's - Tell A Friend about Vultr and Earn up to $35 for referring clients!<br> <code>https://www.vultr.com/?ref=9053528-8H</code><br> * Duplicate accounts not eligible. Referred customer must link a valid credit card or Paypal method to be eligible for the $100 credit. Unused portion of $100 credit expires after 14 days.<br> Note: you need account to view this page on vultr, sum up below:https://my.vultr.com/referral/special/<br> 1. $35 earned for every new unique paid user you refer.<br> 2. The users you refer receive $100 to test out our platform*.<br> 3. Referred users must be active for 14+ days and use at least $35 in payments to be counted as verified sales.<br> 4. Payouts are finalized and issued on the business day following the 1st and 15th of each month.<br> 5. Your referral link below uniquely identifies your account. Use this code when linking to Vultr.com and start earning today!<br> 2osa4ekyasxv6y59qdn1kfuyj1ijwpu 444 443 2023-06-21T12:08:48Z Noob 1 /* Direct Bank transfer */ 444 wikitext text/x-wiki '''Our Mission''' At CompleteNoobs, we believe in making computer science education open, accessible, and free for everyone. Our goal is to create a comprehensive platform that provides resources, tutorials, and courseware to hobbyists, sysadmins, teachers, students, and anyone interested in the field. '''How Your Support Helps''' As a one-person team, working part-time to make ends meet while developing this project, your support means a lot. Your contributions will enable us to dedicate more time and resources to CompleteNoobs, ensuring that we can create a high-quality educational platform that benefits learners worldwide. ==Direct Bank transfer== closed for now ==PayPal== <code>https://paypal.me/completenoobs</code> ==VPS services with affiliate link== ===Vultr.com=== If you're looking for a reliable VPS service, we've been using <b>Vultr</b> for years and have been very happy with their service. By signing up through our referral link, you can also support CompleteNoobs. <br>A Referral link to Vultr's - Tell A Friend about Vultr and Earn up to $35 for referring clients!<br> <code>https://www.vultr.com/?ref=9053528-8H</code><br> * Duplicate accounts not eligible. Referred customer must link a valid credit card or Paypal method to be eligible for the $100 credit. Unused portion of $100 credit expires after 14 days.<br> Note: you need account to view this page on vultr, sum up below:https://my.vultr.com/referral/special/<br> 1. $35 earned for every new unique paid user you refer.<br> 2. The users you refer receive $100 to test out our platform*.<br> 3. Referred users must be active for 14+ days and use at least $35 in payments to be counted as verified sales.<br> 4. Payouts are finalized and issued on the business day following the 1st and 15th of each month.<br> 5. Your referral link below uniquely identifies your account. Use this code when linking to Vultr.com and start earning today!<br> gy2to4v126ha88xl6vx4f260r5cixm9 445 444 2023-06-21T12:09:00Z Noob 1 /* PayPal */ 445 wikitext text/x-wiki '''Our Mission''' At CompleteNoobs, we believe in making computer science education open, accessible, and free for everyone. Our goal is to create a comprehensive platform that provides resources, tutorials, and courseware to hobbyists, sysadmins, teachers, students, and anyone interested in the field. '''How Your Support Helps''' As a one-person team, working part-time to make ends meet while developing this project, your support means a lot. Your contributions will enable us to dedicate more time and resources to CompleteNoobs, ensuring that we can create a high-quality educational platform that benefits learners worldwide. ==Direct Bank transfer== closed for now ==PayPal== closed for now ==VPS services with affiliate link== ===Vultr.com=== If you're looking for a reliable VPS service, we've been using <b>Vultr</b> for years and have been very happy with their service. By signing up through our referral link, you can also support CompleteNoobs. <br>A Referral link to Vultr's - Tell A Friend about Vultr and Earn up to $35 for referring clients!<br> <code>https://www.vultr.com/?ref=9053528-8H</code><br> * Duplicate accounts not eligible. Referred customer must link a valid credit card or Paypal method to be eligible for the $100 credit. Unused portion of $100 credit expires after 14 days.<br> Note: you need account to view this page on vultr, sum up below:https://my.vultr.com/referral/special/<br> 1. $35 earned for every new unique paid user you refer.<br> 2. The users you refer receive $100 to test out our platform*.<br> 3. Referred users must be active for 14+ days and use at least $35 in payments to be counted as verified sales.<br> 4. Payouts are finalized and issued on the business day following the 1st and 15th of each month.<br> 5. Your referral link below uniquely identifies your account. Use this code when linking to Vultr.com and start earning today!<br> ljvev5tv3i67avpqeajgt5p1iql5n0s 594 445 2025-06-26T12:41:59Z Noob 1 /* VPS services with affiliate link */ 594 wikitext text/x-wiki '''Our Mission''' At CompleteNoobs, we believe in making computer science education open, accessible, and free for everyone. Our goal is to create a comprehensive platform that provides resources, tutorials, and courseware to hobbyists, sysadmins, teachers, students, and anyone interested in the field. '''How Your Support Helps''' As a one-person team, working part-time to make ends meet while developing this project, your support means a lot. Your contributions will enable us to dedicate more time and resources to CompleteNoobs, ensuring that we can create a high-quality educational platform that benefits learners worldwide. ==Direct Bank transfer== closed for now ==PayPal== closed for now ==VPS services with affiliate link== ===Vultr.com=== If you're looking for a reliable VPS service, we've been using <b>Vultr</b> for years and have been very happy with their service. By signing up through our referral link, you can also support CompleteNoobs. * https://www.vultr.com/?ref=7704739 ikieo65epx82wp0aktpqkuky1qc215s 605 594 2025-07-07T12:33:53Z Noob 1 605 wikitext text/x-wiki Don't know what i don't know, still a noob.<br> Currently poking this with a stick - any idea's? ==VPS services with affiliate link== ===Vultr.com=== If you're looking for a reliable VPS service, we've been using <b>Vultr</b> for years and have been very happy with their service. By signing up through our referral link, you can also support CompleteNoobs. * https://www.vultr.com/?ref=7704739 a2uh8dfgd80pf18y6ldi6unprze6v4s 645 605 2025-08-29T09:13:50Z Noob 1 645 wikitext text/x-wiki Bitcoin: "19S2thMqbYhwB6doLYQamStkzEyuqZs5Yn" ==VPS services with affiliate link== ===Vultr.com=== If you're looking for a reliable VPS service, we've been using <b>Vultr</b> for years and have been very happy with their service. By signing up through our referral link, you can also support CompleteNoobs. * https://www.vultr.com/?ref=7704739 69sbwqa66d35ic8yzplhjwgwoba8t28 646 645 2025-08-29T10:23:13Z Noob 1 646 wikitext text/x-wiki Bitcoin: "19S2thMqbYhwB6doLYQamStkzEyuqZs5Yn" Eos: completenoob Hive: completenoobs ==VPS services with affiliate link== ===Vultr.com=== If you're looking for a reliable VPS service, we've been using <b>Vultr</b> for years and have been very happy with their service. By signing up through our referral link, you can also support CompleteNoobs. * https://www.vultr.com/?ref=7704739 8jkbqg4xx277oyzo8k8w0bn74mx30lf 647 646 2025-08-29T10:23:28Z Noob 1 647 wikitext text/x-wiki Bitcoin: "19S2thMqbYhwB6doLYQamStkzEyuqZs5Yn" Eos: completenoob Hive: completenoobs ==VPS services with affiliate link== ===Vultr.com=== If you're looking for a reliable VPS service, we've been using <b>Vultr</b> for years and have been very happy with their service. By signing up through our referral link, you can also support CompleteNoobs. * https://www.vultr.com/?ref=7704739 4ilsrdopjmewgdxj4n7p306us085z4x 4 30 31 2023-03-01T21:19:56Z Noob 1 Created page with "CompleteNoobs Only Wants Libre Licenced content on are site.<br \> If you find content that does not match a Libre Licence Please enter it in the [[Talk:CompleteNoobs:Copyright_Policy |Copyright Policy Discussion Page.]] We only accept Libre Licenced content!<br \> Please report any infringement of your copyright." 31 wikitext text/x-wiki CompleteNoobs Only Wants Libre Licenced content on are site.<br \> If you find content that does not match a Libre Licence Please enter it in the [[Talk:CompleteNoobs:Copyright_Policy |Copyright Policy Discussion Page.]] We only accept Libre Licenced content!<br \> Please report any infringement of your copyright. kin8wj79fpa753exn067o1ptn30vi65 34 31 2023-03-01T21:21:53Z Noob 1 34 wikitext text/x-wiki CompleteNoobs Only Wants Libre Licenced content on are site.<br \> If you find content that does not match a Libre Licence Please enter it in the [[CompleteNoobs_talk:Copyright_Policy |Copyright Policy Discussion Page.]] We only accept Libre Licenced content!<br \> Please report any infringement of your copyright. swrccpb472f3p21t5b497wysfuev3mp 35 34 2023-03-01T21:22:37Z Noob 1 Protected "[[CompleteNoobs:Copyright Policy]]" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) 34 wikitext text/x-wiki CompleteNoobs Only Wants Libre Licenced content on are site.<br \> If you find content that does not match a Libre Licence Please enter it in the [[CompleteNoobs_talk:Copyright_Policy |Copyright Policy Discussion Page.]] We only accept Libre Licenced content!<br \> Please report any infringement of your copyright. swrccpb472f3p21t5b497wysfuev3mp 5 31 32 2023-03-01T21:21:07Z Noob 1 Created page with "report any posts/pages infringing on copyright here:" 32 wikitext text/x-wiki report any posts/pages infringing on copyright here: rxzi0inrse7fy85fs9kqmqyi1fhyh3f 33 32 2023-03-01T21:21:23Z Noob 1 Protected "[[CompleteNoobs talk:Copyright Policy]]" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) 32 wikitext text/x-wiki report any posts/pages infringing on copyright here: rxzi0inrse7fy85fs9kqmqyi1fhyh3f 0 33 40 2023-03-01T21:33:55Z Noob 1 Created page with "{{:LICENCE_HEADER_CC_BY-SA}}<br \> Welcome to [https://www.completenoobs.com completenoobs.com]! Before you do anything on our wiki you must read and accept the following terms. '''PLEASE READ THESE TERMS OF USE CAREFULLY BEFORE USING THE SERVICES. BY ACCESSING THIS SITE OR USING ANY PART OF THE SITE OR ANY CONTENT OR SERVICES (AS EACH IS DEFINED BELOW) ON THE SITE, YOU AGREE TO BECOME BOUND BY THESE TERMS AND CONDITIONS. IF YOU DO NOT AGREE TO ALL THE TERMS AND CONDIT..." 40 wikitext text/x-wiki {{:LICENCE_HEADER_CC_BY-SA}}<br \> Welcome to [https://www.completenoobs.com completenoobs.com]! Before you do anything on our wiki you must read and accept the following terms. '''PLEASE READ THESE TERMS OF USE CAREFULLY BEFORE USING THE SERVICES. BY ACCESSING THIS SITE OR USING ANY PART OF THE SITE OR ANY CONTENT OR SERVICES (AS EACH IS DEFINED BELOW) ON THE SITE, YOU AGREE TO BECOME BOUND BY THESE TERMS AND CONDITIONS. IF YOU DO NOT AGREE TO ALL THE TERMS AND CONDITIONS, THEN YOU MAY NOT ACCESS THE SITE OR USE THE CONTENT OR ANY SERVICES IN THE SITE. COMPLETENOOBS ACCEPTANCE IS EXPRESSLY CONDITIONED UPON YOUR ASSENT TO ALL OF THESE TERMS AND CONDITIONS, TO THE EXCLUSION OF ALL OTHER TERMS; IF THESE TERMS AND CONDITIONS ARE CONSIDERED AN OFFER BY COMPLETENOOBS ACCEPTANCE IS EXPRESSLY LIMITED TO THESE TERMS.''' ==Modifications of Terms of Use== CompleteNoobs.com reserves the right, at its sole discretion, to modify or replace the Terms of Use at any time. If the alterations constitute a material change to the Terms of Use, CompleteNoobs.com will notify you by posting an announcement on the Site or on the mailing list. What constitutes a "material change" will be determined at CompleteNoobs sole discretion, in good faith and using common sense and reasonable judgment. You shall be responsible for reviewing and becoming familiar with any such modifications. Use of the Services by you following such notification constitutes your acceptance of the terms and conditions of the Terms of Use as modified. ==Services== Not sure what to write here - we just want to host and share libre licenced Computer Science Content, that can be downloaded and shared by others freely.! CompleteNoobs.com content is available to anyone on the Internet for both entertainment and information. ==Content== CompleteNoobs.com is a Wiki for Libre Licenced Computer Science Content, and takes no responsibility for the content uploaded by third parties. CompleteNoobs.com wiki is provided "as is". CompleteNoobs.com has no responsibility for lack of availability of any wiki or of any particular content. You should be aware that the wikis are editable by the public, and, as such, may contain inappropriate content at any time. Any use you make of content hosted by CompleteNoobs.com must be in line with the terms of that wiki's license. Any content you upload or post to any CompleteNoobs.com wiki must be compatible with the relevant license, not violate another person's intellectual property or infringe on any copyright, patent, trademark, trade secret, or other proprietary rights. No content shall be added which violates any applicable law, including local, state, national, and international laws. You understand that CompleteNoobs.com does not control, and is not responsible for Content made available through the Service, and that by using the Service, you may be exposed to Content that is offensive, indecent, inaccurate, misleading, or otherwise objectionable. Furthermore, under no circumstances will CompleteNoobs.com be liable in any way for any Content or for any loss or damage of any kind incurred as a result of the use of any Content posted, emailed or otherwise made available via the Service. You agree that you will not make any changes to CompleteNoobs.com that is in breach of the [[Content Policy]] and will make efforts to remove or report any content which may be in breach of such conditions as described in the policy. You acknowledge that CompleteNoobs.com does not pre-screen or approve Content, but that CompleteNoobs.com shall have the right (but not the obligation) in its sole discretion to refuse, delete or move any Content that is available via the Service, for violating the Terms of use or for any other reason. ==Indemnity== You will indemnify and hold harmless CompleteNoobs.com, its parents, subsidiaries, affiliates, customers, vendors, officers and employees from any liability, damage or cost (including reasonable attorneys. fees and cost) from (i) any claim or demand made by any third party due to or arising out of your access to the Site, use of the Services, violation of the Terms of Use by you, or the infringement by you, or any third party using your account or User ID, of any intellectual property or other right of any person or entity. ==Warranty Disclaimers== You acknowledge that CompleteNoobs.com has no control over, and no duty to take any action regarding: which users gain access to the Site or use the Services; what effects the Content may have on you; how you may interpret or use the Content; or what actions you may take as a result of having been exposed to the Content. You release CompleteNoobs.com from all liability for you having acquired or not acquired Content through the Site or the Services. The Site or Services may contain, or direct you to sites containing, information that some people may find offensive or inappropriate. CompleteNoobs.com makes no representations concerning any content contained in or accessed through the Site or Services, and CompleteNoobs.com will not be responsible or liable for the accuracy, copyright compliance, legality or decency of material contained in or accessed through the Site or the Services. THE SERVICE, CONTENT, AND SITE ARE PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. SOME STATES DO NOT ALLOW LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY LASTS, SO THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU. ==Changes to wikis== CompleteNoobs.com reserves the right to close, move, merge, or rename, a wiki for any reason. CompleteNoobs.com shall not be held liable for any modification, suspension or discontinuance of any wiki, or of the service as a whole. ==Advertising== CompleteNoobs.com Advertising and funding page can be found [[COMPLETENOOBS_FUNDING | HERE]]<br \> No Advertising allowed on the Main Wiki pages.<br \> You are allowed to mention which service you used and where to find, but No Affiliate Links are allowed in main wiki pages.<br \> You can open a personal user page <code>index.php/User:<$WIKI_USERNAME></code> where you can place your donations and affiliate links, and links to your other works.<br \> CompleteNoobs.com takes no responsibility for the content of externally provided advertising. The content of advertisements may be protected by copyrights, or other proprietary rights and laws, and should not be assumed to be available under the terms of any free content license. CompleteNoobs.com will never host pop-up adverts. ==Links== The Services may provide, or third parties may provide, links to other World Wide Web sites or resources. Because CompleteNoobs.com has no control over such sites and resources, you acknowledge and agree that CompleteNoobs.com is not responsible for the availability of such external sites or resources, and does not endorse and is not responsible or liable for any Content, advertising, products or other materials on or available from such sites or resources. You further acknowledge and agree that CompleteNoobs.com shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such Content, goods or services available on or through any such site or resource. ==Copyright Complaints== We respect the intellectual property rights of others and we prohibit users from uploading, posting or otherwise transmitting on the CompleteNoobs.com website or service any materials that violate another party's intellectual property rights. When we receive proper Notification of Alleged Copyright Infringement as described in our [[CompleteNoobs:Copyright_Policy|Copyright Policy]], we promptly remove or disable access to the allegedly infringing material and terminate the accounts of repeat infringers as described herein in accordance with the Digital Millenium Copyright Act. If you believe that any material on the Site infringes upon any copyright which you own or control, you may send a written notification of such infringement to our [[Talk:CompleteNoobs:Copyright_Policy |Copyright Policy Discussion Page.]]. Please see our [[CompleteNoobs:Copyright_Policy Policy|Copyright Policy]] for more information on how to report infringement of your copyright. ==User Disputes== You are solely responsible for your interactions with other CompleteNoobs users. We reserve the right, but have no obligation, to monitor disputes between you and other users. ==Collection of personal information== User information is stored on servers in the United Kingdom and other countries. The Only information you need to give to sign up is a UserName, Password and eMail address. he username does not need to be your real name. Therefore, any personal information you choose to give is not compulsory. CompleteNoobs sites are not intended for, and may not be used by, children under the age of 13 years old. You may change your email in your user preferences. If you choose to enter a real name in your preferences, this will be publicly available. However, this field is optional, and there is no requirement for any user to give a real name. Information from our server logs may be stored and used to gather aggregate data about users, and used to determine whether the identity of one or more users is the same in cases of abuse. This data includes your IP address, and details about your browser. Your browser must permit cookies to be set (by *.CompleteNoobs.com) in order for you to log in to CompleteNoobs.com. If you do not make an account on any wiki, you need not accept cookie requests from this site. Pages created and Edited by users will show the username, user's IP address in the page history of the article they edited, and also in other places on the site, including watchlists and recent changes, and in any external feeds made of such pages. ===Data Collected by apache server and fail2ban=== The type of info stored on apache2 access logs <div class="toccolours mw-collapsible mw-collapsed"> Example of The type of Data stored on apache2 access logs<br \> Time, Date, IP address, OS, Browser Used, Action done. <div class="mw-collapsible-content"> <pre> 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /index.php/Main_Page HTTP/1.1" 200 15063 "https://10.3.45.200/index.php?title=MediaWiki:Shoutwiki-loginform-tos&action=edit" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /load.php?lang=en-gb&modules=ext.pageNotice%7Cjquery.makeCollapsible.styles%7Cjquery.tablesorter.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9251 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:55:01 +0000] "GET /index.php/User:Testin HTTP/1.1" 200 5168 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:55:02 +0000] "GET /load.php?lang=en-gb&modules=skins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 8414 "https://10.3.45.200/index.php/User:Testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /index.php/User:Greenadmin HTTP/1.1" 200 9723 "https://10.3.45.200/index.php?title=MediaWiki:Shoutwiki-loginform-tos&action=edit" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /load.php?lang=en-gb&modules=skins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 8414 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.notification%2CvisibleTimeout&skin=vector&version=1v0pl HTTP/1.1" 200 9100 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "POST /api.php HTTP/1.1" 200 984 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "GET /index.php?title=Special:UserLogout&returnto=User%3AGreenadmin HTTP/1.1" 200 3788 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /index.php?title=Special:UserLogin&returnto=User%3AGreenadmin HTTP/1.1" 200 4556 "https://10.3.45.200/index.php?title=Special:UserLogout&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.htmlform.styles%7Cmediawiki.special.userlogin.common.styles%7Cmediawiki.special.userlogin.login.styles%7Cmediawiki.ui%7Cmediawiki.ui.button%2Ccheckbox%2Cinput%2Cradio%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10621 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&safemode=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:40 +0000] "POST /index.php?title=Special:UserLogin&returnto=User:Greenadmin HTTP/1.1" 302 1492 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:40 +0000] "GET /index.php/User:Greenadmin HTTP/1.1" 200 4471 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:47 +0000] "GET /index.php/Special:SpecialPages HTTP/1.1" 200 6257 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:47 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9983 "https://10.3.45.200/index.php/Special:SpecialPages" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:51 +0000] "GET /index.php/Special:UserRights HTTP/1.1" 200 4184 "https://10.3.45.200/index.php/Special:SpecialPages" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:53 +0000] "GET /api.php?action=query&format=json&formatversion=2&list=allusers&auprefix=Test&aulimit=10 HTTP/1.1" 200 655 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:54 +0000] "GET /api.php?action=query&format=json&formatversion=2&list=allusers&auprefix=Testin&aulimit=10 HTTP/1.1" 200 655 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:55 +0000] "GET /index.php?title=Special%3AUserRights&user=testin HTTP/1.1" 200 5769 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:56 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cmediawiki.interface.helpers.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10181 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "POST /index.php/Special:UserRights HTTP/1.1" 302 1128 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cmediawiki.interface.helpers.styles%7Cmediawiki.notification.convertmessagebox.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10536 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "GET /index.php/Special:UserRights/testin HTTP/1.1" 200 5832 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:07 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.searchSuggest&skin=vector&version=4itwt HTTP/1.1" 200 7618 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:09 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=c&namespace=0&limit=10 HTTP/1.1" 200 597 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:10 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=cop&namespace=0&limit=10 HTTP/1.1" 200 600 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:10 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copy&namespace=0&limit=10 HTTP/1.1" 200 601 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyr&namespace=0&limit=10 HTTP/1.1" 200 575 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyri&namespace=0&limit=10 HTTP/1.1" 200 5879 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyright&namespace=0&limit=10 HTTP/1.1" 200 606 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:12 +0000] "GET /index.php?search=copyright&title=Special%3ASearch&go=Go HTTP/1.1" 200 7130 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:12 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%2Cui%7Cmediawiki.special.search.styles%7Cmediawiki.ui.button%2Cinput%7Cmediawiki.widgets.SearchInputWidget.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 21313 "https://10.3.45.200/index.php?search=copyright&title=Special%3ASearch&go=Go" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:14 +0000] "GET /index.php?title=Copyright&action=edit&redlink=1 HTTP/1.1" 200 6405 "https://10.3.45.200/index.php?search=copyright&title=Special%3ASearch&go=Go" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:14 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.action.edit.styles%7Cmediawiki.editfont.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 18053 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "POST /api.php HTTP/1.1" 200 1140 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "POST /index.php?title=Copyright&action=submit HTTP/1.1" 302 1276 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "GET /index.php/Copyright HTTP/1.1" 200 8086 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "GET /load.php?lang=en-gb&modules=ext.pageNotice%7Cjquery.makeCollapsible.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9104 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:42 +0000] "GET /resources/src/mediawiki.action/images/check-success.svg?116d2 HTTP/1.1" 200 607 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:43 +0000] "GET /index.php?title=Copyright&action=protect HTTP/1.1" 200 6673 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:44 +0000] "GET /load.php?lang=en-gb&modules=jquery%2Coojs%2Coojs-ui-core%2Csite%7Cjquery.client%2ClengthLimit%7Cmediawiki.String%2CTitle%2Capi%2Cbase%2Ccldr%2Chtmlform%2CjqueryMsg%2Clanguage%2Cutil%7Cmediawiki.action.protect%7Cmediawiki.htmlform.ooui%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready%7Cmediawiki.page.watch.ajax%7Cskins.vector.legacy.js%7Cuser.defaults&skin=vector&version=ibd6y HTTP/1.1" 200 499559 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:44 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.action.styles%7Cmediawiki.htmlform.ooui.styles%7Cmediawiki.htmlform.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 18758 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:49 +0000] "POST /index.php?title=Copyright&action=protect HTTP/1.1" 302 1112 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:50 +0000] "GET /index.php/Copyright HTTP/1.1" 200 7941 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:53 +0000] "POST /api.php HTTP/1.1" 200 984 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:53 +0000] "GET /index.php?title=Special:UserLogout&returnto=Copyright HTTP/1.1" 200 3747 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:55 +0000] "GET /index.php?title=Special:UserLogin&returnto=Copyright HTTP/1.1" 200 4548 "https://10.3.45.200/index.php?title=Special:UserLogout&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:03 +0000] "POST /index.php?title=Special:UserLogin&returnto=Copyright HTTP/1.1" 302 1482 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:04 +0000] "GET /index.php/Copyright HTTP/1.1" 200 7824 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:07 +0000] "GET /index.php?title=Talk:Copyright&action=edit&redlink=1 HTTP/1.1" 200 6396 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "POST /api.php HTTP/1.1" 200 1140 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "POST /index.php?title=Talk:Copyright&action=submit HTTP/1.1" 302 1281 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "GET /index.php/Talk:Copyright HTTP/1.1" 200 5164 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example of data stored in Apache error logs:<br \> Date, Time, IP address and port, Action <div class="mw-collapsible-content"> <pre> [Fri Jul 23 04:25:43.125317 2021] [php7:error] [pid 7609] [client 93.157.23.18:55862] script '/var/www/html/mediawiki/c99.php' not found or unable to stat [Fri Jul 23 04:25:43.131058 2021] [php7:error] [pid 7608] [client 93.157.23.18:55852] script '/var/www/html/mediawiki/c99.php' not found or unable to stat </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example of Fail2ban.log data:<br \> Date, Time, IP address <div class="mw-collapsible-content"> <pre> 2021-07-27 12:06:31,021 fail2ban.filter [331]: INFO [mediawiki] Found 10.3.45.1 - 2021-07-27 12:06:31 2021-07-27 12:06:31,291 fail2ban.actions [331]: NOTICE [mediawiki] Ban 10.3.45.1 2021-07-27 12:07:21,629 fail2ban.actions [324]: NOTICE [mediawiki] Restore Ban 10.3.45.1 2021-07-27 12:10:01,086 fail2ban.actions [324]: NOTICE [mediawiki] Unban 10.3.45.1 </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example in Fail2Log.log:<br \> IP address, Date, Time, Username used <div class="mw-collapsible-content"> <pre> Failed:10.3.45.1 2021-07-27 11:16:07 UTC greenadmin Failed:10.3.45.1 2021-07-27 11:16:15 UTC greenadmin Failed:10.3.45.1 2021-07-27 11:16:50 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:05:59 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:11 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:15 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:23 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:31 UTC greenadmin </pre> </div> </div> ==Submissions== You acknowledge and agree that any questions, comments, suggestions, ideas, feedback or other information about the Site or the Service ("Submissions"), provided by you to CompleteNoobs.com are non-confidential and shall become the sole property of CompleteNoobs.com. CompleteNoobs.com shall own exclusive rights, including all intellectual property rights, and shall be entitled to the unrestricted use and dissemination of these Submissions for any purpose, commercial or otherwise, without acknowledgment or compensation to you. ==Termination== CompleteNoobs.com may terminate or suspend any and all Services and your user account immediately, without prior notice or liability, if you breach any of the terms or conditions of the Terms of Use. Upon termination of your account, your right to use the Services will immediately cease. If you wish to terminate your account, you may simply discontinue using the Services. All provisions of the Terms of Use which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability. ==Other== These Terms of Use constitute the entire agreement between you and CompleteNoobs.com regarding the use of the Site and/or the Service, superseding any prior agreements between you and CompleteNoobs.com relating to your use of the Site or the Service. The failure of CompleteNoobs.com to exercise or enforce any right or provision of these Terms of Use shall not constitute a waiver of such right or provision in that or any other instance. If any provision of this Agreement is held invalid, the remainder of this Agreement shall continue in full force and effect. If any provision of these Terms of Use shall be deemed unlawful, void or for any reason unenforceable, then that provision shall be deemed severable from these Terms of Use and shall not affect the validity and enforceability of any remaining provisions. ==Supremacy of English Language Terms of Use== Where a translation of these Terms of use is inconsistent with the English language version, the English language version shall prevail. pca9d70wszc9dnkkusge433fkvk6fb9 46 40 2023-03-01T22:27:39Z Noob 1 /* Copyright Complaints */ 46 wikitext text/x-wiki {{:LICENCE_HEADER_CC_BY-SA}}<br \> Welcome to [https://www.completenoobs.com completenoobs.com]! Before you do anything on our wiki you must read and accept the following terms. '''PLEASE READ THESE TERMS OF USE CAREFULLY BEFORE USING THE SERVICES. BY ACCESSING THIS SITE OR USING ANY PART OF THE SITE OR ANY CONTENT OR SERVICES (AS EACH IS DEFINED BELOW) ON THE SITE, YOU AGREE TO BECOME BOUND BY THESE TERMS AND CONDITIONS. IF YOU DO NOT AGREE TO ALL THE TERMS AND CONDITIONS, THEN YOU MAY NOT ACCESS THE SITE OR USE THE CONTENT OR ANY SERVICES IN THE SITE. COMPLETENOOBS ACCEPTANCE IS EXPRESSLY CONDITIONED UPON YOUR ASSENT TO ALL OF THESE TERMS AND CONDITIONS, TO THE EXCLUSION OF ALL OTHER TERMS; IF THESE TERMS AND CONDITIONS ARE CONSIDERED AN OFFER BY COMPLETENOOBS ACCEPTANCE IS EXPRESSLY LIMITED TO THESE TERMS.''' ==Modifications of Terms of Use== CompleteNoobs.com reserves the right, at its sole discretion, to modify or replace the Terms of Use at any time. If the alterations constitute a material change to the Terms of Use, CompleteNoobs.com will notify you by posting an announcement on the Site or on the mailing list. What constitutes a "material change" will be determined at CompleteNoobs sole discretion, in good faith and using common sense and reasonable judgment. You shall be responsible for reviewing and becoming familiar with any such modifications. Use of the Services by you following such notification constitutes your acceptance of the terms and conditions of the Terms of Use as modified. ==Services== Not sure what to write here - we just want to host and share libre licenced Computer Science Content, that can be downloaded and shared by others freely.! CompleteNoobs.com content is available to anyone on the Internet for both entertainment and information. ==Content== CompleteNoobs.com is a Wiki for Libre Licenced Computer Science Content, and takes no responsibility for the content uploaded by third parties. CompleteNoobs.com wiki is provided "as is". CompleteNoobs.com has no responsibility for lack of availability of any wiki or of any particular content. You should be aware that the wikis are editable by the public, and, as such, may contain inappropriate content at any time. Any use you make of content hosted by CompleteNoobs.com must be in line with the terms of that wiki's license. Any content you upload or post to any CompleteNoobs.com wiki must be compatible with the relevant license, not violate another person's intellectual property or infringe on any copyright, patent, trademark, trade secret, or other proprietary rights. No content shall be added which violates any applicable law, including local, state, national, and international laws. You understand that CompleteNoobs.com does not control, and is not responsible for Content made available through the Service, and that by using the Service, you may be exposed to Content that is offensive, indecent, inaccurate, misleading, or otherwise objectionable. Furthermore, under no circumstances will CompleteNoobs.com be liable in any way for any Content or for any loss or damage of any kind incurred as a result of the use of any Content posted, emailed or otherwise made available via the Service. You agree that you will not make any changes to CompleteNoobs.com that is in breach of the [[Content Policy]] and will make efforts to remove or report any content which may be in breach of such conditions as described in the policy. You acknowledge that CompleteNoobs.com does not pre-screen or approve Content, but that CompleteNoobs.com shall have the right (but not the obligation) in its sole discretion to refuse, delete or move any Content that is available via the Service, for violating the Terms of use or for any other reason. ==Indemnity== You will indemnify and hold harmless CompleteNoobs.com, its parents, subsidiaries, affiliates, customers, vendors, officers and employees from any liability, damage or cost (including reasonable attorneys. fees and cost) from (i) any claim or demand made by any third party due to or arising out of your access to the Site, use of the Services, violation of the Terms of Use by you, or the infringement by you, or any third party using your account or User ID, of any intellectual property or other right of any person or entity. ==Warranty Disclaimers== You acknowledge that CompleteNoobs.com has no control over, and no duty to take any action regarding: which users gain access to the Site or use the Services; what effects the Content may have on you; how you may interpret or use the Content; or what actions you may take as a result of having been exposed to the Content. You release CompleteNoobs.com from all liability for you having acquired or not acquired Content through the Site or the Services. The Site or Services may contain, or direct you to sites containing, information that some people may find offensive or inappropriate. CompleteNoobs.com makes no representations concerning any content contained in or accessed through the Site or Services, and CompleteNoobs.com will not be responsible or liable for the accuracy, copyright compliance, legality or decency of material contained in or accessed through the Site or the Services. THE SERVICE, CONTENT, AND SITE ARE PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. SOME STATES DO NOT ALLOW LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY LASTS, SO THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU. ==Changes to wikis== CompleteNoobs.com reserves the right to close, move, merge, or rename, a wiki for any reason. CompleteNoobs.com shall not be held liable for any modification, suspension or discontinuance of any wiki, or of the service as a whole. ==Advertising== CompleteNoobs.com Advertising and funding page can be found [[COMPLETENOOBS_FUNDING | HERE]]<br \> No Advertising allowed on the Main Wiki pages.<br \> You are allowed to mention which service you used and where to find, but No Affiliate Links are allowed in main wiki pages.<br \> You can open a personal user page <code>index.php/User:<$WIKI_USERNAME></code> where you can place your donations and affiliate links, and links to your other works.<br \> CompleteNoobs.com takes no responsibility for the content of externally provided advertising. The content of advertisements may be protected by copyrights, or other proprietary rights and laws, and should not be assumed to be available under the terms of any free content license. CompleteNoobs.com will never host pop-up adverts. ==Links== The Services may provide, or third parties may provide, links to other World Wide Web sites or resources. Because CompleteNoobs.com has no control over such sites and resources, you acknowledge and agree that CompleteNoobs.com is not responsible for the availability of such external sites or resources, and does not endorse and is not responsible or liable for any Content, advertising, products or other materials on or available from such sites or resources. You further acknowledge and agree that CompleteNoobs.com shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such Content, goods or services available on or through any such site or resource. ==Copyright Complaints== We respect the intellectual property rights of others and we prohibit users from uploading, posting or otherwise transmitting on the CompleteNoobs.com website or service any materials that violate another party's intellectual property rights. When we receive proper Notification of Alleged Copyright Infringement as described in our [[CompleteNoobs:Copyright_Policy|Copyright Policy]], we promptly remove or disable access to the allegedly infringing material and terminate the accounts of repeat infringers as described herein in accordance with the Digital Millenium Copyright Act. If you believe that any material on the Site infringes upon any copyright which you own or control, you may send a written notification of such infringement to our [[Talk:CompleteNoobs:Copyright_Policy |Copyright Policy Discussion Page.]]. Please see our [[CompleteNoobs:Copyright_Policy|Copyright Policy]] for more information on how to report infringement of your copyright. ==User Disputes== You are solely responsible for your interactions with other CompleteNoobs users. We reserve the right, but have no obligation, to monitor disputes between you and other users. ==Collection of personal information== User information is stored on servers in the United Kingdom and other countries. The Only information you need to give to sign up is a UserName, Password and eMail address. he username does not need to be your real name. Therefore, any personal information you choose to give is not compulsory. CompleteNoobs sites are not intended for, and may not be used by, children under the age of 13 years old. You may change your email in your user preferences. If you choose to enter a real name in your preferences, this will be publicly available. However, this field is optional, and there is no requirement for any user to give a real name. Information from our server logs may be stored and used to gather aggregate data about users, and used to determine whether the identity of one or more users is the same in cases of abuse. This data includes your IP address, and details about your browser. Your browser must permit cookies to be set (by *.CompleteNoobs.com) in order for you to log in to CompleteNoobs.com. If you do not make an account on any wiki, you need not accept cookie requests from this site. Pages created and Edited by users will show the username, user's IP address in the page history of the article they edited, and also in other places on the site, including watchlists and recent changes, and in any external feeds made of such pages. ===Data Collected by apache server and fail2ban=== The type of info stored on apache2 access logs <div class="toccolours mw-collapsible mw-collapsed"> Example of The type of Data stored on apache2 access logs<br \> Time, Date, IP address, OS, Browser Used, Action done. <div class="mw-collapsible-content"> <pre> 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /index.php/Main_Page HTTP/1.1" 200 15063 "https://10.3.45.200/index.php?title=MediaWiki:Shoutwiki-loginform-tos&action=edit" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /load.php?lang=en-gb&modules=ext.pageNotice%7Cjquery.makeCollapsible.styles%7Cjquery.tablesorter.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9251 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:55:01 +0000] "GET /index.php/User:Testin HTTP/1.1" 200 5168 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:55:02 +0000] "GET /load.php?lang=en-gb&modules=skins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 8414 "https://10.3.45.200/index.php/User:Testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /index.php/User:Greenadmin HTTP/1.1" 200 9723 "https://10.3.45.200/index.php?title=MediaWiki:Shoutwiki-loginform-tos&action=edit" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /load.php?lang=en-gb&modules=skins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 8414 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.notification%2CvisibleTimeout&skin=vector&version=1v0pl HTTP/1.1" 200 9100 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "POST /api.php HTTP/1.1" 200 984 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "GET /index.php?title=Special:UserLogout&returnto=User%3AGreenadmin HTTP/1.1" 200 3788 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /index.php?title=Special:UserLogin&returnto=User%3AGreenadmin HTTP/1.1" 200 4556 "https://10.3.45.200/index.php?title=Special:UserLogout&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.htmlform.styles%7Cmediawiki.special.userlogin.common.styles%7Cmediawiki.special.userlogin.login.styles%7Cmediawiki.ui%7Cmediawiki.ui.button%2Ccheckbox%2Cinput%2Cradio%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10621 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&safemode=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:40 +0000] "POST /index.php?title=Special:UserLogin&returnto=User:Greenadmin HTTP/1.1" 302 1492 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:40 +0000] "GET /index.php/User:Greenadmin HTTP/1.1" 200 4471 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:47 +0000] "GET /index.php/Special:SpecialPages HTTP/1.1" 200 6257 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:47 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9983 "https://10.3.45.200/index.php/Special:SpecialPages" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:51 +0000] "GET /index.php/Special:UserRights HTTP/1.1" 200 4184 "https://10.3.45.200/index.php/Special:SpecialPages" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:53 +0000] "GET /api.php?action=query&format=json&formatversion=2&list=allusers&auprefix=Test&aulimit=10 HTTP/1.1" 200 655 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:54 +0000] "GET /api.php?action=query&format=json&formatversion=2&list=allusers&auprefix=Testin&aulimit=10 HTTP/1.1" 200 655 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:55 +0000] "GET /index.php?title=Special%3AUserRights&user=testin HTTP/1.1" 200 5769 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:56 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cmediawiki.interface.helpers.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10181 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "POST /index.php/Special:UserRights HTTP/1.1" 302 1128 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cmediawiki.interface.helpers.styles%7Cmediawiki.notification.convertmessagebox.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10536 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "GET /index.php/Special:UserRights/testin HTTP/1.1" 200 5832 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:07 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.searchSuggest&skin=vector&version=4itwt HTTP/1.1" 200 7618 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:09 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=c&namespace=0&limit=10 HTTP/1.1" 200 597 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:10 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=cop&namespace=0&limit=10 HTTP/1.1" 200 600 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:10 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copy&namespace=0&limit=10 HTTP/1.1" 200 601 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyr&namespace=0&limit=10 HTTP/1.1" 200 575 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyri&namespace=0&limit=10 HTTP/1.1" 200 5879 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyright&namespace=0&limit=10 HTTP/1.1" 200 606 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:12 +0000] "GET /index.php?search=copyright&title=Special%3ASearch&go=Go HTTP/1.1" 200 7130 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:12 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%2Cui%7Cmediawiki.special.search.styles%7Cmediawiki.ui.button%2Cinput%7Cmediawiki.widgets.SearchInputWidget.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 21313 "https://10.3.45.200/index.php?search=copyright&title=Special%3ASearch&go=Go" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:14 +0000] "GET /index.php?title=Copyright&action=edit&redlink=1 HTTP/1.1" 200 6405 "https://10.3.45.200/index.php?search=copyright&title=Special%3ASearch&go=Go" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:14 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.action.edit.styles%7Cmediawiki.editfont.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 18053 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "POST /api.php HTTP/1.1" 200 1140 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "POST /index.php?title=Copyright&action=submit HTTP/1.1" 302 1276 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "GET /index.php/Copyright HTTP/1.1" 200 8086 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "GET /load.php?lang=en-gb&modules=ext.pageNotice%7Cjquery.makeCollapsible.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9104 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:42 +0000] "GET /resources/src/mediawiki.action/images/check-success.svg?116d2 HTTP/1.1" 200 607 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:43 +0000] "GET /index.php?title=Copyright&action=protect HTTP/1.1" 200 6673 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:44 +0000] "GET /load.php?lang=en-gb&modules=jquery%2Coojs%2Coojs-ui-core%2Csite%7Cjquery.client%2ClengthLimit%7Cmediawiki.String%2CTitle%2Capi%2Cbase%2Ccldr%2Chtmlform%2CjqueryMsg%2Clanguage%2Cutil%7Cmediawiki.action.protect%7Cmediawiki.htmlform.ooui%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready%7Cmediawiki.page.watch.ajax%7Cskins.vector.legacy.js%7Cuser.defaults&skin=vector&version=ibd6y HTTP/1.1" 200 499559 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:44 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.action.styles%7Cmediawiki.htmlform.ooui.styles%7Cmediawiki.htmlform.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 18758 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:49 +0000] "POST /index.php?title=Copyright&action=protect HTTP/1.1" 302 1112 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:50 +0000] "GET /index.php/Copyright HTTP/1.1" 200 7941 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:53 +0000] "POST /api.php HTTP/1.1" 200 984 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:53 +0000] "GET /index.php?title=Special:UserLogout&returnto=Copyright HTTP/1.1" 200 3747 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:55 +0000] "GET /index.php?title=Special:UserLogin&returnto=Copyright HTTP/1.1" 200 4548 "https://10.3.45.200/index.php?title=Special:UserLogout&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:03 +0000] "POST /index.php?title=Special:UserLogin&returnto=Copyright HTTP/1.1" 302 1482 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:04 +0000] "GET /index.php/Copyright HTTP/1.1" 200 7824 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:07 +0000] "GET /index.php?title=Talk:Copyright&action=edit&redlink=1 HTTP/1.1" 200 6396 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "POST /api.php HTTP/1.1" 200 1140 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "POST /index.php?title=Talk:Copyright&action=submit HTTP/1.1" 302 1281 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "GET /index.php/Talk:Copyright HTTP/1.1" 200 5164 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example of data stored in Apache error logs:<br \> Date, Time, IP address and port, Action <div class="mw-collapsible-content"> <pre> [Fri Jul 23 04:25:43.125317 2021] [php7:error] [pid 7609] [client 93.157.23.18:55862] script '/var/www/html/mediawiki/c99.php' not found or unable to stat [Fri Jul 23 04:25:43.131058 2021] [php7:error] [pid 7608] [client 93.157.23.18:55852] script '/var/www/html/mediawiki/c99.php' not found or unable to stat </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example of Fail2ban.log data:<br \> Date, Time, IP address <div class="mw-collapsible-content"> <pre> 2021-07-27 12:06:31,021 fail2ban.filter [331]: INFO [mediawiki] Found 10.3.45.1 - 2021-07-27 12:06:31 2021-07-27 12:06:31,291 fail2ban.actions [331]: NOTICE [mediawiki] Ban 10.3.45.1 2021-07-27 12:07:21,629 fail2ban.actions [324]: NOTICE [mediawiki] Restore Ban 10.3.45.1 2021-07-27 12:10:01,086 fail2ban.actions [324]: NOTICE [mediawiki] Unban 10.3.45.1 </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example in Fail2Log.log:<br \> IP address, Date, Time, Username used <div class="mw-collapsible-content"> <pre> Failed:10.3.45.1 2021-07-27 11:16:07 UTC greenadmin Failed:10.3.45.1 2021-07-27 11:16:15 UTC greenadmin Failed:10.3.45.1 2021-07-27 11:16:50 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:05:59 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:11 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:15 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:23 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:31 UTC greenadmin </pre> </div> </div> ==Submissions== You acknowledge and agree that any questions, comments, suggestions, ideas, feedback or other information about the Site or the Service ("Submissions"), provided by you to CompleteNoobs.com are non-confidential and shall become the sole property of CompleteNoobs.com. CompleteNoobs.com shall own exclusive rights, including all intellectual property rights, and shall be entitled to the unrestricted use and dissemination of these Submissions for any purpose, commercial or otherwise, without acknowledgment or compensation to you. ==Termination== CompleteNoobs.com may terminate or suspend any and all Services and your user account immediately, without prior notice or liability, if you breach any of the terms or conditions of the Terms of Use. Upon termination of your account, your right to use the Services will immediately cease. If you wish to terminate your account, you may simply discontinue using the Services. All provisions of the Terms of Use which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability. ==Other== These Terms of Use constitute the entire agreement between you and CompleteNoobs.com regarding the use of the Site and/or the Service, superseding any prior agreements between you and CompleteNoobs.com relating to your use of the Site or the Service. The failure of CompleteNoobs.com to exercise or enforce any right or provision of these Terms of Use shall not constitute a waiver of such right or provision in that or any other instance. If any provision of this Agreement is held invalid, the remainder of this Agreement shall continue in full force and effect. If any provision of these Terms of Use shall be deemed unlawful, void or for any reason unenforceable, then that provision shall be deemed severable from these Terms of Use and shall not affect the validity and enforceability of any remaining provisions. ==Supremacy of English Language Terms of Use== Where a translation of these Terms of use is inconsistent with the English language version, the English language version shall prevail. hoivkql3dt4g8m2sv4jr2cq4o71167n 51 46 2023-03-01T22:35:47Z Noob 1 Protected "[[Terms of Service]]" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) 46 wikitext text/x-wiki {{:LICENCE_HEADER_CC_BY-SA}}<br \> Welcome to [https://www.completenoobs.com completenoobs.com]! Before you do anything on our wiki you must read and accept the following terms. '''PLEASE READ THESE TERMS OF USE CAREFULLY BEFORE USING THE SERVICES. BY ACCESSING THIS SITE OR USING ANY PART OF THE SITE OR ANY CONTENT OR SERVICES (AS EACH IS DEFINED BELOW) ON THE SITE, YOU AGREE TO BECOME BOUND BY THESE TERMS AND CONDITIONS. IF YOU DO NOT AGREE TO ALL THE TERMS AND CONDITIONS, THEN YOU MAY NOT ACCESS THE SITE OR USE THE CONTENT OR ANY SERVICES IN THE SITE. COMPLETENOOBS ACCEPTANCE IS EXPRESSLY CONDITIONED UPON YOUR ASSENT TO ALL OF THESE TERMS AND CONDITIONS, TO THE EXCLUSION OF ALL OTHER TERMS; IF THESE TERMS AND CONDITIONS ARE CONSIDERED AN OFFER BY COMPLETENOOBS ACCEPTANCE IS EXPRESSLY LIMITED TO THESE TERMS.''' ==Modifications of Terms of Use== CompleteNoobs.com reserves the right, at its sole discretion, to modify or replace the Terms of Use at any time. If the alterations constitute a material change to the Terms of Use, CompleteNoobs.com will notify you by posting an announcement on the Site or on the mailing list. What constitutes a "material change" will be determined at CompleteNoobs sole discretion, in good faith and using common sense and reasonable judgment. You shall be responsible for reviewing and becoming familiar with any such modifications. Use of the Services by you following such notification constitutes your acceptance of the terms and conditions of the Terms of Use as modified. ==Services== Not sure what to write here - we just want to host and share libre licenced Computer Science Content, that can be downloaded and shared by others freely.! CompleteNoobs.com content is available to anyone on the Internet for both entertainment and information. ==Content== CompleteNoobs.com is a Wiki for Libre Licenced Computer Science Content, and takes no responsibility for the content uploaded by third parties. CompleteNoobs.com wiki is provided "as is". CompleteNoobs.com has no responsibility for lack of availability of any wiki or of any particular content. You should be aware that the wikis are editable by the public, and, as such, may contain inappropriate content at any time. Any use you make of content hosted by CompleteNoobs.com must be in line with the terms of that wiki's license. Any content you upload or post to any CompleteNoobs.com wiki must be compatible with the relevant license, not violate another person's intellectual property or infringe on any copyright, patent, trademark, trade secret, or other proprietary rights. No content shall be added which violates any applicable law, including local, state, national, and international laws. You understand that CompleteNoobs.com does not control, and is not responsible for Content made available through the Service, and that by using the Service, you may be exposed to Content that is offensive, indecent, inaccurate, misleading, or otherwise objectionable. Furthermore, under no circumstances will CompleteNoobs.com be liable in any way for any Content or for any loss or damage of any kind incurred as a result of the use of any Content posted, emailed or otherwise made available via the Service. You agree that you will not make any changes to CompleteNoobs.com that is in breach of the [[Content Policy]] and will make efforts to remove or report any content which may be in breach of such conditions as described in the policy. You acknowledge that CompleteNoobs.com does not pre-screen or approve Content, but that CompleteNoobs.com shall have the right (but not the obligation) in its sole discretion to refuse, delete or move any Content that is available via the Service, for violating the Terms of use or for any other reason. ==Indemnity== You will indemnify and hold harmless CompleteNoobs.com, its parents, subsidiaries, affiliates, customers, vendors, officers and employees from any liability, damage or cost (including reasonable attorneys. fees and cost) from (i) any claim or demand made by any third party due to or arising out of your access to the Site, use of the Services, violation of the Terms of Use by you, or the infringement by you, or any third party using your account or User ID, of any intellectual property or other right of any person or entity. ==Warranty Disclaimers== You acknowledge that CompleteNoobs.com has no control over, and no duty to take any action regarding: which users gain access to the Site or use the Services; what effects the Content may have on you; how you may interpret or use the Content; or what actions you may take as a result of having been exposed to the Content. You release CompleteNoobs.com from all liability for you having acquired or not acquired Content through the Site or the Services. The Site or Services may contain, or direct you to sites containing, information that some people may find offensive or inappropriate. CompleteNoobs.com makes no representations concerning any content contained in or accessed through the Site or Services, and CompleteNoobs.com will not be responsible or liable for the accuracy, copyright compliance, legality or decency of material contained in or accessed through the Site or the Services. THE SERVICE, CONTENT, AND SITE ARE PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. SOME STATES DO NOT ALLOW LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY LASTS, SO THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU. ==Changes to wikis== CompleteNoobs.com reserves the right to close, move, merge, or rename, a wiki for any reason. CompleteNoobs.com shall not be held liable for any modification, suspension or discontinuance of any wiki, or of the service as a whole. ==Advertising== CompleteNoobs.com Advertising and funding page can be found [[COMPLETENOOBS_FUNDING | HERE]]<br \> No Advertising allowed on the Main Wiki pages.<br \> You are allowed to mention which service you used and where to find, but No Affiliate Links are allowed in main wiki pages.<br \> You can open a personal user page <code>index.php/User:<$WIKI_USERNAME></code> where you can place your donations and affiliate links, and links to your other works.<br \> CompleteNoobs.com takes no responsibility for the content of externally provided advertising. The content of advertisements may be protected by copyrights, or other proprietary rights and laws, and should not be assumed to be available under the terms of any free content license. CompleteNoobs.com will never host pop-up adverts. ==Links== The Services may provide, or third parties may provide, links to other World Wide Web sites or resources. Because CompleteNoobs.com has no control over such sites and resources, you acknowledge and agree that CompleteNoobs.com is not responsible for the availability of such external sites or resources, and does not endorse and is not responsible or liable for any Content, advertising, products or other materials on or available from such sites or resources. You further acknowledge and agree that CompleteNoobs.com shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such Content, goods or services available on or through any such site or resource. ==Copyright Complaints== We respect the intellectual property rights of others and we prohibit users from uploading, posting or otherwise transmitting on the CompleteNoobs.com website or service any materials that violate another party's intellectual property rights. When we receive proper Notification of Alleged Copyright Infringement as described in our [[CompleteNoobs:Copyright_Policy|Copyright Policy]], we promptly remove or disable access to the allegedly infringing material and terminate the accounts of repeat infringers as described herein in accordance with the Digital Millenium Copyright Act. If you believe that any material on the Site infringes upon any copyright which you own or control, you may send a written notification of such infringement to our [[Talk:CompleteNoobs:Copyright_Policy |Copyright Policy Discussion Page.]]. Please see our [[CompleteNoobs:Copyright_Policy|Copyright Policy]] for more information on how to report infringement of your copyright. ==User Disputes== You are solely responsible for your interactions with other CompleteNoobs users. We reserve the right, but have no obligation, to monitor disputes between you and other users. ==Collection of personal information== User information is stored on servers in the United Kingdom and other countries. The Only information you need to give to sign up is a UserName, Password and eMail address. he username does not need to be your real name. Therefore, any personal information you choose to give is not compulsory. CompleteNoobs sites are not intended for, and may not be used by, children under the age of 13 years old. You may change your email in your user preferences. If you choose to enter a real name in your preferences, this will be publicly available. However, this field is optional, and there is no requirement for any user to give a real name. Information from our server logs may be stored and used to gather aggregate data about users, and used to determine whether the identity of one or more users is the same in cases of abuse. This data includes your IP address, and details about your browser. Your browser must permit cookies to be set (by *.CompleteNoobs.com) in order for you to log in to CompleteNoobs.com. If you do not make an account on any wiki, you need not accept cookie requests from this site. Pages created and Edited by users will show the username, user's IP address in the page history of the article they edited, and also in other places on the site, including watchlists and recent changes, and in any external feeds made of such pages. ===Data Collected by apache server and fail2ban=== The type of info stored on apache2 access logs <div class="toccolours mw-collapsible mw-collapsed"> Example of The type of Data stored on apache2 access logs<br \> Time, Date, IP address, OS, Browser Used, Action done. <div class="mw-collapsible-content"> <pre> 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /index.php/Main_Page HTTP/1.1" 200 15063 "https://10.3.45.200/index.php?title=MediaWiki:Shoutwiki-loginform-tos&action=edit" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /load.php?lang=en-gb&modules=ext.pageNotice%7Cjquery.makeCollapsible.styles%7Cjquery.tablesorter.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9251 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:55:01 +0000] "GET /index.php/User:Testin HTTP/1.1" 200 5168 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:55:02 +0000] "GET /load.php?lang=en-gb&modules=skins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 8414 "https://10.3.45.200/index.php/User:Testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /index.php/User:Greenadmin HTTP/1.1" 200 9723 "https://10.3.45.200/index.php?title=MediaWiki:Shoutwiki-loginform-tos&action=edit" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /load.php?lang=en-gb&modules=skins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 8414 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.notification%2CvisibleTimeout&skin=vector&version=1v0pl HTTP/1.1" 200 9100 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "POST /api.php HTTP/1.1" 200 984 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "GET /index.php?title=Special:UserLogout&returnto=User%3AGreenadmin HTTP/1.1" 200 3788 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /index.php?title=Special:UserLogin&returnto=User%3AGreenadmin HTTP/1.1" 200 4556 "https://10.3.45.200/index.php?title=Special:UserLogout&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.htmlform.styles%7Cmediawiki.special.userlogin.common.styles%7Cmediawiki.special.userlogin.login.styles%7Cmediawiki.ui%7Cmediawiki.ui.button%2Ccheckbox%2Cinput%2Cradio%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10621 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&safemode=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:40 +0000] "POST /index.php?title=Special:UserLogin&returnto=User:Greenadmin HTTP/1.1" 302 1492 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:40 +0000] "GET /index.php/User:Greenadmin HTTP/1.1" 200 4471 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:47 +0000] "GET /index.php/Special:SpecialPages HTTP/1.1" 200 6257 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:47 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9983 "https://10.3.45.200/index.php/Special:SpecialPages" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:51 +0000] "GET /index.php/Special:UserRights HTTP/1.1" 200 4184 "https://10.3.45.200/index.php/Special:SpecialPages" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:53 +0000] "GET /api.php?action=query&format=json&formatversion=2&list=allusers&auprefix=Test&aulimit=10 HTTP/1.1" 200 655 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:54 +0000] "GET /api.php?action=query&format=json&formatversion=2&list=allusers&auprefix=Testin&aulimit=10 HTTP/1.1" 200 655 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:55 +0000] "GET /index.php?title=Special%3AUserRights&user=testin HTTP/1.1" 200 5769 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:56 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cmediawiki.interface.helpers.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10181 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "POST /index.php/Special:UserRights HTTP/1.1" 302 1128 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cmediawiki.interface.helpers.styles%7Cmediawiki.notification.convertmessagebox.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10536 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "GET /index.php/Special:UserRights/testin HTTP/1.1" 200 5832 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:07 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.searchSuggest&skin=vector&version=4itwt HTTP/1.1" 200 7618 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:09 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=c&namespace=0&limit=10 HTTP/1.1" 200 597 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:10 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=cop&namespace=0&limit=10 HTTP/1.1" 200 600 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:10 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copy&namespace=0&limit=10 HTTP/1.1" 200 601 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyr&namespace=0&limit=10 HTTP/1.1" 200 575 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyri&namespace=0&limit=10 HTTP/1.1" 200 5879 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyright&namespace=0&limit=10 HTTP/1.1" 200 606 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:12 +0000] "GET /index.php?search=copyright&title=Special%3ASearch&go=Go HTTP/1.1" 200 7130 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:12 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%2Cui%7Cmediawiki.special.search.styles%7Cmediawiki.ui.button%2Cinput%7Cmediawiki.widgets.SearchInputWidget.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 21313 "https://10.3.45.200/index.php?search=copyright&title=Special%3ASearch&go=Go" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:14 +0000] "GET /index.php?title=Copyright&action=edit&redlink=1 HTTP/1.1" 200 6405 "https://10.3.45.200/index.php?search=copyright&title=Special%3ASearch&go=Go" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:14 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.action.edit.styles%7Cmediawiki.editfont.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 18053 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "POST /api.php HTTP/1.1" 200 1140 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "POST /index.php?title=Copyright&action=submit HTTP/1.1" 302 1276 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "GET /index.php/Copyright HTTP/1.1" 200 8086 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "GET /load.php?lang=en-gb&modules=ext.pageNotice%7Cjquery.makeCollapsible.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9104 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:42 +0000] "GET /resources/src/mediawiki.action/images/check-success.svg?116d2 HTTP/1.1" 200 607 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:43 +0000] "GET /index.php?title=Copyright&action=protect HTTP/1.1" 200 6673 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:44 +0000] "GET /load.php?lang=en-gb&modules=jquery%2Coojs%2Coojs-ui-core%2Csite%7Cjquery.client%2ClengthLimit%7Cmediawiki.String%2CTitle%2Capi%2Cbase%2Ccldr%2Chtmlform%2CjqueryMsg%2Clanguage%2Cutil%7Cmediawiki.action.protect%7Cmediawiki.htmlform.ooui%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready%7Cmediawiki.page.watch.ajax%7Cskins.vector.legacy.js%7Cuser.defaults&skin=vector&version=ibd6y HTTP/1.1" 200 499559 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:44 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.action.styles%7Cmediawiki.htmlform.ooui.styles%7Cmediawiki.htmlform.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 18758 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:49 +0000] "POST /index.php?title=Copyright&action=protect HTTP/1.1" 302 1112 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:50 +0000] "GET /index.php/Copyright HTTP/1.1" 200 7941 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:53 +0000] "POST /api.php HTTP/1.1" 200 984 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:53 +0000] "GET /index.php?title=Special:UserLogout&returnto=Copyright HTTP/1.1" 200 3747 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:55 +0000] "GET /index.php?title=Special:UserLogin&returnto=Copyright HTTP/1.1" 200 4548 "https://10.3.45.200/index.php?title=Special:UserLogout&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:03 +0000] "POST /index.php?title=Special:UserLogin&returnto=Copyright HTTP/1.1" 302 1482 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:04 +0000] "GET /index.php/Copyright HTTP/1.1" 200 7824 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:07 +0000] "GET /index.php?title=Talk:Copyright&action=edit&redlink=1 HTTP/1.1" 200 6396 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "POST /api.php HTTP/1.1" 200 1140 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "POST /index.php?title=Talk:Copyright&action=submit HTTP/1.1" 302 1281 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "GET /index.php/Talk:Copyright HTTP/1.1" 200 5164 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example of data stored in Apache error logs:<br \> Date, Time, IP address and port, Action <div class="mw-collapsible-content"> <pre> [Fri Jul 23 04:25:43.125317 2021] [php7:error] [pid 7609] [client 93.157.23.18:55862] script '/var/www/html/mediawiki/c99.php' not found or unable to stat [Fri Jul 23 04:25:43.131058 2021] [php7:error] [pid 7608] [client 93.157.23.18:55852] script '/var/www/html/mediawiki/c99.php' not found or unable to stat </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example of Fail2ban.log data:<br \> Date, Time, IP address <div class="mw-collapsible-content"> <pre> 2021-07-27 12:06:31,021 fail2ban.filter [331]: INFO [mediawiki] Found 10.3.45.1 - 2021-07-27 12:06:31 2021-07-27 12:06:31,291 fail2ban.actions [331]: NOTICE [mediawiki] Ban 10.3.45.1 2021-07-27 12:07:21,629 fail2ban.actions [324]: NOTICE [mediawiki] Restore Ban 10.3.45.1 2021-07-27 12:10:01,086 fail2ban.actions [324]: NOTICE [mediawiki] Unban 10.3.45.1 </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example in Fail2Log.log:<br \> IP address, Date, Time, Username used <div class="mw-collapsible-content"> <pre> Failed:10.3.45.1 2021-07-27 11:16:07 UTC greenadmin Failed:10.3.45.1 2021-07-27 11:16:15 UTC greenadmin Failed:10.3.45.1 2021-07-27 11:16:50 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:05:59 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:11 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:15 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:23 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:31 UTC greenadmin </pre> </div> </div> ==Submissions== You acknowledge and agree that any questions, comments, suggestions, ideas, feedback or other information about the Site or the Service ("Submissions"), provided by you to CompleteNoobs.com are non-confidential and shall become the sole property of CompleteNoobs.com. CompleteNoobs.com shall own exclusive rights, including all intellectual property rights, and shall be entitled to the unrestricted use and dissemination of these Submissions for any purpose, commercial or otherwise, without acknowledgment or compensation to you. ==Termination== CompleteNoobs.com may terminate or suspend any and all Services and your user account immediately, without prior notice or liability, if you breach any of the terms or conditions of the Terms of Use. Upon termination of your account, your right to use the Services will immediately cease. If you wish to terminate your account, you may simply discontinue using the Services. All provisions of the Terms of Use which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability. ==Other== These Terms of Use constitute the entire agreement between you and CompleteNoobs.com regarding the use of the Site and/or the Service, superseding any prior agreements between you and CompleteNoobs.com relating to your use of the Site or the Service. The failure of CompleteNoobs.com to exercise or enforce any right or provision of these Terms of Use shall not constitute a waiver of such right or provision in that or any other instance. If any provision of this Agreement is held invalid, the remainder of this Agreement shall continue in full force and effect. If any provision of these Terms of Use shall be deemed unlawful, void or for any reason unenforceable, then that provision shall be deemed severable from these Terms of Use and shall not affect the validity and enforceability of any remaining provisions. ==Supremacy of English Language Terms of Use== Where a translation of these Terms of use is inconsistent with the English language version, the English language version shall prevail. hoivkql3dt4g8m2sv4jr2cq4o71167n 8 34 44 2023-03-01T21:36:37Z Noob 1 Created page with "I am over 13 years of age and I have read, understood and agree to be bound by the [[Terms_of_Service|Terms of Service]] and [[CompleteNoobs:Privacy_policy|Privacy Policy]]" 44 wikitext text/x-wiki I am over 13 years of age and I have read, understood and agree to be bound by the [[Terms_of_Service|Terms of Service]] and [[CompleteNoobs:Privacy_policy|Privacy Policy]] t6llfed0s5qn3ll9zfc9t7re04rz6n8 45 44 2023-03-01T21:37:16Z Noob 1 Protected "[[MediaWiki:Newsignuppage-loginform-tos]]" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) 44 wikitext text/x-wiki I am over 13 years of age and I have read, understood and agree to be bound by the [[Terms_of_Service|Terms of Service]] and [[CompleteNoobs:Privacy_policy|Privacy Policy]] t6llfed0s5qn3ll9zfc9t7re04rz6n8 0 35 47 2023-03-01T22:34:12Z Noob 1 Created page with "There is currently no one here." 47 wikitext text/x-wiki There is currently no one here. 78py25w8slwr0ecliz565ycydsdap2m 48 47 2023-03-01T22:34:31Z Noob 1 Protected "[[CompleteNoobs Staff Admins]]" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) 47 wikitext text/x-wiki There is currently no one here. 78py25w8slwr0ecliz565ycydsdap2m 0 36 49 2023-03-01T22:35:02Z Noob 1 Created page with "{{:LICENCE_HEADER_CC_BY-SA}} To allow users to browse CompleteNoobs sites freely without distress or upset, users should not publish or link to any of the following types of prohibited content. CompleteNoobs users should take action to remove such content or report violations to a member of [[CompleteNoobs_Staff_Admins | CompleteNoobs's Staff and Admins]] privately. == Prohibited Content == * copyright-infringing content * Pornography, adult or mature content * Violent..." 49 wikitext text/x-wiki {{:LICENCE_HEADER_CC_BY-SA}} To allow users to browse CompleteNoobs sites freely without distress or upset, users should not publish or link to any of the following types of prohibited content. CompleteNoobs users should take action to remove such content or report violations to a member of [[CompleteNoobs_Staff_Admins | CompleteNoobs's Staff and Admins]] privately. == Prohibited Content == * copyright-infringing content * Pornography, adult or mature content * Violent content * Hate speech (including content that incites hatred or promotes violence against individuals or groups based on race or ethnic origin, religion, disability, gender, age, veteran status or sexual orientation/gender identity), harassment, bullying or similar content that advocates harm against an individual or group. * Excessive profanity * Illicit drugs and drug paraphernalia content * Content that promotes, sells or advertises products obtained from endangered or threatened species. * Sales of beer or spirits * Sales of tobacco or tobacco-related products * Sales of prescription drugs * Sales of weapons or ammunition (e.g. firearms, firearm components, fighting knives, stun guns) * Sales or distribution of coursework or student essays * Content regarding programmes which compensate users for clicking ads or offers, performing searches, surfing websites or reading emails * Any other content that is illegal, promotes illegal activity or infringes on the legal rights of others kwrac054oj43kdtv8wtudwgvucc78oc 50 49 2023-03-01T22:35:15Z Noob 1 Protected "[[Content Policy]]" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) 49 wikitext text/x-wiki {{:LICENCE_HEADER_CC_BY-SA}} To allow users to browse CompleteNoobs sites freely without distress or upset, users should not publish or link to any of the following types of prohibited content. CompleteNoobs users should take action to remove such content or report violations to a member of [[CompleteNoobs_Staff_Admins | CompleteNoobs's Staff and Admins]] privately. == Prohibited Content == * copyright-infringing content * Pornography, adult or mature content * Violent content * Hate speech (including content that incites hatred or promotes violence against individuals or groups based on race or ethnic origin, religion, disability, gender, age, veteran status or sexual orientation/gender identity), harassment, bullying or similar content that advocates harm against an individual or group. * Excessive profanity * Illicit drugs and drug paraphernalia content * Content that promotes, sells or advertises products obtained from endangered or threatened species. * Sales of beer or spirits * Sales of tobacco or tobacco-related products * Sales of prescription drugs * Sales of weapons or ammunition (e.g. firearms, firearm components, fighting knives, stun guns) * Sales or distribution of coursework or student essays * Content regarding programmes which compensate users for clicking ads or offers, performing searches, surfing websites or reading emails * Any other content that is illegal, promotes illegal activity or infringes on the legal rights of others kwrac054oj43kdtv8wtudwgvucc78oc 4 37 52 2023-03-01T22:49:28Z Noob 1 Created page with "We only want Libre Licenced content on are site.<br> Check are current [[LICENCE_HEADERS|Licences page]]<br>" 52 wikitext text/x-wiki We only want Libre Licenced content on are site.<br> Check are current [[LICENCE_HEADERS|Licences page]]<br> s91lppfi4tgnv88iyswmm318hw3f04x 0 39 61 2023-03-02T15:21:23Z Noob 1 Created page with "Placeholder - need xml server first" 61 wikitext text/x-wiki Placeholder - need xml server first kvwrqlb33u6wkw3eu1wsgobevvixood 74 61 2023-03-03T01:21:00Z Noob 1 74 wikitext text/x-wiki CompleteNoobs Wiki XML Dumps can be found at <nowiki>https://xml.completenoobs.com</nowiki> [[Ubuntu_Local_Wiki_Import | Ubuntu Import Wiki to Local]] [[Windows_10_Local_Wiki_Import | Windows 10 Import Local Wiki]] 77avph31l239aycll8vhyz33zlad2ky 90 74 2023-03-03T15:53:45Z Noob 1 90 wikitext text/x-wiki CompleteNoobs Wiki [[Basic_Nginx_Server_For_Hosting_Files_Ubuntu_22.04|XML Dumps]] can be found at <nowiki>https://xml.completenoobs.com</nowiki> [[Ubuntu_Local_Wiki_Import | Ubuntu Import Wiki to Local]] [[Windows_10_Local_Wiki_Import | Windows 10 Import Local Wiki]] 0r8lw2hb6q5np7bzrdlqvge4lm8fxid 306 90 2023-04-18T15:17:56Z imported>AwesomO 0 306 wikitext text/x-wiki CompleteNoobs Wiki [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04|XML Dumps]] can be found at <nowiki>https://xml.completenoobs.com</nowiki> [[Ubuntu_Local_Wiki_Import | Ubuntu Import Wiki to Local]] [[Windows_10_Local_Wiki_Import | Windows 10 Import Local Wiki]] 6ic2oj20l0m1apkhzwjuk1pq3x1orb0 474 306 2025-02-16T23:40:47Z Noob 1 474 wikitext text/x-wiki CompleteNoobs Wiki [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04|XML Dumps]] can be found at <nowiki>https://xml.completenoobs.com</nowiki> [[Ubuntu_Local_Wiki_Import | Ubuntu Import Wiki to Local]] [[Windows_10_Local_Wiki_Import | Windows 10 Import Local Wiki]] [[FreeBSD_13.2_Jail_Local_Mediawiki_Nginx_MySQL | FreeBSD Jail]] [[CompleteNoobs_Local_Wiki_In_Docker | Docker ]] og3mqpd9ruantuuf86zm3wi3jcdfn2s 654 474 2025-09-01T17:55:51Z AwesomO 5 654 wikitext text/x-wiki CompleteNoobs Wiki [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04|XML Dumps]] can be found at <nowiki>https://xml.completenoobs.com</nowiki> [[Ubuntu_Local_Wiki_Import | Ubuntu Import Wiki to Local]] [[Windows_10_Local_Wiki_Import | Windows 10 Import Local Wiki]] [[FreeBSD_13.2_Jail_Local_Mediawiki_Nginx_MySQL | FreeBSD Jail]] [[CompleteNoobs_Local_Wiki_In_Docker | Docker ]] [[Ubuntu2404_Install_Docker_and_Docker_Compose| Download are Docker Image]] [[Docker_Mediawiki_Local_Install| vanilla mediawiki docker install]] 0l9wvoh463h4tq39plxwd1muc51zfn1 0 40 63 2023-03-02T15:22:30Z Noob 1 Created page with "Will be Main Index - placeholder" 63 wikitext text/x-wiki Will be Main Index - placeholder q2bizuhpkdlhrbveyi9hq2bybinbmgx 198 63 2023-03-22T23:42:31Z Noob 1 198 wikitext text/x-wiki =Will be Main Index - placeholder= =In Concept Mode= NOTE- At Current Time: The Bots are winning and no direct signups allowed<br> In order to create an account on the wiki at current time, request an account on the wiki and message user CompleteNoobs on reddit, be patient i am not online all the time. ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY.</b> <br> <b>CC BY-NC-SA</b> Content can be hosted on the non commercial fork https://www.completenoobz.com<br> <br> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} i7gg21glpm6b98iordusxqtwk2c8iyv 199 198 2023-03-22T23:43:13Z Noob 1 /* Will be Main Index - placeholder */ 199 wikitext text/x-wiki =Will be Main Index - placeholder= TODO - Update with index once i have more content. =In Concept Mode= NOTE- At Current Time: The Bots are winning and no direct signups allowed<br> In order to create an account on the wiki at current time, request an account on the wiki and message user CompleteNoobs on reddit, be patient i am not online all the time. ='''''We all start as Noobs'''''= <strong>Greetings fellow Noobs.</strong><br> <br> We are Noobs, we are not sure what we are doing yet and are winging it.<br> Still in concept stage.<br> <b>Use at your own risk.</b><br> CompleteNoobs is about making Computer Science: Free, Open and Reproducible.<br> For Hobbyist, sysadmins, teachers, students and all others.<br> CompleteNoobs is a place to post and share tutorials, documentation, walk throughs, computer science courses and content, notes and tips you learn along the way, that are created or released under a Libre Licence that allows for the following freedoms. <b>THE FREEDOM TO: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY.</b> <br> <b>CC BY-NC-SA</b> Content can be hosted on the non commercial fork https://www.completenoobz.com<br> <br> The only thing owned on this site is the domain and trademark 'CompleteNoobs'<br> The Content can be downloaded via a XML file,can be found at https://xml.completenoobs.com and is Libre Licenced for all to use.<br> As close as possible to legal piracy me matey.<br> <code>https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> <code>QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy</code><br> ==We encourage users to fork this project and download and keep a copy on there desktop and/or server== [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ==Notes== The main landing page <b>Main_Page</b> is not included when you import an XML dump, are main index page is the <b>Main_Index</b> Page * [[Main_Index | Main Index Page]]<br \> * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data Heavy content== To keep the XML light, data heavy content, such as: pictures, audio, video, can be linked with IPFS and/or Zeronet hashes.<br> [[IPFS_Basics|IPFS Basics]]<br> <br> <b>Firefox</b>: https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> <b>Brave</b>: brave://settings/ipfs and toggle on "IPFS Companion" <br> ==Licences== * [[LICENCE_HEADERS | Place a licence on top of each page - as long as licence falls in line with free to Copy, Modify, Distribute.]] {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} 2kp7kxnqa57rtm0h0t1p0ghtnq00t8p 250 199 2023-04-02T20:49:02Z Noob 1 Replaced content with " ==Linux== ==Windows 10==" 250 wikitext text/x-wiki ==Linux== ==Windows 10== 31t01fomqy1br2rpvw1zwnbwofgf6gj 251 250 2023-04-02T20:49:21Z Noob 1 /* Linux */ 251 wikitext text/x-wiki ==Linux== ===Ubuntu=== ==Windows 10== fxte34kkaln7r9x5v5bhrw9vf57puv0 261 251 2023-04-02T21:33:33Z Noob 1 261 wikitext text/x-wiki ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===Software=== [[Ffmpeg]] ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> ==Windows 10== dg9rlsmswh1bnkdbxjjeyuzhdi4vrju 262 261 2023-04-02T21:34:21Z Noob 1 /* Windows 10 */ 262 wikitext text/x-wiki ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===Software=== [[Ffmpeg]] ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> ==Windows 10== ==LICENCE HEADERS== [[LICENCE_HEADERS]] b3refmn8ob66e374i954nspy7jbvzrn 263 262 2023-04-02T21:35:44Z Noob 1 /* Software */ 263 wikitext text/x-wiki ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> ==Windows 10== ==LICENCE HEADERS== [[LICENCE_HEADERS]] 2bzutymypgvelg20awjclvrglahu1do 264 263 2023-04-02T21:36:41Z Noob 1 /* Unix* */ 264 wikitext text/x-wiki ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> ==Windows 10== ==LICENCE HEADERS== [[LICENCE_HEADERS]] 543fgu6hklr0mnmi4aypdk56qok15kf 265 264 2023-04-02T21:39:16Z Noob 1 /* Unix* */ 265 wikitext text/x-wiki ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> ==Windows 10== ==LICENCE HEADERS== [[LICENCE_HEADERS]] p5ypuo2v13bnbiijy510n8bhs6kjwsp 266 265 2023-04-02T21:40:50Z Noob 1 /* Windows 10 */ 266 wikitext text/x-wiki ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] 6ztg1j4higyydm1z8ueegntyinrruqm 267 266 2023-04-02T21:42:16Z Noob 1 /* Unix* */ 267 wikitext text/x-wiki ==Basics== ==Mediawiki== ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] aemyd17cm6u8kwcd11dezl7ot5wbs3t 268 267 2023-04-02T21:43:15Z Noob 1 /* Mediawiki */ 268 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] 50j913gxvdejjts8kpwnuscn9n04vfd 269 268 2023-04-02T21:44:28Z Noob 1 /* Ubuntu */ 269 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] fc8lqukhrromt0mm2kxdeo2mpqcwrw9 270 269 2023-04-02T21:45:52Z Noob 1 /* Software */ 270 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> ===Misc=== [[OpenSSH-Server_Capture_Failed_Passwords|Config OpenSSH-Server to capture Failed pUsernames and Passwords]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] spikxyfesjai2tihltqx76w5mow1vug 271 270 2023-04-02T21:47:12Z Noob 1 /* Software */ 271 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[SCP_Examples]]<br> [[Ssh_basics]]<br> [[SSH_and_How_to_Use_It]]<br> ===Misc=== [[OpenSSH-Server_Capture_Failed_Passwords|Config OpenSSH-Server to capture Failed pUsernames and Passwords]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] 5inuaumtcihv4qy41mv0x3tp5mbfxup 272 271 2023-04-02T21:48:12Z Noob 1 /* Software */ 272 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[SCP_Examples]]<br> [[Ssh_basics]]<br> [[SSH_and_How_to_Use_It]]<br> [[Tmux]]<br> ===Misc=== [[OpenSSH-Server_Capture_Failed_Passwords|Config OpenSSH-Server to capture Failed pUsernames and Passwords]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] jg6umlg7pvh4p7gb914ljhx55vd4px1 273 272 2023-04-02T21:50:03Z Noob 1 /* Ubuntu */ 273 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[Ubuntu_Disable_Suspend]]<br> [[Ubuntu_Disabling_TouchScreen]]<br> [[Ubuntu_Playing_encrypted_dvds]]<br> [[Ubuntu_Server_22.04_Wifi_Setup_CLI]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[SCP_Examples]]<br> [[Ssh_basics]]<br> [[SSH_and_How_to_Use_It]]<br> [[Tmux]]<br> ===Misc=== [[OpenSSH-Server_Capture_Failed_Passwords|Config OpenSSH-Server to capture Failed pUsernames and Passwords]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] 5phy1lrs7th80biw4vhh5cmvpn2192t 274 273 2023-04-02T21:50:43Z Noob 1 /* Mediawiki */ 274 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Wiki_Basic_Syntax|Basic mediawiki Syntax]]<br> [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[Ubuntu_Disable_Suspend]]<br> [[Ubuntu_Disabling_TouchScreen]]<br> [[Ubuntu_Playing_encrypted_dvds]]<br> [[Ubuntu_Server_22.04_Wifi_Setup_CLI]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[SCP_Examples]]<br> [[Ssh_basics]]<br> [[SSH_and_How_to_Use_It]]<br> [[Tmux]]<br> ===Misc=== [[OpenSSH-Server_Capture_Failed_Passwords|Config OpenSSH-Server to capture Failed pUsernames and Passwords]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] di1clprezrkgqf0blnqqod3vnn8njdi 276 274 2023-04-02T21:54:03Z Noob 1 /* Ubuntu */ 276 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Wiki_Basic_Syntax|Basic mediawiki Syntax]]<br> [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[Ubuntu_Disable_Suspend]]<br> [[Ubuntu_Disabling_TouchScreen]]<br> [[Ubuntu_Playing_encrypted_dvds]]<br> [[Ubuntu_Server_22.04_Wifi_Setup_CLI]]<br> [[Ubuntu_Users|User Accounts]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[SCP_Examples]]<br> [[Ssh_basics]]<br> [[SSH_and_How_to_Use_It]]<br> [[Tmux]]<br> ===Misc=== [[OpenSSH-Server_Capture_Failed_Passwords|Config OpenSSH-Server to capture Failed pUsernames and Passwords]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] t4m4ed3k4stw2f1vxwix2f538id1f1f 277 276 2023-04-02T21:57:05Z Noob 1 /* Mediawiki */ 277 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Wiki_Basic_Syntax|Basic mediawiki Syntax]]<br> [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> [[Local_CompleteNoobs_Wiki|Download and Install CompleteNoobs on your own computer]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[Ubuntu_Disable_Suspend]]<br> [[Ubuntu_Disabling_TouchScreen]]<br> [[Ubuntu_Playing_encrypted_dvds]]<br> [[Ubuntu_Server_22.04_Wifi_Setup_CLI]]<br> [[Ubuntu_Users|User Accounts]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[SCP_Examples]]<br> [[Ssh_basics]]<br> [[SSH_and_How_to_Use_It]]<br> [[Tmux]]<br> ===Misc=== [[OpenSSH-Server_Capture_Failed_Passwords|Config OpenSSH-Server to capture Failed pUsernames and Passwords]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] ndedsbcui4quhqm6uzfeaqi62vwnfri 286 277 2023-04-05T18:06:31Z Noob 1 /* Software */ 286 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Wiki_Basic_Syntax|Basic mediawiki Syntax]]<br> [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> [[Local_CompleteNoobs_Wiki|Download and Install CompleteNoobs on your own computer]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[Ubuntu_Disable_Suspend]]<br> [[Ubuntu_Disabling_TouchScreen]]<br> [[Ubuntu_Playing_encrypted_dvds]]<br> [[Ubuntu_Server_22.04_Wifi_Setup_CLI]]<br> [[Ubuntu_Users|User Accounts]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[SCP_Examples]]<br> [[Ssh_basics]]<br> [[SSH_and_How_to_Use_It]]<br> [[Tmux]]<br> [[Sshfs_ubuntu]] ===Misc=== [[OpenSSH-Server_Capture_Failed_Passwords|Config OpenSSH-Server to capture Failed pUsernames and Passwords]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] gdb76gkgh0r3xqivqjtaoxvx7zdkvg9 293 286 2023-04-05T19:44:59Z Noob 1 /* Software */ 293 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Wiki_Basic_Syntax|Basic mediawiki Syntax]]<br> [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> [[Local_CompleteNoobs_Wiki|Download and Install CompleteNoobs on your own computer]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[Ubuntu_Disable_Suspend]]<br> [[Ubuntu_Disabling_TouchScreen]]<br> [[Ubuntu_Playing_encrypted_dvds]]<br> [[Ubuntu_Server_22.04_Wifi_Setup_CLI]]<br> [[Ubuntu_Users|User Accounts]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[SCP_Examples]]<br> [[Ssh_basics]]<br> [[SSH_and_How_to_Use_It]]<br> [[Tmux]]<br> [[Sshfs_ubuntu]]<br> [[Compression_ubuntu]]<br> ===Misc=== [[OpenSSH-Server_Capture_Failed_Passwords|Config OpenSSH-Server to capture Failed pUsernames and Passwords]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] 5omkyvx8wma860wvm7cl2afsnklnid4 307 293 2023-04-17T04:02:59Z imported>AwesomO 0 /* Linux */ 307 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Wiki_Basic_Syntax|Basic mediawiki Syntax]]<br> [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> [[Local_CompleteNoobs_Wiki|Download and Install CompleteNoobs on your own computer]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> [[Ubuntu_Cert_Draft|Draft Ubuntu Cert]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[Ubuntu_Disable_Suspend]]<br> [[Ubuntu_Disabling_TouchScreen]]<br> [[Ubuntu_Playing_encrypted_dvds]]<br> [[Ubuntu_Server_22.04_Wifi_Setup_CLI]]<br> [[Ubuntu_Users|User Accounts]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[SCP_Examples]]<br> [[Ssh_basics]]<br> [[SSH_and_How_to_Use_It]]<br> [[Tmux]]<br> [[Sshfs_ubuntu]]<br> [[Compression_ubuntu]]<br> ===Misc=== [[OpenSSH-Server_Capture_Failed_Passwords|Config OpenSSH-Server to capture Failed pUsernames and Passwords]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] 4cl8tdfg8accdkwu5iiyju1j9hk0ky5 308 307 2023-04-17T04:04:22Z imported>AwesomO 0 /* Software */ 308 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Wiki_Basic_Syntax|Basic mediawiki Syntax]]<br> [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> [[Local_CompleteNoobs_Wiki|Download and Install CompleteNoobs on your own computer]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> [[Ubuntu_Cert_Draft|Draft Ubuntu Cert]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[Ubuntu_Disable_Suspend]]<br> [[Ubuntu_Disabling_TouchScreen]]<br> [[Ubuntu_Playing_encrypted_dvds]]<br> [[Ubuntu_Server_22.04_Wifi_Setup_CLI]]<br> [[Ubuntu_Users|User Accounts]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[SCP_Examples]]<br> [[Ssh_basics]]<br> [[SSH_and_How_to_Use_It]]<br> [[Tmux]]<br> [[Sshfs_ubuntu]]<br> [[Compression_ubuntu]]<br> [[Scp_only|Create USER on server that can only receive '''scp''' to path]]<br> ===Misc=== [[OpenSSH-Server_Capture_Failed_Passwords|Config OpenSSH-Server to capture Failed pUsernames and Passwords]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] nugh8vwfcmy4w23cu1yjpj67dwgh63w 309 308 2023-04-19T23:23:52Z imported>AwesomO 0 /* Ubuntu */ 309 wikitext text/x-wiki ==Basics== ==Mediawiki== [[Wiki_Basic_Syntax|Basic mediawiki Syntax]]<br> [[Mediawiki_Remove_index.php|Mediawiki Remove index.php from URL]]<br> [[Local_CompleteNoobs_Wiki|Download and Install CompleteNoobs on your own computer]]<br> ==Unix*== ===Linux=== [[Gpu_Passthrough_to_VirtualMachine]]<br> [[Ubuntu_Cert_Draft|Draft Ubuntu Cert]]<br> ===LXD - LXC=== [[LXD_Private-Public_Network]]<br> ====Ubuntu==== [[Cron_ubuntu_22.04]]<br> [[Create_swap_space]]<br> [[Host_Your_Own_Mediawiki_Online_-_Ubuntu]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[Ubuntu_Disable_Suspend]]<br> [[Ubuntu_Disabling_TouchScreen]]<br> [[Ubuntu_Playing_encrypted_dvds]]<br> [[Ubuntu_Server_22.04_Wifi_Setup_CLI]]<br> [[Ubuntu_Users|User Accounts]]<br> [[Nginx_Ubuntu|Nginx tutorials Ubuntu]]<br> ===Software=== [[Ffmpeg]]<br> [[IPFS_Basics]]<br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04]]<br> [[SCP_Examples]]<br> [[Ssh_basics]]<br> [[SSH_and_How_to_Use_It]]<br> [[Tmux]]<br> [[Sshfs_ubuntu]]<br> [[Compression_ubuntu]]<br> [[Scp_only|Create USER on server that can only receive '''scp''' to path]]<br> ===Misc=== [[OpenSSH-Server_Capture_Failed_Passwords|Config OpenSSH-Server to capture Failed pUsernames and Passwords]]<br> ==Windows 10== [[Windows_10_Local_Wiki_Import|Install Wiki and Import Contents]]<br> [[Windows_10_Factory_Reset]]<br> [[Windows_10_Product_Key]]<br> ==LICENCE HEADERS== [[LICENCE_HEADERS]] jz26sovwkhujdckqv4zzs2skzayzyul 0 42 66 2023-03-03T00:59:56Z Noob 1 Created page with "Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki b..." 66 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code> <code>tar -zxvf mediawiki-1.36.1.tar.gz</code> <code>mv mediawiki-1.36.1 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. 5pf4p7yynpgnemjxhi39ho5lrnb10pk 177 66 2023-03-11T12:29:26Z Noob 1 /* Install mediawiki */ 177 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. i5tr2c11pxexmradpew220o0mdm85or 178 177 2023-03-11T12:34:14Z Noob 1 /* restore xml dump */ 178 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ===EmbedVideo=== In order to view the embedded video's you will need to install the <b>EmbedVideo</b> extension.<br> If you do not, you will still be able to view the video address.<br> https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. gnj1bk0tty55uq16d9s5er1r7iw3xdc 190 178 2023-03-21T20:34:51Z Noob 1 /* Visit your local copy of CompleteNoobs */ 190 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ===EmbedVideo=== In order to view the embedded video's you will need to install the <b>EmbedVideo</b> extension.<br> If you do not, you will still be able to view the video address.<br> https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. ==script to auto install wiki in container== <syntaxhighlight lang='bash' line> #!/bin/bash CHECK_UBUNTU=$(lsb_release -i | awk '{print $3}') CHECK_UBUNTU2004=$(lsb_release -r | awk '{print $2}') if [ $CHECK_UBUNTU == "Ubuntu" ] then if [ $CHECK_UBUNTU2004 == "22.04" ] then printf "You are running $CHECK_UBUNTU $CHECK_UBUNTU2004\n\n" else echo "are you sure your running ubuntu 22.04?" echo $CHECK_UBUNTU $CHECK_UBUNTU2004 printf "This script is intended for Ubuntu 22.04\nExiting script\n" exit 1 fi else printf "This script is intended for ubuntu 22.04!\nScript exiting\n" exit 1 fi ##################################################### printf "\nThis is a script in development!\n" printf "For quickly installing the basic's of mediawiki on a ubuntu 22.04 container\n" printf "This script is expecting a clean install of a server to run on.\n" printf "Enter \"yes\" to continue with script or press anykey to exit!\n" printf "\n What this script will do:\n \n\t1. Setup basic firewall with ufw and allow port 22 for ssh \n\t2. Update system and check if reboot required. \n\t3. Install software packages: \t\t apache2 \t\t mysql-server \t\t php \t\t php-mysql \t\t libapache2-mod-php \t\t php-xml \t\t php-mbstring \t\t php-intl \t\t mediawiki-1.39.2 \n\t4. Take name for your localwiki \n\t 5a. Download, checksum, extract to path: \'MediaWiki-1.34.2\' \t 5b. Download, checksum and move to path file \'apache.conf.backup\' - template for configuring apache \n\t7. Create Database for mediawiki \n\t8. Configure Apache \n\t10. Will echo/display details required for finishing media setup on web browser \n\n\tPlease type \"yes\" case sensitive to continue!\n \tJust Press Enter to Exit Script!\n \tEnter anwser here :" read anypress if [ -z "$anypress" ] then printf "Exiting Script!" sleep 1 exit 1 else if [ $anypress == "yes" ] then printf "starting script ....." sleep 1 else printf "Exiting Script!" sleep 1 exit 1 fi fi #################################################### ########### check system up to date apt update && apt upgrade -y && apt autoremove -y # reboot if reboot required # will test to see if file "/var/run/reboot-required" exists if [ -f /var/run/reboot-required ] then reboot fi ########################################### ########### Install packages # checksum of mediawiki download. # add patch and check sig # when downloading from github add(?raw=true) at the end or you will download a html page. # Install main packages from ubuntu repos apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y ###### # download and checksums of media wiki MediaWiki_Sum="ddb51d228a19ca68cd8871d850175f6bef46874476ed1466f015cf9846d9c7a5" wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz # Check md5sum of download and extract to directory MediaWiki_Sum_CHECK="$(sha256sum mediawiki-1.39.2.tar.gz | awk '{print $1}')" if [ $MediaWiki_Sum == $MediaWiki_Sum_CHECK ] ; then echo "checksum checks out:" tar -zxvf mediawiki-1.39.2.tar.gz -C /var/www/html/ mv /var/www/html/mediawiki-1.39.2 /var/www/html/mediawiki rm mediawiki-1.39.2.tar.gz else echo "Checksum not checking out" printf "looking for $MediaWiki_Sum but found $MediaWiki_Sum_CHECK" read -r -p $" Press Enter to Exit Script" exit 1 fi ######################### # apache quick config function apacheconfigfunc { printf "<VirtualHost *:80>\n\tDocumentRoot /var/www/html/mediawiki\n</VirtualHost>\n" } apacheconfigfunc > /etc/apache2/sites-available/000-default.conf # restart apache2 systemctl restart apache2 #end apache quick config ########################################## #Container ip function ####Print IP for container function conIPfun { hostname -I | awk '{print $1}' } ConIPVar=$(hostname -I | awk '{print $1}') echo $ConIPVar ################### ######################## ##EmbedVideo extension EmbedSum="b8b4ccf516e5ba8f47f11e415fe0ac325e9d05eb1cc750c808191e7e8a15360f" apt install unzip -y wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip CheckEmbed="$(sha256sum EmbedVideo-v2.9.0.zip | awk '{print $1}')" if [ $CheckEmbed == $EmbedSum ] ; then echo "checksum checks out:" unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/ mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo else echo "Checksum not checking out" printf "looking for $EmbedSum but found $CheckEmbed" read -r -p $" Press Enter to Exit Script" exit 1 fi ##### # Create Database mysql -u root <<MYSQL_SCRIPT CREATE USER 'wiki'@'localhost'; # not needed for root CREATE DATABASE my_wiki; use my_wiki; GRANT ALL ON my_wiki.* TO 'wiki'@'localhost'; MYSQL_SCRIPT # Remember to change name from 'root' to 'wiki' and push file to container: CON_NAME=$(uname -a | awk '{print $2}') echo "Now visit the IP $ConIPVar from a browser" echo "and change the database username from 'root' to 'wiki' on the DateBase Page" echo "When finished you will download a 'LocalSettings.php' file" echo "You need to push this file into the container $CON_NAME from your download directory" echo "you can use 'lxc file push' to copy the file into the container" echo "lxc file push /home/USERNAME/Downloads/LocalSettings.php $CON_NAME/var/www/html/mediawiki/" echo "the setup script will continue as few seconds after." ################################### # Wait for LocalSettings.php to be imported to Container # while [ ! -f /var/www/html/mediawiki/LocalSettings.php ] do sleep 2 # or less like 0.2 done ##################################### #Noobs curl -L xml.completenoobs.com/xmlDumps | grep Noobs | awk -F '"' '{print $2}' > /tmp/wi-dump.txt #grep will find newest dated dump and assign to $newest newest=$(grep -oE '^[0-9]{2}_[0-9]{2}_[0-9]{2}' /tmp/wi-dump.txt | sort -r | head -n 1) temppath="/tmp/wi-dir/" md5=$newest.md5sum.txt xml=$newest.Noobs.xml sha256=$newest.sha256sum.txt #mkdir for dumps mkdir /tmp/wi-dir wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$md5 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$sha256 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$xml -P /tmp/wi-dir/ # CheckSums before import md5_dl=$(md5sum $temppath$xml | awk '{print $1}') md5_file=$(cat /tmp/wi-dir/$md5 | awk '{print $1}') sha256_dl=$(sha256sum $temppath$xml | awk '{print $1}') sha256_file=$(cat $temppath$sha256 | awk '{print $1}') if [ $md5file == $md5dl ]; then echo 'md5 checks out' else echo 'does not check out' fi if [ $sha256_dl == $sha256_file ]; then echo "sha256 checks out" #import to wiki echo "importing mediawiki database" php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php $temppath$xml php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php php /var/www/html/mediawiki/maintenance/initSiteStats.php php /var/www/html/mediawiki/maintenance/rebuildall.php else echo "checksum not checking out" exit 1 fi # dont forget clean up rm -rf /tmp/wi-dir/* </syntaxhighlight> fmjz45ay87b4slkyf3s1lhoqir2k4q9 191 190 2023-03-21T20:35:12Z Noob 1 /* script to auto install wiki in container */ 191 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ===EmbedVideo=== In order to view the embedded video's you will need to install the <b>EmbedVideo</b> extension.<br> If you do not, you will still be able to view the video address.<br> https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. ==script to auto install wiki in container - Draft0== <syntaxhighlight lang='bash' line> #!/bin/bash CHECK_UBUNTU=$(lsb_release -i | awk '{print $3}') CHECK_UBUNTU2004=$(lsb_release -r | awk '{print $2}') if [ $CHECK_UBUNTU == "Ubuntu" ] then if [ $CHECK_UBUNTU2004 == "22.04" ] then printf "You are running $CHECK_UBUNTU $CHECK_UBUNTU2004\n\n" else echo "are you sure your running ubuntu 22.04?" echo $CHECK_UBUNTU $CHECK_UBUNTU2004 printf "This script is intended for Ubuntu 22.04\nExiting script\n" exit 1 fi else printf "This script is intended for ubuntu 22.04!\nScript exiting\n" exit 1 fi ##################################################### printf "\nThis is a script in development!\n" printf "For quickly installing the basic's of mediawiki on a ubuntu 22.04 container\n" printf "This script is expecting a clean install of a server to run on.\n" printf "Enter \"yes\" to continue with script or press anykey to exit!\n" printf "\n What this script will do:\n \n\t1. Setup basic firewall with ufw and allow port 22 for ssh \n\t2. Update system and check if reboot required. \n\t3. Install software packages: \t\t apache2 \t\t mysql-server \t\t php \t\t php-mysql \t\t libapache2-mod-php \t\t php-xml \t\t php-mbstring \t\t php-intl \t\t mediawiki-1.39.2 \n\t4. Take name for your localwiki \n\t 5a. Download, checksum, extract to path: \'MediaWiki-1.34.2\' \t 5b. Download, checksum and move to path file \'apache.conf.backup\' - template for configuring apache \n\t7. Create Database for mediawiki \n\t8. Configure Apache \n\t10. Will echo/display details required for finishing media setup on web browser \n\n\tPlease type \"yes\" case sensitive to continue!\n \tJust Press Enter to Exit Script!\n \tEnter anwser here :" read anypress if [ -z "$anypress" ] then printf "Exiting Script!" sleep 1 exit 1 else if [ $anypress == "yes" ] then printf "starting script ....." sleep 1 else printf "Exiting Script!" sleep 1 exit 1 fi fi #################################################### ########### check system up to date apt update && apt upgrade -y && apt autoremove -y # reboot if reboot required # will test to see if file "/var/run/reboot-required" exists if [ -f /var/run/reboot-required ] then reboot fi ########################################### ########### Install packages # checksum of mediawiki download. # add patch and check sig # when downloading from github add(?raw=true) at the end or you will download a html page. # Install main packages from ubuntu repos apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y ###### # download and checksums of media wiki MediaWiki_Sum="ddb51d228a19ca68cd8871d850175f6bef46874476ed1466f015cf9846d9c7a5" wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz # Check md5sum of download and extract to directory MediaWiki_Sum_CHECK="$(sha256sum mediawiki-1.39.2.tar.gz | awk '{print $1}')" if [ $MediaWiki_Sum == $MediaWiki_Sum_CHECK ] ; then echo "checksum checks out:" tar -zxvf mediawiki-1.39.2.tar.gz -C /var/www/html/ mv /var/www/html/mediawiki-1.39.2 /var/www/html/mediawiki rm mediawiki-1.39.2.tar.gz else echo "Checksum not checking out" printf "looking for $MediaWiki_Sum but found $MediaWiki_Sum_CHECK" read -r -p $" Press Enter to Exit Script" exit 1 fi ######################### # apache quick config function apacheconfigfunc { printf "<VirtualHost *:80>\n\tDocumentRoot /var/www/html/mediawiki\n</VirtualHost>\n" } apacheconfigfunc > /etc/apache2/sites-available/000-default.conf # restart apache2 systemctl restart apache2 #end apache quick config ########################################## #Container ip function ####Print IP for container function conIPfun { hostname -I | awk '{print $1}' } ConIPVar=$(hostname -I | awk '{print $1}') echo $ConIPVar ################### ######################## ##EmbedVideo extension EmbedSum="b8b4ccf516e5ba8f47f11e415fe0ac325e9d05eb1cc750c808191e7e8a15360f" apt install unzip -y wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip CheckEmbed="$(sha256sum EmbedVideo-v2.9.0.zip | awk '{print $1}')" if [ $CheckEmbed == $EmbedSum ] ; then echo "checksum checks out:" unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/ mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo else echo "Checksum not checking out" printf "looking for $EmbedSum but found $CheckEmbed" read -r -p $" Press Enter to Exit Script" exit 1 fi ##### # Create Database mysql -u root <<MYSQL_SCRIPT CREATE USER 'wiki'@'localhost'; # not needed for root CREATE DATABASE my_wiki; use my_wiki; GRANT ALL ON my_wiki.* TO 'wiki'@'localhost'; MYSQL_SCRIPT # Remember to change name from 'root' to 'wiki' and push file to container: CON_NAME=$(uname -a | awk '{print $2}') echo "Now visit the IP $ConIPVar from a browser" echo "and change the database username from 'root' to 'wiki' on the DateBase Page" echo "When finished you will download a 'LocalSettings.php' file" echo "You need to push this file into the container $CON_NAME from your download directory" echo "you can use 'lxc file push' to copy the file into the container" echo "lxc file push /home/USERNAME/Downloads/LocalSettings.php $CON_NAME/var/www/html/mediawiki/" echo "the setup script will continue as few seconds after." ################################### # Wait for LocalSettings.php to be imported to Container # while [ ! -f /var/www/html/mediawiki/LocalSettings.php ] do sleep 2 # or less like 0.2 done ##################################### #Noobs curl -L xml.completenoobs.com/xmlDumps | grep Noobs | awk -F '"' '{print $2}' > /tmp/wi-dump.txt #grep will find newest dated dump and assign to $newest newest=$(grep -oE '^[0-9]{2}_[0-9]{2}_[0-9]{2}' /tmp/wi-dump.txt | sort -r | head -n 1) temppath="/tmp/wi-dir/" md5=$newest.md5sum.txt xml=$newest.Noobs.xml sha256=$newest.sha256sum.txt #mkdir for dumps mkdir /tmp/wi-dir wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$md5 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$sha256 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$xml -P /tmp/wi-dir/ # CheckSums before import md5_dl=$(md5sum $temppath$xml | awk '{print $1}') md5_file=$(cat /tmp/wi-dir/$md5 | awk '{print $1}') sha256_dl=$(sha256sum $temppath$xml | awk '{print $1}') sha256_file=$(cat $temppath$sha256 | awk '{print $1}') if [ $md5file == $md5dl ]; then echo 'md5 checks out' else echo 'does not check out' fi if [ $sha256_dl == $sha256_file ]; then echo "sha256 checks out" #import to wiki echo "importing mediawiki database" php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php $temppath$xml php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php php /var/www/html/mediawiki/maintenance/initSiteStats.php php /var/www/html/mediawiki/maintenance/rebuildall.php else echo "checksum not checking out" exit 1 fi # dont forget clean up rm -rf /tmp/wi-dir/* </syntaxhighlight> rw70vl78eoqhm658lduh2762j4jcbmq 192 191 2023-03-22T13:53:57Z Noob 1 /* script to auto install wiki in container - Draft0 */ 192 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ===EmbedVideo=== In order to view the embedded video's you will need to install the <b>EmbedVideo</b> extension.<br> If you do not, you will still be able to view the video address.<br> https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. ==script to auto install wiki in container - Draft0== <syntaxhighlight lang='bash' line> #!/bin/bash CHECK_UBUNTU=$(lsb_release -i | awk '{print $3}') CHECK_UBUNTU2004=$(lsb_release -r | awk '{print $2}') if [ $CHECK_UBUNTU == "Ubuntu" ] then if [ $CHECK_UBUNTU2004 == "22.04" ] then printf "You are running $CHECK_UBUNTU $CHECK_UBUNTU2004\n\n" else echo "are you sure your running ubuntu 22.04?" echo $CHECK_UBUNTU $CHECK_UBUNTU2004 printf "This script is intended for Ubuntu 22.04\nExiting script\n" exit 1 fi else printf "This script is intended for ubuntu 22.04!\nScript exiting\n" exit 1 fi ##################################################### printf "\nThis is a script in development!\n" printf "For quickly installing the basic's of mediawiki on a ubuntu 22.04 container\n" printf "This script is expecting a clean install of a server to run on.\n" printf "Enter \"yes\" to continue with script or press anykey to exit!\n" printf "\n What this script will do:\n \n\t1. Setup basic firewall with ufw and allow port 22 for ssh \n\t2. Update system and check if reboot required. \n\t3. Install software packages: \t\t apache2 \t\t mysql-server \t\t php \t\t php-mysql \t\t libapache2-mod-php \t\t php-xml \t\t php-mbstring \t\t php-intl \t\t mediawiki-1.39.2 \n\t4. Take name for your localwiki \n\t 5a. Download, checksum, extract to path: \'MediaWiki-1.34.2\' \t 5b. Download, checksum and move to path file \'apache.conf.backup\' - template for configuring apache \n\t7. Create Database for mediawiki \n\t8. Configure Apache \n\t10. Will echo/display details required for finishing media setup on web browser \n\n\tPlease type \"yes\" case sensitive to continue!\n \tJust Press Enter to Exit Script!\n \tEnter anwser here :" read anypress if [ -z "$anypress" ] then printf "Exiting Script!" sleep 1 exit 1 else if [ $anypress == "yes" ] then printf "starting script ....." sleep 1 else printf "Exiting Script!" sleep 1 exit 1 fi fi #################################################### ########### check system up to date apt update && apt upgrade -y && apt autoremove -y # reboot if reboot required # will test to see if file "/var/run/reboot-required" exists if [ -f /var/run/reboot-required ] then reboot fi ########################################### ########### Install packages # checksum of mediawiki download. # add patch and check sig # when downloading from github add(?raw=true) at the end or you will download a html page. # Install main packages from ubuntu repos apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y ###### # download and checksums of media wiki MediaWiki_Sum="ddb51d228a19ca68cd8871d850175f6bef46874476ed1466f015cf9846d9c7a5" wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz # Check md5sum of download and extract to directory MediaWiki_Sum_CHECK="$(sha256sum mediawiki-1.39.2.tar.gz | awk '{print $1}')" if [ $MediaWiki_Sum == $MediaWiki_Sum_CHECK ] ; then echo "checksum checks out:" tar -zxvf mediawiki-1.39.2.tar.gz -C /var/www/html/ mv /var/www/html/mediawiki-1.39.2 /var/www/html/mediawiki rm mediawiki-1.39.2.tar.gz else echo "Checksum not checking out" printf "looking for $MediaWiki_Sum but found $MediaWiki_Sum_CHECK" read -r -p $" Press Enter to Exit Script" exit 1 fi ######################### # apache quick config function apacheconfigfunc { printf "<VirtualHost *:80>\n\tDocumentRoot /var/www/html/mediawiki\n</VirtualHost>\n" } apacheconfigfunc > /etc/apache2/sites-available/000-default.conf # restart apache2 systemctl restart apache2 #end apache quick config ########################################## #Container ip function ####Print IP for container function conIPfun { hostname -I | awk '{print $1}' } ConIPVar=$(hostname -I | awk '{print $1}') echo $ConIPVar ################### ######################## ##EmbedVideo extension EmbedSum="b8b4ccf516e5ba8f47f11e415fe0ac325e9d05eb1cc750c808191e7e8a15360f" apt install unzip -y wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip CheckEmbed="$(sha256sum EmbedVideo-v2.9.0.zip | awk '{print $1}')" if [ $CheckEmbed == $EmbedSum ] ; then echo "checksum checks out:" unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/ mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo else echo "Checksum not checking out" printf "looking for $EmbedSum but found $CheckEmbed" read -r -p $" Press Enter to Exit Script" exit 1 fi ##### # Create Database mysql -u root <<MYSQL_SCRIPT CREATE USER 'wiki'@'localhost'; # not needed for root CREATE DATABASE my_wiki; use my_wiki; GRANT ALL ON my_wiki.* TO 'wiki'@'localhost'; MYSQL_SCRIPT # Remember to change name from 'root' to 'wiki' and push file to container: CON_NAME=$(uname -a | awk '{print $2}') echo "Now visit the IP $ConIPVar from a browser" echo "and change the database username from 'root' to 'wiki' on the DateBase Page" echo "When finished you will download a 'LocalSettings.php' file" echo "You need to push this file into the container $CON_NAME from your download directory" echo "you can use 'lxc file push' to copy the file into the container" echo "lxc file push /home/USERNAME/Downloads/LocalSettings.php $CON_NAME/var/www/html/mediawiki/" echo "the setup script will continue as few seconds after." ################################### # Wait for LocalSettings.php to be imported to Container # while [ ! -f /var/www/html/mediawiki/LocalSettings.php ] do sleep 2 # will check every 2 seconds to see if file is there done ##################################### #Noobs curl -L xml.completenoobs.com/xmlDumps | grep Noobs | awk -F '"' '{print $2}' > /tmp/wi-dump.txt #grep will find newest dated dump and assign to $newest newest=$(grep -oE '^[0-9]{2}_[0-9]{2}_[0-9]{2}' /tmp/wi-dump.txt | sort -r | head -n 1) temppath="/tmp/wi-dir/" md5=$newest.md5sum.txt xml=$newest.Noobs.xml sha256=$newest.sha256sum.txt #mkdir for dumps mkdir /tmp/wi-dir wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$md5 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$sha256 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$xml -P /tmp/wi-dir/ # CheckSums before import md5_dl=$(md5sum $temppath$xml | awk '{print $1}') md5_file=$(cat /tmp/wi-dir/$md5 | awk '{print $1}') sha256_dl=$(sha256sum $temppath$xml | awk '{print $1}') sha256_file=$(cat $temppath$sha256 | awk '{print $1}') if [ $md5file == $md5dl ]; then echo 'md5 checks out' else echo 'does not check out' fi if [ $sha256_dl == $sha256_file ]; then echo "sha256 checks out" #import to wiki echo "importing mediawiki database" php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php $temppath$xml php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php php /var/www/html/mediawiki/maintenance/initSiteStats.php php /var/www/html/mediawiki/maintenance/rebuildall.php else echo "checksum not checking out" exit 1 fi # dont forget clean up rm -rf /tmp/wi-dir/* </syntaxhighlight> dc9hq45nxrup2pc42pbuyuxv36nqqrc 193 192 2023-03-22T21:20:12Z Noob 1 /* script to auto install wiki in container - Draft0 */ 193 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ===EmbedVideo=== In order to view the embedded video's you will need to install the <b>EmbedVideo</b> extension.<br> If you do not, you will still be able to view the video address.<br> https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. ==script to auto install wiki in container - Draft0== <syntaxhighlight lang='bash' line> #!/bin/bash CHECK_UBUNTU=$(lsb_release -i | awk '{print $3}') CHECK_UBUNTU2004=$(lsb_release -r | awk '{print $2}') if [ $CHECK_UBUNTU == "Ubuntu" ] then if [ $CHECK_UBUNTU2004 == "22.04" ] then printf "You are running $CHECK_UBUNTU $CHECK_UBUNTU2004\n\n" else echo "are you sure your running ubuntu 22.04?" echo $CHECK_UBUNTU $CHECK_UBUNTU2004 printf "This script is intended for Ubuntu 22.04\nExiting script\n" exit 1 fi else printf "This script is intended for ubuntu 22.04!\nScript exiting\n" exit 1 fi ##################################################### printf "\nThis is a script in development!\n" printf "For quickly installing the basic's of mediawiki on a ubuntu 22.04 container\n" printf "This script is expecting a clean install of a server to run on.\n" printf "Enter \"yes\" to continue with script or press anykey to exit!\n" printf "\n What this script will do:\n \n\t3. Install software packages: \t\t apache2 \t\t mysql-server \t\t php \t\t php-mysql \t\t libapache2-mod-php \t\t php-xml \t\t php-mbstring \t\t php-intl \t\t mediawiki-1.39.2 \n\t4. Take name for your localwiki \n\t 5a. Download, checksum, extract to path: \'MediaWiki-1.34.2\' \t 5b. Download, checksum and move to path file \'apache.conf.backup\' - template for configuring apache \n\t7. Create Database for mediawiki \n\t8. Configure Apache \n\t10. Will echo/display details required for finishing media setup on web browser \n\n\tPlease type \"yes\" case sensitive to continue!\n \tJust Press Enter to Exit Script!\n \tEnter anwser here :" read anypress if [ -z "$anypress" ] then printf "Exiting Script!" sleep 1 exit 1 else if [ $anypress == "yes" ] then printf "starting script ....." sleep 1 else printf "Exiting Script!" sleep 1 exit 1 fi fi #################################################### ########### check system up to date apt update && apt upgrade -y && apt autoremove -y ########################################### ########### Install packages # checksum of mediawiki download. # add patch and check sig # when downloading from github add(?raw=true) at the end or you will download a html page. # Install main packages from ubuntu repos apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y ###### # download and checksums of media wiki MediaWiki_Sum="ddb51d228a19ca68cd8871d850175f6bef46874476ed1466f015cf9846d9c7a5" wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz # Check md5sum of download and extract to directory MediaWiki_Sum_CHECK="$(sha256sum mediawiki-1.39.2.tar.gz | awk '{print $1}')" if [ $MediaWiki_Sum == $MediaWiki_Sum_CHECK ] ; then echo "checksum checks out:" tar -zxvf mediawiki-1.39.2.tar.gz -C /var/www/html/ mv /var/www/html/mediawiki-1.39.2 /var/www/html/mediawiki rm mediawiki-1.39.2.tar.gz else echo "Checksum not checking out" printf "looking for $MediaWiki_Sum but found $MediaWiki_Sum_CHECK" read -r -p $" Press Enter to Exit Script" exit 1 fi ######################### # apache quick config function apacheconfigfunc { printf "<VirtualHost *:80>\n\tDocumentRoot /var/www/html/mediawiki\n</VirtualHost>\n" } apacheconfigfunc > /etc/apache2/sites-available/000-default.conf # restart apache2 systemctl restart apache2 #end apache quick config ########################################## #Container ip function ####Print IP for container function conIPfun { hostname -I | awk '{print $1}' } ConIPVar=$(hostname -I | awk '{print $1}') echo $ConIPVar ################### ######################## ##EmbedVideo extension EmbedSum="b8b4ccf516e5ba8f47f11e415fe0ac325e9d05eb1cc750c808191e7e8a15360f" apt install unzip -y wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip CheckEmbed="$(sha256sum EmbedVideo-v2.9.0.zip | awk '{print $1}')" if [ $CheckEmbed == $EmbedSum ] ; then echo "checksum checks out:" unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/ mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo else echo "Checksum not checking out" printf "looking for $EmbedSum but found $CheckEmbed" read -r -p $" Press Enter to Exit Script" exit 1 fi ##### # Create Database mysql -u root <<MYSQL_SCRIPT CREATE USER 'wiki'@'localhost'; # not needed for root CREATE DATABASE my_wiki; use my_wiki; GRANT ALL ON my_wiki.* TO 'wiki'@'localhost'; MYSQL_SCRIPT # Remember to change name from 'root' to 'wiki' and push file to container: CON_NAME=$(uname -a | awk '{print $2}') echo "Now visit the IP $ConIPVar from a browser" echo "and change the database username from 'root' to 'wiki' on the DateBase Page" echo "When finished you will download a 'LocalSettings.php' file" echo "You need to push this file into the container $CON_NAME from your download directory" echo "you can use 'lxc file push' to copy the file into the container" echo "lxc file push /home/USERNAME/Downloads/LocalSettings.php $CON_NAME/var/www/html/mediawiki/" echo "the setup script will continue as few seconds after." ################################### # Wait for LocalSettings.php to be imported to Container # while [ ! -f /var/www/html/mediawiki/LocalSettings.php ] do sleep 2 # will check every 2 seconds to see if file is there done ##################################### #Noobs curl -L xml.completenoobs.com/xmlDumps | grep Noobs | awk -F '"' '{print $2}' > /tmp/wi-dump.txt #grep will find newest dated dump and assign to $newest newest=$(grep -oE '^[0-9]{2}_[0-9]{2}_[0-9]{2}' /tmp/wi-dump.txt | sort -r | head -n 1) temppath="/tmp/wi-dir/" md5=$newest.md5sum.txt xml=$newest.Noobs.xml sha256=$newest.sha256sum.txt #mkdir for dumps mkdir /tmp/wi-dir wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$md5 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$sha256 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$xml -P /tmp/wi-dir/ # CheckSums before import md5_dl=$(md5sum $temppath$xml | awk '{print $1}') md5_file=$(cat /tmp/wi-dir/$md5 | awk '{print $1}') sha256_dl=$(sha256sum $temppath$xml | awk '{print $1}') sha256_file=$(cat $temppath$sha256 | awk '{print $1}') if [ $md5file == $md5dl ]; then echo 'md5 checks out' else echo 'does not check out' fi if [ $sha256_dl == $sha256_file ]; then echo "sha256 checks out" #import to wiki echo "importing mediawiki database" php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php $temppath$xml php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php php /var/www/html/mediawiki/maintenance/initSiteStats.php php /var/www/html/mediawiki/maintenance/rebuildall.php else echo "checksum not checking out" exit 1 fi # dont forget clean up rm -rf /tmp/wi-dir/* </syntaxhighlight> aa0lsz97ea0wrwb7thccg8375smckwq 194 193 2023-03-22T21:20:36Z Noob 1 /* script to auto install wiki in container - Draft0 */ 194 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ===EmbedVideo=== In order to view the embedded video's you will need to install the <b>EmbedVideo</b> extension.<br> If you do not, you will still be able to view the video address.<br> https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. ==script to auto install wiki in container - Draft0== <syntaxhighlight lang='bash' line> #!/bin/bash CHECK_UBUNTU=$(lsb_release -i | awk '{print $3}') CHECK_UBUNTU2004=$(lsb_release -r | awk '{print $2}') if [ $CHECK_UBUNTU == "Ubuntu" ] then if [ $CHECK_UBUNTU2004 == "22.04" ] then printf "You are running $CHECK_UBUNTU $CHECK_UBUNTU2004\n\n" else echo "are you sure your running ubuntu 22.04?" echo $CHECK_UBUNTU $CHECK_UBUNTU2004 printf "This script is intended for Ubuntu 22.04\nExiting script\n" exit 1 fi else printf "This script is intended for ubuntu 22.04!\nScript exiting\n" exit 1 fi ##################################################### printf "\nThis is a script in development!\n" printf "For quickly installing the basic's of mediawiki on a ubuntu 22.04 container\n" printf "Enter \"yes\" to continue with script or press anykey to exit!\n" printf "\n What this script will do:\n \n\t3. Install software packages: \t\t apache2 \t\t mysql-server \t\t php \t\t php-mysql \t\t libapache2-mod-php \t\t php-xml \t\t php-mbstring \t\t php-intl \t\t mediawiki-1.39.2 \n\t4. Take name for your localwiki \n\t 5a. Download, checksum, extract to path: \'MediaWiki-1.34.2\' \t 5b. Download, checksum and move to path file \'apache.conf.backup\' - template for configuring apache \n\t7. Create Database for mediawiki \n\t8. Configure Apache \n\t10. Will echo/display details required for finishing media setup on web browser \n\n\tPlease type \"yes\" case sensitive to continue!\n \tJust Press Enter to Exit Script!\n \tEnter anwser here :" read anypress if [ -z "$anypress" ] then printf "Exiting Script!" sleep 1 exit 1 else if [ $anypress == "yes" ] then printf "starting script ....." sleep 1 else printf "Exiting Script!" sleep 1 exit 1 fi fi #################################################### ########### check system up to date apt update && apt upgrade -y && apt autoremove -y ########################################### ########### Install packages # checksum of mediawiki download. # add patch and check sig # when downloading from github add(?raw=true) at the end or you will download a html page. # Install main packages from ubuntu repos apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y ###### # download and checksums of media wiki MediaWiki_Sum="ddb51d228a19ca68cd8871d850175f6bef46874476ed1466f015cf9846d9c7a5" wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz # Check md5sum of download and extract to directory MediaWiki_Sum_CHECK="$(sha256sum mediawiki-1.39.2.tar.gz | awk '{print $1}')" if [ $MediaWiki_Sum == $MediaWiki_Sum_CHECK ] ; then echo "checksum checks out:" tar -zxvf mediawiki-1.39.2.tar.gz -C /var/www/html/ mv /var/www/html/mediawiki-1.39.2 /var/www/html/mediawiki rm mediawiki-1.39.2.tar.gz else echo "Checksum not checking out" printf "looking for $MediaWiki_Sum but found $MediaWiki_Sum_CHECK" read -r -p $" Press Enter to Exit Script" exit 1 fi ######################### # apache quick config function apacheconfigfunc { printf "<VirtualHost *:80>\n\tDocumentRoot /var/www/html/mediawiki\n</VirtualHost>\n" } apacheconfigfunc > /etc/apache2/sites-available/000-default.conf # restart apache2 systemctl restart apache2 #end apache quick config ########################################## #Container ip function ####Print IP for container function conIPfun { hostname -I | awk '{print $1}' } ConIPVar=$(hostname -I | awk '{print $1}') echo $ConIPVar ################### ######################## ##EmbedVideo extension EmbedSum="b8b4ccf516e5ba8f47f11e415fe0ac325e9d05eb1cc750c808191e7e8a15360f" apt install unzip -y wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip CheckEmbed="$(sha256sum EmbedVideo-v2.9.0.zip | awk '{print $1}')" if [ $CheckEmbed == $EmbedSum ] ; then echo "checksum checks out:" unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/ mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo else echo "Checksum not checking out" printf "looking for $EmbedSum but found $CheckEmbed" read -r -p $" Press Enter to Exit Script" exit 1 fi ##### # Create Database mysql -u root <<MYSQL_SCRIPT CREATE USER 'wiki'@'localhost'; # not needed for root CREATE DATABASE my_wiki; use my_wiki; GRANT ALL ON my_wiki.* TO 'wiki'@'localhost'; MYSQL_SCRIPT # Remember to change name from 'root' to 'wiki' and push file to container: CON_NAME=$(uname -a | awk '{print $2}') echo "Now visit the IP $ConIPVar from a browser" echo "and change the database username from 'root' to 'wiki' on the DateBase Page" echo "When finished you will download a 'LocalSettings.php' file" echo "You need to push this file into the container $CON_NAME from your download directory" echo "you can use 'lxc file push' to copy the file into the container" echo "lxc file push /home/USERNAME/Downloads/LocalSettings.php $CON_NAME/var/www/html/mediawiki/" echo "the setup script will continue as few seconds after." ################################### # Wait for LocalSettings.php to be imported to Container # while [ ! -f /var/www/html/mediawiki/LocalSettings.php ] do sleep 2 # will check every 2 seconds to see if file is there done ##################################### #Noobs curl -L xml.completenoobs.com/xmlDumps | grep Noobs | awk -F '"' '{print $2}' > /tmp/wi-dump.txt #grep will find newest dated dump and assign to $newest newest=$(grep -oE '^[0-9]{2}_[0-9]{2}_[0-9]{2}' /tmp/wi-dump.txt | sort -r | head -n 1) temppath="/tmp/wi-dir/" md5=$newest.md5sum.txt xml=$newest.Noobs.xml sha256=$newest.sha256sum.txt #mkdir for dumps mkdir /tmp/wi-dir wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$md5 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$sha256 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$xml -P /tmp/wi-dir/ # CheckSums before import md5_dl=$(md5sum $temppath$xml | awk '{print $1}') md5_file=$(cat /tmp/wi-dir/$md5 | awk '{print $1}') sha256_dl=$(sha256sum $temppath$xml | awk '{print $1}') sha256_file=$(cat $temppath$sha256 | awk '{print $1}') if [ $md5file == $md5dl ]; then echo 'md5 checks out' else echo 'does not check out' fi if [ $sha256_dl == $sha256_file ]; then echo "sha256 checks out" #import to wiki echo "importing mediawiki database" php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php $temppath$xml php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php php /var/www/html/mediawiki/maintenance/initSiteStats.php php /var/www/html/mediawiki/maintenance/rebuildall.php else echo "checksum not checking out" exit 1 fi # dont forget clean up rm -rf /tmp/wi-dir/* </syntaxhighlight> 6q9j4p805l1r3g09yl7vepvhczq108b 195 194 2023-03-22T21:23:40Z Noob 1 /* script to auto install wiki in container - Draft0 */ 195 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ===EmbedVideo=== In order to view the embedded video's you will need to install the <b>EmbedVideo</b> extension.<br> If you do not, you will still be able to view the video address.<br> https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. ==script to auto install wiki in container - Draft0== <syntaxhighlight lang='bash' line> #!/bin/bash # check root if [ "$EUID" -ne 0 ] then echo "Please run as root" exit fi #check running ubuntu 22.04 CHECK_UBUNTU=$(lsb_release -i | awk '{print $3}') CHECK_UBUNTU2004=$(lsb_release -r | awk '{print $2}') if [ $CHECK_UBUNTU == "Ubuntu" ] then if [ $CHECK_UBUNTU2004 == "22.04" ] then printf "You are running $CHECK_UBUNTU $CHECK_UBUNTU2004\n\n" else echo "are you sure your running ubuntu 22.04?" echo $CHECK_UBUNTU $CHECK_UBUNTU2004 printf "This script is intended for Ubuntu 22.04\nExiting script\n" exit 1 fi else printf "This script is intended for ubuntu 22.04!\nScript exiting\n" exit 1 fi ##################################################### printf "\nThis is a script in development!\n" printf "For quickly installing the basic's of mediawiki on a ubuntu 22.04 container\n" printf "Enter \"yes\" to continue with script or press anykey to exit!\n" printf "\n What this script will do:\n \n\t3. Install software packages: \t\t apache2 \t\t mysql-server \t\t php \t\t php-mysql \t\t libapache2-mod-php \t\t php-xml \t\t php-mbstring \t\t php-intl \t\t mediawiki-1.39.2 \n\t4. Take name for your localwiki \n\t 5a. Download, checksum, extract to path: \'MediaWiki-1.34.2\' \t 5b. Download, checksum and move to path file \'apache.conf.backup\' - template for configuring apache \n\t7. Create Database for mediawiki \n\t8. Configure Apache \n\t10. Will echo/display details required for finishing media setup on web browser \n\n\tPlease type \"yes\" case sensitive to continue!\n \tJust Press Enter to Exit Script!\n \tEnter anwser here :" read anypress if [ -z "$anypress" ] then printf "Exiting Script!" sleep 1 exit 1 else if [ $anypress == "yes" ] then printf "starting script ....." sleep 1 else printf "Exiting Script!" sleep 1 exit 1 fi fi #################################################### ########### check system up to date apt update && apt upgrade -y && apt autoremove -y ########################################### ########### Install packages # checksum of mediawiki download. # add patch and check sig # when downloading from github add(?raw=true) at the end or you will download a html page. # Install main packages from ubuntu repos apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y ###### # download and checksums of media wiki MediaWiki_Sum="ddb51d228a19ca68cd8871d850175f6bef46874476ed1466f015cf9846d9c7a5" wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz # Check md5sum of download and extract to directory MediaWiki_Sum_CHECK="$(sha256sum mediawiki-1.39.2.tar.gz | awk '{print $1}')" if [ $MediaWiki_Sum == $MediaWiki_Sum_CHECK ] ; then echo "checksum checks out:" tar -zxvf mediawiki-1.39.2.tar.gz -C /var/www/html/ mv /var/www/html/mediawiki-1.39.2 /var/www/html/mediawiki rm mediawiki-1.39.2.tar.gz else echo "Checksum not checking out" printf "looking for $MediaWiki_Sum but found $MediaWiki_Sum_CHECK" read -r -p $" Press Enter to Exit Script" exit 1 fi ######################### # apache quick config function apacheconfigfunc { printf "<VirtualHost *:80>\n\tDocumentRoot /var/www/html/mediawiki\n</VirtualHost>\n" } apacheconfigfunc > /etc/apache2/sites-available/000-default.conf # restart apache2 systemctl restart apache2 #end apache quick config ########################################## #Container ip function ####Print IP for container function conIPfun { hostname -I | awk '{print $1}' } ConIPVar=$(hostname -I | awk '{print $1}') echo $ConIPVar ################### ######################## ##EmbedVideo extension EmbedSum="b8b4ccf516e5ba8f47f11e415fe0ac325e9d05eb1cc750c808191e7e8a15360f" apt install unzip -y wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip CheckEmbed="$(sha256sum EmbedVideo-v2.9.0.zip | awk '{print $1}')" if [ $CheckEmbed == $EmbedSum ] ; then echo "checksum checks out:" unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/ mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo else echo "Checksum not checking out" printf "looking for $EmbedSum but found $CheckEmbed" read -r -p $" Press Enter to Exit Script" exit 1 fi ##### # Create Database mysql -u root <<MYSQL_SCRIPT CREATE USER 'wiki'@'localhost'; # not needed for root CREATE DATABASE my_wiki; use my_wiki; GRANT ALL ON my_wiki.* TO 'wiki'@'localhost'; MYSQL_SCRIPT # Remember to change name from 'root' to 'wiki' and push file to container: CON_NAME=$(uname -a | awk '{print $2}') echo "Now visit the IP $ConIPVar from a browser" echo "and change the database username from 'root' to 'wiki' on the DateBase Page" echo "When finished you will download a 'LocalSettings.php' file" echo "You need to push this file into the container $CON_NAME from your download directory" echo "you can use 'lxc file push' to copy the file into the container" echo "lxc file push /home/USERNAME/Downloads/LocalSettings.php $CON_NAME/var/www/html/mediawiki/" echo "the setup script will continue as few seconds after." ################################### # Wait for LocalSettings.php to be imported to Container # while [ ! -f /var/www/html/mediawiki/LocalSettings.php ] do sleep 2 # will check every 2 seconds to see if file is there done ##################################### #Noobs curl -L xml.completenoobs.com/xmlDumps | grep Noobs | awk -F '"' '{print $2}' > /tmp/wi-dump.txt #grep will find newest dated dump and assign to $newest newest=$(grep -oE '^[0-9]{2}_[0-9]{2}_[0-9]{2}' /tmp/wi-dump.txt | sort -r | head -n 1) temppath="/tmp/wi-dir/" md5=$newest.md5sum.txt xml=$newest.Noobs.xml sha256=$newest.sha256sum.txt #mkdir for dumps mkdir /tmp/wi-dir wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$md5 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$sha256 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$xml -P /tmp/wi-dir/ # CheckSums before import md5_dl=$(md5sum $temppath$xml | awk '{print $1}') md5_file=$(cat /tmp/wi-dir/$md5 | awk '{print $1}') sha256_dl=$(sha256sum $temppath$xml | awk '{print $1}') sha256_file=$(cat $temppath$sha256 | awk '{print $1}') if [ $md5file == $md5dl ]; then echo 'md5 checks out' else echo 'does not check out' fi if [ $sha256_dl == $sha256_file ]; then echo "sha256 checks out" #import to wiki echo "importing mediawiki database" php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php $temppath$xml php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php php /var/www/html/mediawiki/maintenance/initSiteStats.php php /var/www/html/mediawiki/maintenance/rebuildall.php else echo "checksum not checking out" exit 1 fi # dont forget clean up rm -rf /tmp/wi-dir/* </syntaxhighlight> pjajwm3aw1f8mtpf63pp06qhesp0uii 196 195 2023-03-22T21:24:17Z Noob 1 /* script to auto install wiki in container - Draft0 */ 196 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ===EmbedVideo=== In order to view the embedded video's you will need to install the <b>EmbedVideo</b> extension.<br> If you do not, you will still be able to view the video address.<br> https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. ==script to auto install wiki in container - Draft0== <syntaxhighlight lang='bash' line> #!/bin/bash # check root if [ "$EUID" -ne 0 ] then echo "you need to run as root!" exit fi #check running ubuntu 22.04 CHECK_UBUNTU=$(lsb_release -i | awk '{print $3}') CHECK_UBUNTU2004=$(lsb_release -r | awk '{print $2}') if [ $CHECK_UBUNTU == "Ubuntu" ] then if [ $CHECK_UBUNTU2004 == "22.04" ] then printf "You are running $CHECK_UBUNTU $CHECK_UBUNTU2004\n\n" else echo "are you sure your running ubuntu 22.04?" echo $CHECK_UBUNTU $CHECK_UBUNTU2004 printf "This script is intended for Ubuntu 22.04\nExiting script\n" exit 1 fi else printf "This script is intended for ubuntu 22.04!\nScript exiting\n" exit 1 fi ##################################################### printf "\nThis is a script in development!\n" printf "For quickly installing the basic's of mediawiki on a ubuntu 22.04 container\n" printf "Enter \"yes\" to continue with script or press anykey to exit!\n" printf "\n What this script will do:\n \n\t3. Install software packages: \t\t apache2 \t\t mysql-server \t\t php \t\t php-mysql \t\t libapache2-mod-php \t\t php-xml \t\t php-mbstring \t\t php-intl \t\t mediawiki-1.39.2 \n\t4. Take name for your localwiki \n\t 5a. Download, checksum, extract to path: \'MediaWiki-1.34.2\' \t 5b. Download, checksum and move to path file \'apache.conf.backup\' - template for configuring apache \n\t7. Create Database for mediawiki \n\t8. Configure Apache \n\t10. Will echo/display details required for finishing media setup on web browser \n\n\tPlease type \"yes\" case sensitive to continue!\n \tJust Press Enter to Exit Script!\n \tEnter anwser here :" read anypress if [ -z "$anypress" ] then printf "Exiting Script!" sleep 1 exit 1 else if [ $anypress == "yes" ] then printf "starting script ....." sleep 1 else printf "Exiting Script!" sleep 1 exit 1 fi fi #################################################### ########### check system up to date apt update && apt upgrade -y && apt autoremove -y ########################################### ########### Install packages # checksum of mediawiki download. # add patch and check sig # when downloading from github add(?raw=true) at the end or you will download a html page. # Install main packages from ubuntu repos apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y ###### # download and checksums of media wiki MediaWiki_Sum="ddb51d228a19ca68cd8871d850175f6bef46874476ed1466f015cf9846d9c7a5" wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz # Check md5sum of download and extract to directory MediaWiki_Sum_CHECK="$(sha256sum mediawiki-1.39.2.tar.gz | awk '{print $1}')" if [ $MediaWiki_Sum == $MediaWiki_Sum_CHECK ] ; then echo "checksum checks out:" tar -zxvf mediawiki-1.39.2.tar.gz -C /var/www/html/ mv /var/www/html/mediawiki-1.39.2 /var/www/html/mediawiki rm mediawiki-1.39.2.tar.gz else echo "Checksum not checking out" printf "looking for $MediaWiki_Sum but found $MediaWiki_Sum_CHECK" read -r -p $" Press Enter to Exit Script" exit 1 fi ######################### # apache quick config function apacheconfigfunc { printf "<VirtualHost *:80>\n\tDocumentRoot /var/www/html/mediawiki\n</VirtualHost>\n" } apacheconfigfunc > /etc/apache2/sites-available/000-default.conf # restart apache2 systemctl restart apache2 #end apache quick config ########################################## #Container ip function ####Print IP for container function conIPfun { hostname -I | awk '{print $1}' } ConIPVar=$(hostname -I | awk '{print $1}') echo $ConIPVar ################### ######################## ##EmbedVideo extension EmbedSum="b8b4ccf516e5ba8f47f11e415fe0ac325e9d05eb1cc750c808191e7e8a15360f" apt install unzip -y wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip CheckEmbed="$(sha256sum EmbedVideo-v2.9.0.zip | awk '{print $1}')" if [ $CheckEmbed == $EmbedSum ] ; then echo "checksum checks out:" unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/ mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo else echo "Checksum not checking out" printf "looking for $EmbedSum but found $CheckEmbed" read -r -p $" Press Enter to Exit Script" exit 1 fi ##### # Create Database mysql -u root <<MYSQL_SCRIPT CREATE USER 'wiki'@'localhost'; # not needed for root CREATE DATABASE my_wiki; use my_wiki; GRANT ALL ON my_wiki.* TO 'wiki'@'localhost'; MYSQL_SCRIPT # Remember to change name from 'root' to 'wiki' and push file to container: CON_NAME=$(uname -a | awk '{print $2}') echo "Now visit the IP $ConIPVar from a browser" echo "and change the database username from 'root' to 'wiki' on the DateBase Page" echo "When finished you will download a 'LocalSettings.php' file" echo "You need to push this file into the container $CON_NAME from your download directory" echo "you can use 'lxc file push' to copy the file into the container" echo "lxc file push /home/USERNAME/Downloads/LocalSettings.php $CON_NAME/var/www/html/mediawiki/" echo "the setup script will continue as few seconds after." ################################### # Wait for LocalSettings.php to be imported to Container # while [ ! -f /var/www/html/mediawiki/LocalSettings.php ] do sleep 2 # will check every 2 seconds to see if file is there done ##################################### #Noobs curl -L xml.completenoobs.com/xmlDumps | grep Noobs | awk -F '"' '{print $2}' > /tmp/wi-dump.txt #grep will find newest dated dump and assign to $newest newest=$(grep -oE '^[0-9]{2}_[0-9]{2}_[0-9]{2}' /tmp/wi-dump.txt | sort -r | head -n 1) temppath="/tmp/wi-dir/" md5=$newest.md5sum.txt xml=$newest.Noobs.xml sha256=$newest.sha256sum.txt #mkdir for dumps mkdir /tmp/wi-dir wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$md5 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$sha256 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$xml -P /tmp/wi-dir/ # CheckSums before import md5_dl=$(md5sum $temppath$xml | awk '{print $1}') md5_file=$(cat /tmp/wi-dir/$md5 | awk '{print $1}') sha256_dl=$(sha256sum $temppath$xml | awk '{print $1}') sha256_file=$(cat $temppath$sha256 | awk '{print $1}') if [ $md5file == $md5dl ]; then echo 'md5 checks out' else echo 'does not check out' fi if [ $sha256_dl == $sha256_file ]; then echo "sha256 checks out" #import to wiki echo "importing mediawiki database" php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php $temppath$xml php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php php /var/www/html/mediawiki/maintenance/initSiteStats.php php /var/www/html/mediawiki/maintenance/rebuildall.php else echo "checksum not checking out" exit 1 fi # dont forget clean up rm -rf /tmp/wi-dir/* </syntaxhighlight> 4hbv02l229j656eng32h2rhegyrgwml 230 196 2023-03-29T21:10:56Z Noob 1 /* Visit your local copy of CompleteNoobs */ 230 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ===EmbedVideo=== In order to view the embedded video's you will need to install the <b>EmbedVideo</b> extension.<br> If you do not, you will still be able to view the video address.<br> https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> ==script to auto install wiki in container - Draft0== <syntaxhighlight lang='bash' line> #!/bin/bash # check root if [ "$EUID" -ne 0 ] then echo "you need to run as root!" exit fi #check running ubuntu 22.04 CHECK_UBUNTU=$(lsb_release -i | awk '{print $3}') CHECK_UBUNTU2004=$(lsb_release -r | awk '{print $2}') if [ $CHECK_UBUNTU == "Ubuntu" ] then if [ $CHECK_UBUNTU2004 == "22.04" ] then printf "You are running $CHECK_UBUNTU $CHECK_UBUNTU2004\n\n" else echo "are you sure your running ubuntu 22.04?" echo $CHECK_UBUNTU $CHECK_UBUNTU2004 printf "This script is intended for Ubuntu 22.04\nExiting script\n" exit 1 fi else printf "This script is intended for ubuntu 22.04!\nScript exiting\n" exit 1 fi ##################################################### printf "\nThis is a script in development!\n" printf "For quickly installing the basic's of mediawiki on a ubuntu 22.04 container\n" printf "Enter \"yes\" to continue with script or press anykey to exit!\n" printf "\n What this script will do:\n \n\t3. Install software packages: \t\t apache2 \t\t mysql-server \t\t php \t\t php-mysql \t\t libapache2-mod-php \t\t php-xml \t\t php-mbstring \t\t php-intl \t\t mediawiki-1.39.2 \n\t4. Take name for your localwiki \n\t 5a. Download, checksum, extract to path: \'MediaWiki-1.34.2\' \t 5b. Download, checksum and move to path file \'apache.conf.backup\' - template for configuring apache \n\t7. Create Database for mediawiki \n\t8. Configure Apache \n\t10. Will echo/display details required for finishing media setup on web browser \n\n\tPlease type \"yes\" case sensitive to continue!\n \tJust Press Enter to Exit Script!\n \tEnter anwser here :" read anypress if [ -z "$anypress" ] then printf "Exiting Script!" sleep 1 exit 1 else if [ $anypress == "yes" ] then printf "starting script ....." sleep 1 else printf "Exiting Script!" sleep 1 exit 1 fi fi #################################################### ########### check system up to date apt update && apt upgrade -y && apt autoremove -y ########################################### ########### Install packages # checksum of mediawiki download. # add patch and check sig # when downloading from github add(?raw=true) at the end or you will download a html page. # Install main packages from ubuntu repos apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y ###### # download and checksums of media wiki MediaWiki_Sum="ddb51d228a19ca68cd8871d850175f6bef46874476ed1466f015cf9846d9c7a5" wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz # Check md5sum of download and extract to directory MediaWiki_Sum_CHECK="$(sha256sum mediawiki-1.39.2.tar.gz | awk '{print $1}')" if [ $MediaWiki_Sum == $MediaWiki_Sum_CHECK ] ; then echo "checksum checks out:" tar -zxvf mediawiki-1.39.2.tar.gz -C /var/www/html/ mv /var/www/html/mediawiki-1.39.2 /var/www/html/mediawiki rm mediawiki-1.39.2.tar.gz else echo "Checksum not checking out" printf "looking for $MediaWiki_Sum but found $MediaWiki_Sum_CHECK" read -r -p $" Press Enter to Exit Script" exit 1 fi ######################### # apache quick config function apacheconfigfunc { printf "<VirtualHost *:80>\n\tDocumentRoot /var/www/html/mediawiki\n</VirtualHost>\n" } apacheconfigfunc > /etc/apache2/sites-available/000-default.conf # restart apache2 systemctl restart apache2 #end apache quick config ########################################## #Container ip function ####Print IP for container function conIPfun { hostname -I | awk '{print $1}' } ConIPVar=$(hostname -I | awk '{print $1}') echo $ConIPVar ################### ######################## ##EmbedVideo extension EmbedSum="b8b4ccf516e5ba8f47f11e415fe0ac325e9d05eb1cc750c808191e7e8a15360f" apt install unzip -y wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip CheckEmbed="$(sha256sum EmbedVideo-v2.9.0.zip | awk '{print $1}')" if [ $CheckEmbed == $EmbedSum ] ; then echo "checksum checks out:" unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/ mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo else echo "Checksum not checking out" printf "looking for $EmbedSum but found $CheckEmbed" read -r -p $" Press Enter to Exit Script" exit 1 fi ##### # Create Database mysql -u root <<MYSQL_SCRIPT CREATE USER 'wiki'@'localhost'; # not needed for root CREATE DATABASE my_wiki; use my_wiki; GRANT ALL ON my_wiki.* TO 'wiki'@'localhost'; MYSQL_SCRIPT # Remember to change name from 'root' to 'wiki' and push file to container: CON_NAME=$(uname -a | awk '{print $2}') echo "Now visit the IP $ConIPVar from a browser" echo "and change the database username from 'root' to 'wiki' on the DateBase Page" echo "When finished you will download a 'LocalSettings.php' file" echo "You need to push this file into the container $CON_NAME from your download directory" echo "you can use 'lxc file push' to copy the file into the container" echo "lxc file push /home/USERNAME/Downloads/LocalSettings.php $CON_NAME/var/www/html/mediawiki/" echo "the setup script will continue as few seconds after." ################################### # Wait for LocalSettings.php to be imported to Container # while [ ! -f /var/www/html/mediawiki/LocalSettings.php ] do sleep 2 # will check every 2 seconds to see if file is there done ##################################### #Noobs curl -L xml.completenoobs.com/xmlDumps | grep Noobs | awk -F '"' '{print $2}' > /tmp/wi-dump.txt #grep will find newest dated dump and assign to $newest newest=$(grep -oE '^[0-9]{2}_[0-9]{2}_[0-9]{2}' /tmp/wi-dump.txt | sort -r | head -n 1) temppath="/tmp/wi-dir/" md5=$newest.md5sum.txt xml=$newest.Noobs.xml sha256=$newest.sha256sum.txt #mkdir for dumps mkdir /tmp/wi-dir wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$md5 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$sha256 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$xml -P /tmp/wi-dir/ # CheckSums before import md5_dl=$(md5sum $temppath$xml | awk '{print $1}') md5_file=$(cat /tmp/wi-dir/$md5 | awk '{print $1}') sha256_dl=$(sha256sum $temppath$xml | awk '{print $1}') sha256_file=$(cat $temppath$sha256 | awk '{print $1}') if [ $md5file == $md5dl ]; then echo 'md5 checks out' else echo 'does not check out' fi if [ $sha256_dl == $sha256_file ]; then echo "sha256 checks out" #import to wiki echo "importing mediawiki database" php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php $temppath$xml php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php php /var/www/html/mediawiki/maintenance/initSiteStats.php php /var/www/html/mediawiki/maintenance/rebuildall.php else echo "checksum not checking out" exit 1 fi # dont forget clean up rm -rf /tmp/wi-dir/* </syntaxhighlight> jg8y5xgaag5m709zwor9m3hss2573lf 374 230 2023-04-28T23:21:47Z AwesomO 5 /* restore xml dump */ 374 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> :* can be done in one line using '''&&'': <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php && php /var/www/html/mediawiki/maintenance/initSiteStats.php && php /var/www/html/mediawiki/maintenance/rebuildall.php</code> :** The '''&&''' operator is known as the "AND" operator. It is used to execute a command only if the previous command completes successfully. ===EmbedVideo=== In order to view the embedded video's you will need to install the <b>EmbedVideo</b> extension.<br> If you do not, you will still be able to view the video address.<br> https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> ==script to auto install wiki in container - Draft0== <syntaxhighlight lang='bash' line> #!/bin/bash # check root if [ "$EUID" -ne 0 ] then echo "you need to run as root!" exit fi #check running ubuntu 22.04 CHECK_UBUNTU=$(lsb_release -i | awk '{print $3}') CHECK_UBUNTU2004=$(lsb_release -r | awk '{print $2}') if [ $CHECK_UBUNTU == "Ubuntu" ] then if [ $CHECK_UBUNTU2004 == "22.04" ] then printf "You are running $CHECK_UBUNTU $CHECK_UBUNTU2004\n\n" else echo "are you sure your running ubuntu 22.04?" echo $CHECK_UBUNTU $CHECK_UBUNTU2004 printf "This script is intended for Ubuntu 22.04\nExiting script\n" exit 1 fi else printf "This script is intended for ubuntu 22.04!\nScript exiting\n" exit 1 fi ##################################################### printf "\nThis is a script in development!\n" printf "For quickly installing the basic's of mediawiki on a ubuntu 22.04 container\n" printf "Enter \"yes\" to continue with script or press anykey to exit!\n" printf "\n What this script will do:\n \n\t3. Install software packages: \t\t apache2 \t\t mysql-server \t\t php \t\t php-mysql \t\t libapache2-mod-php \t\t php-xml \t\t php-mbstring \t\t php-intl \t\t mediawiki-1.39.2 \n\t4. Take name for your localwiki \n\t 5a. Download, checksum, extract to path: \'MediaWiki-1.34.2\' \t 5b. Download, checksum and move to path file \'apache.conf.backup\' - template for configuring apache \n\t7. Create Database for mediawiki \n\t8. Configure Apache \n\t10. Will echo/display details required for finishing media setup on web browser \n\n\tPlease type \"yes\" case sensitive to continue!\n \tJust Press Enter to Exit Script!\n \tEnter anwser here :" read anypress if [ -z "$anypress" ] then printf "Exiting Script!" sleep 1 exit 1 else if [ $anypress == "yes" ] then printf "starting script ....." sleep 1 else printf "Exiting Script!" sleep 1 exit 1 fi fi #################################################### ########### check system up to date apt update && apt upgrade -y && apt autoremove -y ########################################### ########### Install packages # checksum of mediawiki download. # add patch and check sig # when downloading from github add(?raw=true) at the end or you will download a html page. # Install main packages from ubuntu repos apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y ###### # download and checksums of media wiki MediaWiki_Sum="ddb51d228a19ca68cd8871d850175f6bef46874476ed1466f015cf9846d9c7a5" wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz # Check md5sum of download and extract to directory MediaWiki_Sum_CHECK="$(sha256sum mediawiki-1.39.2.tar.gz | awk '{print $1}')" if [ $MediaWiki_Sum == $MediaWiki_Sum_CHECK ] ; then echo "checksum checks out:" tar -zxvf mediawiki-1.39.2.tar.gz -C /var/www/html/ mv /var/www/html/mediawiki-1.39.2 /var/www/html/mediawiki rm mediawiki-1.39.2.tar.gz else echo "Checksum not checking out" printf "looking for $MediaWiki_Sum but found $MediaWiki_Sum_CHECK" read -r -p $" Press Enter to Exit Script" exit 1 fi ######################### # apache quick config function apacheconfigfunc { printf "<VirtualHost *:80>\n\tDocumentRoot /var/www/html/mediawiki\n</VirtualHost>\n" } apacheconfigfunc > /etc/apache2/sites-available/000-default.conf # restart apache2 systemctl restart apache2 #end apache quick config ########################################## #Container ip function ####Print IP for container function conIPfun { hostname -I | awk '{print $1}' } ConIPVar=$(hostname -I | awk '{print $1}') echo $ConIPVar ################### ######################## ##EmbedVideo extension EmbedSum="b8b4ccf516e5ba8f47f11e415fe0ac325e9d05eb1cc750c808191e7e8a15360f" apt install unzip -y wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip CheckEmbed="$(sha256sum EmbedVideo-v2.9.0.zip | awk '{print $1}')" if [ $CheckEmbed == $EmbedSum ] ; then echo "checksum checks out:" unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/ mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo else echo "Checksum not checking out" printf "looking for $EmbedSum but found $CheckEmbed" read -r -p $" Press Enter to Exit Script" exit 1 fi ##### # Create Database mysql -u root <<MYSQL_SCRIPT CREATE USER 'wiki'@'localhost'; # not needed for root CREATE DATABASE my_wiki; use my_wiki; GRANT ALL ON my_wiki.* TO 'wiki'@'localhost'; MYSQL_SCRIPT # Remember to change name from 'root' to 'wiki' and push file to container: CON_NAME=$(uname -a | awk '{print $2}') echo "Now visit the IP $ConIPVar from a browser" echo "and change the database username from 'root' to 'wiki' on the DateBase Page" echo "When finished you will download a 'LocalSettings.php' file" echo "You need to push this file into the container $CON_NAME from your download directory" echo "you can use 'lxc file push' to copy the file into the container" echo "lxc file push /home/USERNAME/Downloads/LocalSettings.php $CON_NAME/var/www/html/mediawiki/" echo "the setup script will continue as few seconds after." ################################### # Wait for LocalSettings.php to be imported to Container # while [ ! -f /var/www/html/mediawiki/LocalSettings.php ] do sleep 2 # will check every 2 seconds to see if file is there done ##################################### #Noobs curl -L xml.completenoobs.com/xmlDumps | grep Noobs | awk -F '"' '{print $2}' > /tmp/wi-dump.txt #grep will find newest dated dump and assign to $newest newest=$(grep -oE '^[0-9]{2}_[0-9]{2}_[0-9]{2}' /tmp/wi-dump.txt | sort -r | head -n 1) temppath="/tmp/wi-dir/" md5=$newest.md5sum.txt xml=$newest.Noobs.xml sha256=$newest.sha256sum.txt #mkdir for dumps mkdir /tmp/wi-dir wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$md5 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$sha256 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$xml -P /tmp/wi-dir/ # CheckSums before import md5_dl=$(md5sum $temppath$xml | awk '{print $1}') md5_file=$(cat /tmp/wi-dir/$md5 | awk '{print $1}') sha256_dl=$(sha256sum $temppath$xml | awk '{print $1}') sha256_file=$(cat $temppath$sha256 | awk '{print $1}') if [ $md5file == $md5dl ]; then echo 'md5 checks out' else echo 'does not check out' fi if [ $sha256_dl == $sha256_file ]; then echo "sha256 checks out" #import to wiki echo "importing mediawiki database" php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php $temppath$xml php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php php /var/www/html/mediawiki/maintenance/initSiteStats.php php /var/www/html/mediawiki/maintenance/rebuildall.php else echo "checksum not checking out" exit 1 fi # dont forget clean up rm -rf /tmp/wi-dir/* </syntaxhighlight> 9jpse5v5yo38dfkq58d5c3bevxvblrr 381 374 2023-05-04T17:00:21Z AwesomO 5 /* EmbedVideo */ 381 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> :* can be done in one line using '''&&'': <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php && php /var/www/html/mediawiki/maintenance/initSiteStats.php && php /var/www/html/mediawiki/maintenance/rebuildall.php</code> :** The '''&&''' operator is known as the "AND" operator. It is used to execute a command only if the previous command completes successfully. ===Youtube extension=== https://www.mediawiki.org/wiki/Extension:YouTube <code>wget https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /var/www/html/mediawiki/extensions/</code> * Append to '''LocalSettings.php''' <code>wfLoadExtension( 'YouTube' );</code> * On wiki page can now embed youtube videos ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> ==script to auto install wiki in container - Draft0== <syntaxhighlight lang='bash' line> #!/bin/bash # check root if [ "$EUID" -ne 0 ] then echo "you need to run as root!" exit fi #check running ubuntu 22.04 CHECK_UBUNTU=$(lsb_release -i | awk '{print $3}') CHECK_UBUNTU2004=$(lsb_release -r | awk '{print $2}') if [ $CHECK_UBUNTU == "Ubuntu" ] then if [ $CHECK_UBUNTU2004 == "22.04" ] then printf "You are running $CHECK_UBUNTU $CHECK_UBUNTU2004\n\n" else echo "are you sure your running ubuntu 22.04?" echo $CHECK_UBUNTU $CHECK_UBUNTU2004 printf "This script is intended for Ubuntu 22.04\nExiting script\n" exit 1 fi else printf "This script is intended for ubuntu 22.04!\nScript exiting\n" exit 1 fi ##################################################### printf "\nThis is a script in development!\n" printf "For quickly installing the basic's of mediawiki on a ubuntu 22.04 container\n" printf "Enter \"yes\" to continue with script or press anykey to exit!\n" printf "\n What this script will do:\n \n\t3. Install software packages: \t\t apache2 \t\t mysql-server \t\t php \t\t php-mysql \t\t libapache2-mod-php \t\t php-xml \t\t php-mbstring \t\t php-intl \t\t mediawiki-1.39.2 \n\t4. Take name for your localwiki \n\t 5a. Download, checksum, extract to path: \'MediaWiki-1.34.2\' \t 5b. Download, checksum and move to path file \'apache.conf.backup\' - template for configuring apache \n\t7. Create Database for mediawiki \n\t8. Configure Apache \n\t10. Will echo/display details required for finishing media setup on web browser \n\n\tPlease type \"yes\" case sensitive to continue!\n \tJust Press Enter to Exit Script!\n \tEnter anwser here :" read anypress if [ -z "$anypress" ] then printf "Exiting Script!" sleep 1 exit 1 else if [ $anypress == "yes" ] then printf "starting script ....." sleep 1 else printf "Exiting Script!" sleep 1 exit 1 fi fi #################################################### ########### check system up to date apt update && apt upgrade -y && apt autoremove -y ########################################### ########### Install packages # checksum of mediawiki download. # add patch and check sig # when downloading from github add(?raw=true) at the end or you will download a html page. # Install main packages from ubuntu repos apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y ###### # download and checksums of media wiki MediaWiki_Sum="ddb51d228a19ca68cd8871d850175f6bef46874476ed1466f015cf9846d9c7a5" wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz # Check md5sum of download and extract to directory MediaWiki_Sum_CHECK="$(sha256sum mediawiki-1.39.2.tar.gz | awk '{print $1}')" if [ $MediaWiki_Sum == $MediaWiki_Sum_CHECK ] ; then echo "checksum checks out:" tar -zxvf mediawiki-1.39.2.tar.gz -C /var/www/html/ mv /var/www/html/mediawiki-1.39.2 /var/www/html/mediawiki rm mediawiki-1.39.2.tar.gz else echo "Checksum not checking out" printf "looking for $MediaWiki_Sum but found $MediaWiki_Sum_CHECK" read -r -p $" Press Enter to Exit Script" exit 1 fi ######################### # apache quick config function apacheconfigfunc { printf "<VirtualHost *:80>\n\tDocumentRoot /var/www/html/mediawiki\n</VirtualHost>\n" } apacheconfigfunc > /etc/apache2/sites-available/000-default.conf # restart apache2 systemctl restart apache2 #end apache quick config ########################################## #Container ip function ####Print IP for container function conIPfun { hostname -I | awk '{print $1}' } ConIPVar=$(hostname -I | awk '{print $1}') echo $ConIPVar ################### ######################## ##EmbedVideo extension EmbedSum="b8b4ccf516e5ba8f47f11e415fe0ac325e9d05eb1cc750c808191e7e8a15360f" apt install unzip -y wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip CheckEmbed="$(sha256sum EmbedVideo-v2.9.0.zip | awk '{print $1}')" if [ $CheckEmbed == $EmbedSum ] ; then echo "checksum checks out:" unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/ mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo else echo "Checksum not checking out" printf "looking for $EmbedSum but found $CheckEmbed" read -r -p $" Press Enter to Exit Script" exit 1 fi ##### # Create Database mysql -u root <<MYSQL_SCRIPT CREATE USER 'wiki'@'localhost'; # not needed for root CREATE DATABASE my_wiki; use my_wiki; GRANT ALL ON my_wiki.* TO 'wiki'@'localhost'; MYSQL_SCRIPT # Remember to change name from 'root' to 'wiki' and push file to container: CON_NAME=$(uname -a | awk '{print $2}') echo "Now visit the IP $ConIPVar from a browser" echo "and change the database username from 'root' to 'wiki' on the DateBase Page" echo "When finished you will download a 'LocalSettings.php' file" echo "You need to push this file into the container $CON_NAME from your download directory" echo "you can use 'lxc file push' to copy the file into the container" echo "lxc file push /home/USERNAME/Downloads/LocalSettings.php $CON_NAME/var/www/html/mediawiki/" echo "the setup script will continue as few seconds after." ################################### # Wait for LocalSettings.php to be imported to Container # while [ ! -f /var/www/html/mediawiki/LocalSettings.php ] do sleep 2 # will check every 2 seconds to see if file is there done ##################################### #Noobs curl -L xml.completenoobs.com/xmlDumps | grep Noobs | awk -F '"' '{print $2}' > /tmp/wi-dump.txt #grep will find newest dated dump and assign to $newest newest=$(grep -oE '^[0-9]{2}_[0-9]{2}_[0-9]{2}' /tmp/wi-dump.txt | sort -r | head -n 1) temppath="/tmp/wi-dir/" md5=$newest.md5sum.txt xml=$newest.Noobs.xml sha256=$newest.sha256sum.txt #mkdir for dumps mkdir /tmp/wi-dir wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$md5 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$sha256 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$xml -P /tmp/wi-dir/ # CheckSums before import md5_dl=$(md5sum $temppath$xml | awk '{print $1}') md5_file=$(cat /tmp/wi-dir/$md5 | awk '{print $1}') sha256_dl=$(sha256sum $temppath$xml | awk '{print $1}') sha256_file=$(cat $temppath$sha256 | awk '{print $1}') if [ $md5file == $md5dl ]; then echo 'md5 checks out' else echo 'does not check out' fi if [ $sha256_dl == $sha256_file ]; then echo "sha256 checks out" #import to wiki echo "importing mediawiki database" php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php $temppath$xml php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php php /var/www/html/mediawiki/maintenance/initSiteStats.php php /var/www/html/mediawiki/maintenance/rebuildall.php else echo "checksum not checking out" exit 1 fi # dont forget clean up rm -rf /tmp/wi-dir/* </syntaxhighlight> lfjlbv9z369uoeqgrkqnq0zfxp33576 384 381 2023-05-04T17:05:28Z Noob 1 /* Youtube extension */ 384 wikitext text/x-wiki Tested on Ubuntu-Mate 20.04<br \> Download CompleteNoobs wiki and Keep Private Copy you can edit as you wish on your own computer. ==Download CompleteNoobs's XML dump== [https://xml.completenoobs.com CompleteNoobs xml dump] ==Create a container== <code>lxc launch ubuntu:20.04 localwiki</code><br \> Push file conataining xml dump to container<br \> <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> Log/Chroot into container<br \> <code>lxc exec localwiki bash</code><br \> ===update container and set to auto update=== update container<br \> <code>apt update && apt upgrade -y</code><br \> Auto updates<br \> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment the line:<br \> <pre>// "${distro_id}:${distro_codename}-updates";</pre> to <pre>"${distro_id}:${distro_codename}-updates";</pre> ===Install mediawiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ===Create database=== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ===Config Apache2=== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===Visit webpage and carry on with normal basic wiki setup=== Use <code>lxc list</code> on host to get IP address for your container: mine is <b>10.3.45.40</b><br \> With a web browser visit enter the ip in the address bar.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ===Send LocalSettings to Container=== From host:<br \> <code>lxc file push Downloads/LocalSettings.php localwiki/var/www/html/mediawiki/</code><br \> ===restore xml dump=== In container<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> :* can be done in one line using '''&&'': <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php && php /var/www/html/mediawiki/maintenance/initSiteStats.php && php /var/www/html/mediawiki/maintenance/rebuildall.php</code> :** The '''&&''' operator is known as the "AND" operator. It is used to execute a command only if the previous command completes successfully. ===Youtube extension=== * needed to view embedded videos https://www.mediawiki.org/wiki/Extension:YouTube <code>wget https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /var/www/html/mediawiki/extensions/</code> * Append to '''LocalSettings.php''' <code>wfLoadExtension( 'YouTube' );</code> * On wiki page can now embed youtube videos ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> ===Visit your local copy of CompleteNoobs=== In Browser go to http://$YOUR_CONTAINERS_IP<br \> Everything apart from <b>index.php/Main_Page</b> restored.<br \> Edit main page to have link to main_index<br \> <nowiki>[[Main_Index | wiki index]]</nowiki><br \> And thats why we have a [[Main_Index]] page. ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> ==script to auto install wiki in container - Draft0== <syntaxhighlight lang='bash' line> #!/bin/bash # check root if [ "$EUID" -ne 0 ] then echo "you need to run as root!" exit fi #check running ubuntu 22.04 CHECK_UBUNTU=$(lsb_release -i | awk '{print $3}') CHECK_UBUNTU2004=$(lsb_release -r | awk '{print $2}') if [ $CHECK_UBUNTU == "Ubuntu" ] then if [ $CHECK_UBUNTU2004 == "22.04" ] then printf "You are running $CHECK_UBUNTU $CHECK_UBUNTU2004\n\n" else echo "are you sure your running ubuntu 22.04?" echo $CHECK_UBUNTU $CHECK_UBUNTU2004 printf "This script is intended for Ubuntu 22.04\nExiting script\n" exit 1 fi else printf "This script is intended for ubuntu 22.04!\nScript exiting\n" exit 1 fi ##################################################### printf "\nThis is a script in development!\n" printf "For quickly installing the basic's of mediawiki on a ubuntu 22.04 container\n" printf "Enter \"yes\" to continue with script or press anykey to exit!\n" printf "\n What this script will do:\n \n\t3. Install software packages: \t\t apache2 \t\t mysql-server \t\t php \t\t php-mysql \t\t libapache2-mod-php \t\t php-xml \t\t php-mbstring \t\t php-intl \t\t mediawiki-1.39.2 \n\t4. Take name for your localwiki \n\t 5a. Download, checksum, extract to path: \'MediaWiki-1.34.2\' \t 5b. Download, checksum and move to path file \'apache.conf.backup\' - template for configuring apache \n\t7. Create Database for mediawiki \n\t8. Configure Apache \n\t10. Will echo/display details required for finishing media setup on web browser \n\n\tPlease type \"yes\" case sensitive to continue!\n \tJust Press Enter to Exit Script!\n \tEnter anwser here :" read anypress if [ -z "$anypress" ] then printf "Exiting Script!" sleep 1 exit 1 else if [ $anypress == "yes" ] then printf "starting script ....." sleep 1 else printf "Exiting Script!" sleep 1 exit 1 fi fi #################################################### ########### check system up to date apt update && apt upgrade -y && apt autoremove -y ########################################### ########### Install packages # checksum of mediawiki download. # add patch and check sig # when downloading from github add(?raw=true) at the end or you will download a html page. # Install main packages from ubuntu repos apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y ###### # download and checksums of media wiki MediaWiki_Sum="ddb51d228a19ca68cd8871d850175f6bef46874476ed1466f015cf9846d9c7a5" wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz # Check md5sum of download and extract to directory MediaWiki_Sum_CHECK="$(sha256sum mediawiki-1.39.2.tar.gz | awk '{print $1}')" if [ $MediaWiki_Sum == $MediaWiki_Sum_CHECK ] ; then echo "checksum checks out:" tar -zxvf mediawiki-1.39.2.tar.gz -C /var/www/html/ mv /var/www/html/mediawiki-1.39.2 /var/www/html/mediawiki rm mediawiki-1.39.2.tar.gz else echo "Checksum not checking out" printf "looking for $MediaWiki_Sum but found $MediaWiki_Sum_CHECK" read -r -p $" Press Enter to Exit Script" exit 1 fi ######################### # apache quick config function apacheconfigfunc { printf "<VirtualHost *:80>\n\tDocumentRoot /var/www/html/mediawiki\n</VirtualHost>\n" } apacheconfigfunc > /etc/apache2/sites-available/000-default.conf # restart apache2 systemctl restart apache2 #end apache quick config ########################################## #Container ip function ####Print IP for container function conIPfun { hostname -I | awk '{print $1}' } ConIPVar=$(hostname -I | awk '{print $1}') echo $ConIPVar ################### ######################## ##EmbedVideo extension EmbedSum="b8b4ccf516e5ba8f47f11e415fe0ac325e9d05eb1cc750c808191e7e8a15360f" apt install unzip -y wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip CheckEmbed="$(sha256sum EmbedVideo-v2.9.0.zip | awk '{print $1}')" if [ $CheckEmbed == $EmbedSum ] ; then echo "checksum checks out:" unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/ mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo else echo "Checksum not checking out" printf "looking for $EmbedSum but found $CheckEmbed" read -r -p $" Press Enter to Exit Script" exit 1 fi ##### # Create Database mysql -u root <<MYSQL_SCRIPT CREATE USER 'wiki'@'localhost'; # not needed for root CREATE DATABASE my_wiki; use my_wiki; GRANT ALL ON my_wiki.* TO 'wiki'@'localhost'; MYSQL_SCRIPT # Remember to change name from 'root' to 'wiki' and push file to container: CON_NAME=$(uname -a | awk '{print $2}') echo "Now visit the IP $ConIPVar from a browser" echo "and change the database username from 'root' to 'wiki' on the DateBase Page" echo "When finished you will download a 'LocalSettings.php' file" echo "You need to push this file into the container $CON_NAME from your download directory" echo "you can use 'lxc file push' to copy the file into the container" echo "lxc file push /home/USERNAME/Downloads/LocalSettings.php $CON_NAME/var/www/html/mediawiki/" echo "the setup script will continue as few seconds after." ################################### # Wait for LocalSettings.php to be imported to Container # while [ ! -f /var/www/html/mediawiki/LocalSettings.php ] do sleep 2 # will check every 2 seconds to see if file is there done ##################################### #Noobs curl -L xml.completenoobs.com/xmlDumps | grep Noobs | awk -F '"' '{print $2}' > /tmp/wi-dump.txt #grep will find newest dated dump and assign to $newest newest=$(grep -oE '^[0-9]{2}_[0-9]{2}_[0-9]{2}' /tmp/wi-dump.txt | sort -r | head -n 1) temppath="/tmp/wi-dir/" md5=$newest.md5sum.txt xml=$newest.Noobs.xml sha256=$newest.sha256sum.txt #mkdir for dumps mkdir /tmp/wi-dir wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$md5 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$sha256 -P /tmp/wi-dir/ wget https://xml.completenoobs.com/xmlDumps/$newest.Noobs/$xml -P /tmp/wi-dir/ # CheckSums before import md5_dl=$(md5sum $temppath$xml | awk '{print $1}') md5_file=$(cat /tmp/wi-dir/$md5 | awk '{print $1}') sha256_dl=$(sha256sum $temppath$xml | awk '{print $1}') sha256_file=$(cat $temppath$sha256 | awk '{print $1}') if [ $md5file == $md5dl ]; then echo 'md5 checks out' else echo 'does not check out' fi if [ $sha256_dl == $sha256_file ]; then echo "sha256 checks out" #import to wiki echo "importing mediawiki database" php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php $temppath$xml php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php php /var/www/html/mediawiki/maintenance/initSiteStats.php php /var/www/html/mediawiki/maintenance/rebuildall.php else echo "checksum not checking out" exit 1 fi # dont forget clean up rm -rf /tmp/wi-dir/* </syntaxhighlight> pkkimuqd8ux28xz3rzpcbs1pjyrr4ti 0 43 67 2023-03-03T01:02:53Z Noob 1 Created page with "==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a..." 67 wikitext text/x-wiki ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code> <code>tar -zxvf mediawiki-1.36.1.tar.gz</code> <code>sudo mv mediawiki-1.36.1 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/wikidump_28_07_2021-updated.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. cuwopnr49epzcjinweiq9gel5lq3f1f 197 67 2023-03-22T23:19:43Z Noob 1 /* Install mediawiki */ 197 wikitext text/x-wiki ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'u'@'localhost' IDENTIFIED BY 'passwd';</code><br \> <code>CREATE DATABASE db;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON db.* TO 'u'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:db<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:u<br \> Database password:passwd<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/wikidump_28_07_2021-updated.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. dw885pxywrm4wkxppyp8qkr4y9h3085 200 197 2023-03-23T11:11:36Z Noob 1 200 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service status apache2</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. f4px23jf3nml08p9zyimcbzvv344n5c 201 200 2023-03-23T11:18:46Z Noob 1 201 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> ==Reset Ubuntu== In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service status apache2</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. 6as8daf4sx0cisqfnsg3vd83x3fsvgy 202 201 2023-03-23T11:20:44Z Noob 1 /* Reset Ubuntu */ 202 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> ==To Reset Ubuntu== In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service status apache2</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. 5rc7lbbtpcsqo2bprquqiw31k87ecjd 203 202 2023-03-23T11:21:17Z Noob 1 /* To Reset Ubuntu */ 203 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> ==To Reset Ubuntu== If you want to reset Ubuntu and start again.<br> In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service status apache2</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use db;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. 2tt7511biksd0ydzial7ge6j75relin 204 203 2023-03-23T13:18:05Z Noob 1 /* Create database */ 204 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> ==To Reset Ubuntu== If you want to reset Ubuntu and start again.<br> In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service status apache2</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use my_wiki;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. 0exs4e4wph6938pqmz2jwfjo7swyktg 205 204 2023-03-23T19:03:56Z Noob 1 /* Install mediawiki */ 205 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> ==To Reset Ubuntu== If you want to reset Ubuntu and start again.<br> In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service apache2 status</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use my_wiki;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. 426mq6g5ovemxiadbcs3xsgtlsd0adl 206 205 2023-03-23T20:13:54Z Noob 1 /* Create Local Domain name shortcut to your local wiki */ 206 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> ==To Reset Ubuntu== If you want to reset Ubuntu and start again.<br> In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service apache2 status</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use my_wiki;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ==Restarting Windows== Restarting windows will fix the display bugs on the wiki.<br> You will need to open ubuntu and restart mysql and apache2.<br> <code>sudo service apache2 start</code><br> <code>sudo service mysql start</code><br> ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. 7bgqwh3ag0k7r81qffvyo3jppm8nvxo 207 206 2023-03-24T00:43:37Z Noob 1 /* Make sure Linux subsystem enabled on windows 10 */ 207 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=8ECoY94IEHM |alignment=inline }} </div> </div> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> ==To Reset Ubuntu== If you want to reset Ubuntu and start again.<br> In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service apache2 status</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use my_wiki;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ==Restarting Windows== Restarting windows will fix the display bugs on the wiki.<br> You will need to open ubuntu and restart mysql and apache2.<br> <code>sudo service apache2 start</code><br> <code>sudo service mysql start</code><br> ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. de9wlttw2maxf4kmh6m6l57haj0v684 208 207 2023-03-24T00:44:55Z Noob 1 /* Install Ubuntu from Microsoft store */ 208 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=8ECoY94IEHM |alignment=inline }} </div> </div> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=61Njpy8diBI |alignment=inline }} </div> </div> ==To Reset Ubuntu== If you want to reset Ubuntu and start again.<br> In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service apache2 status</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use my_wiki;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ==Restarting Windows== Restarting windows will fix the display bugs on the wiki.<br> You will need to open ubuntu and restart mysql and apache2.<br> <code>sudo service apache2 start</code><br> <code>sudo service mysql start</code><br> ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. 12yn12tybez8fmetxsqvo4n7ryq60mz 209 208 2023-03-24T00:46:18Z Noob 1 /* To Reset Ubuntu */ 209 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=8ECoY94IEHM |alignment=inline }} </div> </div> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=61Njpy8diBI |alignment=inline }} </div> </div> ==To Reset Ubuntu== If you want to reset Ubuntu and start again.<br> In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=jOc6yjrhO2g |alignment=inline }} </div> </div> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service apache2 status</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use my_wiki;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ==Restarting Windows== Restarting windows will fix the display bugs on the wiki.<br> You will need to open ubuntu and restart mysql and apache2.<br> <code>sudo service apache2 start</code><br> <code>sudo service mysql start</code><br> ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. 63m1o0qpgvuyu5wudn1b1tt362i7kcd 210 209 2023-03-24T00:49:26Z Noob 1 /* Windows 10 subsystem notes */ 210 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=8ECoY94IEHM |alignment=inline }} </div> </div> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=61Njpy8diBI |alignment=inline }} </div> </div> ==To Reset Ubuntu== If you want to reset Ubuntu and start again.<br> In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=jOc6yjrhO2g |alignment=inline }} </div> </div> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ==Video demonstration== {{#evu:https://www.youtube.com/watch?v=q4I8qwOUaLo |alignment=inline }} ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service apache2 status</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use my_wiki;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ==Restarting Windows== Restarting windows will fix the display bugs on the wiki.<br> You will need to open ubuntu and restart mysql and apache2.<br> <code>sudo service apache2 start</code><br> <code>sudo service mysql start</code><br> ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. 396o884kb3tvrw5iatni9t2rugrzms8 213 210 2023-03-25T19:23:52Z Noob 1 /* Restarting Windows */ 213 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=8ECoY94IEHM |alignment=inline }} </div> </div> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=61Njpy8diBI |alignment=inline }} </div> </div> ==To Reset Ubuntu== If you want to reset Ubuntu and start again.<br> In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=jOc6yjrhO2g |alignment=inline }} </div> </div> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ==Video demonstration== {{#evu:https://www.youtube.com/watch?v=q4I8qwOUaLo |alignment=inline }} ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service apache2 status</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use my_wiki;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ===EmbedVideo=== In order to view the embedded video's you will need to install the <b>EmbedVideo</b> extension.<br> If you do not, you will still be able to view the video address.<br> https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==Restarting Windows== Restarting windows will fix the display bugs on the wiki.<br> You will need to open ubuntu and restart mysql and apache2.<br> <code>sudo service apache2 start</code><br> <code>sudo service mysql start</code><br> ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. knxces38d4azhkfatyo4thxmaf6lhjk 231 213 2023-03-29T21:11:43Z Noob 1 /* Create Local Domain name shortcut to your local wiki */ 231 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=8ECoY94IEHM |alignment=inline }} </div> </div> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=61Njpy8diBI |alignment=inline }} </div> </div> ==To Reset Ubuntu== If you want to reset Ubuntu and start again.<br> In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=jOc6yjrhO2g |alignment=inline }} </div> </div> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ==Video demonstration== {{#evu:https://www.youtube.com/watch?v=q4I8qwOUaLo |alignment=inline }} ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service apache2 status</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use my_wiki;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ===EmbedVideo=== In order to view the embedded video's you will need to install the <b>EmbedVideo</b> extension.<br> If you do not, you will still be able to view the video address.<br> https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==Restarting Windows== Restarting windows will fix the display bugs on the wiki.<br> You will need to open ubuntu and restart mysql and apache2.<br> <code>sudo service apache2 start</code><br> <code>sudo service mysql start</code><br> ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. ==If Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> h915brucqk5c81pmv8bq1hqr37qgjbk 383 231 2023-05-04T17:05:24Z Noob 1 /* EmbedVideo */ 383 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=8ECoY94IEHM |alignment=inline }} </div> </div> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=61Njpy8diBI |alignment=inline }} </div> </div> ==To Reset Ubuntu== If you want to reset Ubuntu and start again.<br> In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> {{#evu:https://www.youtube.com/watch?v=jOc6yjrhO2g |alignment=inline }} </div> </div> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ==Video demonstration== {{#evu:https://www.youtube.com/watch?v=q4I8qwOUaLo |alignment=inline }} ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service apache2 status</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use my_wiki;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ===Youtube extension=== * needed to view embedded videos https://www.mediawiki.org/wiki/Extension:YouTube <code>wget https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /var/www/html/mediawiki/extensions/</code> * Append to '''LocalSettings.php''' <code>wfLoadExtension( 'YouTube' );</code> * On wiki page can now embed youtube videos ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> ==Restarting Windows== Restarting windows will fix the display bugs on the wiki.<br> You will need to open ubuntu and restart mysql and apache2.<br> <code>sudo service apache2 start</code><br> <code>sudo service mysql start</code><br> ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. ==If Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> hxbgw4x6giv5v0c1r0059fsne22nsha 388 383 2023-05-04T17:57:12Z AwesomO 5 388 wikitext text/x-wiki == local wiki on win 10 2nd draft== ==Make sure Linux subsystem enabled on windows 10== <b>Control Panel</b> > <b>Programs</b> > <b>Turn Windows features on or off</b> Scroll down and make sure <b>Windows Subsystem for Linux</b> box is ticked<br \> If it was unticked, you might should reboot/restart your computer after the subsystem installs.<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> <youtube>8ECoY94IEHM</youtube> </div> </div> ==Install Ubuntu from Microsoft store== Install the <b>Ubuntu App</b> from the store.<br \> And launch it.<br \> When you launch you will be prompted for a username and password:<br \> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> <youtube>61Njpy8diBI</youtube> </div> </div> ==To Reset Ubuntu== If you want to reset Ubuntu and start again.<br> In search bar goto <b>Apps & features</b><br> Find <b>Ubuntu 22.04.2 TLS</b> and click <b>Advanced options</b> scroll down to <b>Reset</b> and click the <b>Reset</b> button.<br> <div class="toccolours mw-collapsible mw-collapsed"> Video demo: <div class="mw-collapsible-content"> <youtube>jOc6yjrhO2g</youtube> </div> </div> ==Windows 10 subsystem notes== <blockquote> Interacting with snapd is not yet supported on Windows Subsystem for Linux. This command has been left available for documentation purposes only </blockquote> LXD does not work on the subsystem but we dont need it.<br \> ==Video demonstration== <youtube>q4I8qwOUaLo</youtube> ===Find your Subsystem Ubuntu IP address on network=== Get the ip for your linux on the subsystem win10.<br \> <code>ip route show default</code><br \> Will return something like:<br \> <pre>none default via 192.168.0.1 dev eth0 proto unspec metric 0</pre><br \> You are looking for your network interface, its after <b>dev</b> in my case it's <b>eth0</b><br \> Now to find the ip for that interface:<br \> <code>ip address</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>ip address</code> will return something like this: <div class="mw-collapsible-content"> <pre> 12: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1 link/ether 9c:b6:54:a5:a0:da inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic valid_lft 86178sec preferred_lft 86178sec inet6 fe80::55b2:e14f:3167:365d/64 scope link dynamic valid_lft forever preferred_lft forever 1: lo: <LOOPBACK,UP> mtu 1500 group default qlen 1 link/loopback 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 ::1/128 scope host dynamic valid_lft forever preferred_lft forever 16: wifi0: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d2 inet 169.254.163.24/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::fd1c:33d1:6cae:a318/64 scope link dynamic valid_lft forever preferred_lft forever 8: wifi1: <> mtu 1500 group default qlen 1 link/ieee802.11 0c:8b:fd:77:97:d3 inet 169.254.66.175/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::c0e4:3ef8:4054:42af/64 scope link dynamic valid_lft forever preferred_lft forever 17: wifi2: <> mtu 1500 group default qlen 1 link/ieee802.11 0e:8b:fd:77:97:d2 inet 169.254.142.131/16 brd 169.254.255.255 scope global dynamic valid_lft forever preferred_lft forever inet6 fe80::5dbb:c7b1:c7f7:8e83/64 scope link dynamic valid_lft forever preferred_lft forever </pre> </div> </div> Look for your interface, mine was <b>eth0</b><br \> 2 lines down, you will see a line that starts with <b>inet</b> that contains you network address.<br \> Mine was <b>192.168.0.130</b> ===Copy and Paste to the subsystem terminal=== Right clicking in the ubuntu terminal will paste.<br \> Highlighting text in the ubuntu terminal and right clicking will copy.<br \> ==Install mediawiki== <code>sudo apt update && sudo apt upgrade -y</code><br \> <code>sudo apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> Does not seem to use systemd on win subsystem.<br \> <code>sudo service apache2 start</code><br \> If you see error:<br> <pre> (92)Protocol not available: AH00076: Failed to enable ARP_TCP_DEFER_ACCEPT </pre> Don't worry, it should still work. Check status of apache2.<br> <code>sudo service apache2 status</code><br> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -zxvf mediawiki-1.39.2.tar.gz</code> <code>sudo mv mediawiki-1.39.2 /var/www/html/mediawiki </code> ==Create database== As this is just for your own computer on your own network, you can keep it super simple:<br \> <br>To Avoid Error:<br> <pre>su: warning: cannot change directory to /nonexistent: No such file or directory</pre> Fix with:<br> <code>sudo usermod -d /var/lib/mysql/ mysql</code><br> <br> <code>sudo service mysql start</code><br \> <code>sudo mysql -u root</code><br \> <code>CREATE USER 'wiki'@'localhost';</code><br \> <code>CREATE DATABASE my_wiki;</code><br \> <code>use my_wiki;</code><br \> <code>GRANT ALL ON my_wiki.* TO 'wiki'@'localhost';</code><br \> <code>quit;</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax Database setup: <div class="mw-collapsible-content"> Login to Mysql as user root: <code>mysql -u $USER</code><br \> <br \> <code>CREATE USER '$USERNAME'@'localhost';</code><br \> If creating a database password <code>CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';</code><br \> <code>CREATE DATABASE $DATABASE_NAME;</code><br \> <code>use $DATABASE_NAME;</code><br \> <code>GRANT ALL ON $DATABASE_NAME.* TO '$USER'@'localhost';</code><br \> </div> </div> ==Config Apache2== <code>sudo $EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ===Reload Apache2=== <code>sudo service apache2 restart</code><br \> ==Visit webpage and carry on with normal basic wiki setup== Remember your IP address for your subsystem, Mine was 192.168.0.130, now enter that in a web browser.<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.36.1 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost Change to <b>127.0.0.1</b> to avoid error<br \> Database name:wiki<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:my_wiki<br \> Database password: <b>LEAVE BLANK</b><br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the container from host. ==Send LocalSettings.php to subsystem== Now i am sure there is a way to send this file to the linux subsystem.<br \> But the only thing i remember and know right now is that i really dont like windows<br \> So open the file <b>LocalSettings.php</b> with notepad and <b>CTRL+A</b> to select all and <b>CTRL+c</b> to copy.<br \> Back on the linux subsystem.<br \> <code>sudo nano /var/www/html/mediawiki/LocalSettings.php</code><br \> On windows 10 its right click to paste.<br \> Once pasted <b>CTRL+o</b> (will prompt 'File Name to Write: /var/www/html/mediawiki/LocalSettings.php' press enter) and <b>CTRL+x</b> to exit.<br \> Do not refresh your web-browser it will prompt you to download LocalSettings.php again, revisit the IP address from earlier 192.168.0.130. and well come to your wiki.<br \> Now to import CompleteNoobs Wiki content from a xml dump.<br \> Visit <code>https://xml.completenoobs.com</code> and select the latest xml dump, right click and select 'Copy link address' now back to the subsystem<br \> <code>wget https://xml.completenoobs.com/xmlDumps/20_03_23.Noobs/20_03_23.Noobs.xml</code><br \> TIP:Type <b>wget</b> and then right click to paste the address<br \> now to import the dump.<br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php wikidump_28_07_2021-updated.xml</code><br \> Not finished yet:<br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> and thats it, Everything apart from the Main_Page is imported.<br \> But thats why we have a Main_Index page.<br \> Edit the home page and add <nowiki>[[Main_Index | Wiki index]]</nowiki> that will take you to the wiki's main index page. ===Youtube extension=== * needed to view embedded videos https://www.mediawiki.org/wiki/Extension:YouTube <code>wget https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /var/www/html/mediawiki/extensions/</code> * Append to '''LocalSettings.php''' <code>wfLoadExtension( 'YouTube' );</code> * On wiki page can now embed youtube videos ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> ==Restarting Windows== Restarting windows will fix the display bugs on the wiki.<br> You will need to open ubuntu and restart mysql and apache2.<br> <code>sudo service apache2 start</code><br> <code>sudo service mysql start</code><br> ==Create Local Domain name shortcut to your local wiki== On windows 10, open <b>Notepad</b> with <b>Run as administrator</b> and open the file <code>C:\Windows\System32\drivers\etc\hosts</code> (you will need to change "Text Documents (*.txt)" to "All Files" to see it.) And add the line at the bottom: <pre> 192.168.0.130 mywiki.local </pre> <b>192.168.0.130</b> is the ip of my ubuntu subsystem and <b>mywiki.local</b> is the domain name on browser i would like forwarded to the local wiki.<br \> Change the IP to your ubuntu subsystem ip and the Domain, you can change the domain name to anything you want.<br \> You can now view your wiki on your browser by entering <b>mywiki.local</b> or whatever you want your local domain called. ==If Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> 7if2pc7uxe3p5np0mdydcdoqkjxilc1 0 46 87 2023-03-03T12:13:26Z Noob 1 Created page with " ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the..." 87 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ===Customized preformatted text=== <pre style="color: red"> <code>rm -rf /*</code><br \> Will make your computer faster. </pre> <nowiki> <pre style="color: red"> <code>rm -rf /</code><br \> Will make your computer faster. </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic''''' ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> cdkykxwhyobih4ctggz8j56qcfe1pmm 88 87 2023-03-03T12:14:28Z Noob 1 /* bold and italic */ 88 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ===Customized preformatted text=== <pre style="color: red"> <code>rm -rf /*</code><br \> Will make your computer faster. </pre> <nowiki> <pre style="color: red"> <code>rm -rf /</code><br \> Will make your computer faster. </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic''''' ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> 9fl5e7gktyreqwz3wwn5tdttgwnqdkg 89 88 2023-03-03T12:14:52Z Noob 1 /* bold and italic */ 89 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ===Customized preformatted text=== <pre style="color: red"> <code>rm -rf /*</code><br \> Will make your computer faster. </pre> <nowiki> <pre style="color: red"> <code>rm -rf /</code><br \> Will make your computer faster. </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic''''' ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> o8peg6rjwidzz6ch8vsxl0ek642yzqf 97 89 2023-03-03T22:40:18Z Noob 1 97 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ===Customized preformatted text=== <pre style="color: red"> <code>rm -rf /*</code><br \> Will make your computer faster. </pre> <nowiki> <pre style="color: red"> <code>rm -rf /</code><br \> Will make your computer faster. </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic''''' ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> ===Align=== <div style='text-align: left;'>left aligned</div> <pre><div style='text-align: left;'>left aligned</div></pre> <div style='text-align: center;'>center aligned</div> <pre><div style='text-align: center;'>center aligned</div></pre> <div style='text-align: right;'>right aligned</div> <pre><div style='text-align: right;'>right aligned</div></pre> 7k1oe9wmm9hrbgdfgudzto0o3sdyavw 169 97 2023-03-10T23:15:14Z Noob 1 /* Align */ 169 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ===Customized preformatted text=== <pre style="color: red"> <code>rm -rf /*</code><br \> Will make your computer faster. </pre> <nowiki> <pre style="color: red"> <code>rm -rf /</code><br \> Will make your computer faster. </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic''''' ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> ===Align=== <div style='text-align: left;'>left aligned</div> <pre><div style='text-align: left;'>left aligned</div></pre> <div style='text-align: center;'>center aligned</div> <pre><div style='text-align: center;'>center aligned</div></pre> <div style='text-align: right;'>right aligned</div> <pre><div style='text-align: right;'>right aligned</div></pre> ==Embed Video== [[EmbedVideo_Syntax|EmbedVideo Syntax]] qm8au5gv3k1udsl8qsx22lg3t2v7zs4 310 169 2023-04-18T12:53:54Z imported>AwesomO 0 /* Syntax highlighting */ 310 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ===Customized preformatted text=== <pre style="color: red"> <code>rm -rf /*</code><br \> Will make your computer faster. </pre> <nowiki> <pre style="color: red"> <code>rm -rf /</code><br \> Will make your computer faster. </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic''''' ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> * Quick copy/paste <pre> <syntaxhighlight lang="python" line> </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> ===Align=== <div style='text-align: left;'>left aligned</div> <pre><div style='text-align: left;'>left aligned</div></pre> <div style='text-align: center;'>center aligned</div> <pre><div style='text-align: center;'>center aligned</div></pre> <div style='text-align: right;'>right aligned</div> <pre><div style='text-align: right;'>right aligned</div></pre> ==Embed Video== [[EmbedVideo_Syntax|EmbedVideo Syntax]] l8dmiry6lola93xb40wpslqks9qvmgf 311 310 2023-04-18T12:56:05Z imported>AwesomO 0 /* bold */ 311 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ===Customized preformatted text=== <pre style="color: red"> <code>rm -rf /*</code><br \> Will make your computer faster. </pre> <nowiki> <pre style="color: red"> <code>rm -rf /</code><br \> Will make your computer faster. </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> also three <code>'</code> on each side<br> <nowiki>'''</nowiki><br> <nowiki>'''bold'''</nowiki><br> '''bold'''<br> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic''''' ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> * Quick copy/paste <pre> <syntaxhighlight lang="python" line> </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> ===Align=== <div style='text-align: left;'>left aligned</div> <pre><div style='text-align: left;'>left aligned</div></pre> <div style='text-align: center;'>center aligned</div> <pre><div style='text-align: center;'>center aligned</div></pre> <div style='text-align: right;'>right aligned</div> <pre><div style='text-align: right;'>right aligned</div></pre> ==Embed Video== [[EmbedVideo_Syntax|EmbedVideo Syntax]] o31cv7gthdws6q0s3hhmsuqx2w5fcsg 312 311 2023-04-18T13:00:17Z imported>AwesomO 0 /* Customized preformatted text */ 312 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ===Customized preformatted text=== <pre style="color: red"> Pre formatted display <code>rm -rf /* </code><br \> Will make your computer faster. </pre> <nowiki> <pre style="color: red"> <code>rm -rf /</code><br \> Will make your computer faster. </pre> </nowiki> ===Customized <code>code</code> text=== <nowiki><code style="color: blue">is this blue</code></nowiki><br> <code style="color: blue">is this blue</code><br> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> also three <code>'</code> on each side<br> <nowiki>'''</nowiki><br> <nowiki>'''bold'''</nowiki><br> '''bold'''<br> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic''''' ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> * Quick copy/paste <pre> <syntaxhighlight lang="python" line> </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> ===Align=== <div style='text-align: left;'>left aligned</div> <pre><div style='text-align: left;'>left aligned</div></pre> <div style='text-align: center;'>center aligned</div> <pre><div style='text-align: center;'>center aligned</div></pre> <div style='text-align: right;'>right aligned</div> <pre><div style='text-align: right;'>right aligned</div></pre> ==Embed Video== [[EmbedVideo_Syntax|EmbedVideo Syntax]] 9o8hji8mmfffam488zbj3jldkzz6ncj 313 312 2023-04-18T13:01:29Z imported>AwesomO 0 /* bold and italic */ 313 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ===Customized preformatted text=== <pre style="color: red"> Pre formatted display <code>rm -rf /* </code><br \> Will make your computer faster. </pre> <nowiki> <pre style="color: red"> <code>rm -rf /</code><br \> Will make your computer faster. </pre> </nowiki> ===Customized <code>code</code> text=== <nowiki><code style="color: blue">is this blue</code></nowiki><br> <code style="color: blue">is this blue</code><br> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> also three <code>'</code> on each side<br> <nowiki>'''</nowiki><br> <nowiki>'''bold'''</nowiki><br> '''bold'''<br> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic'''''<br> <nowiki>'''''</nowiki><br> ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> * Quick copy/paste <pre> <syntaxhighlight lang="python" line> </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> ===Align=== <div style='text-align: left;'>left aligned</div> <pre><div style='text-align: left;'>left aligned</div></pre> <div style='text-align: center;'>center aligned</div> <pre><div style='text-align: center;'>center aligned</div></pre> <div style='text-align: right;'>right aligned</div> <pre><div style='text-align: right;'>right aligned</div></pre> ==Embed Video== [[EmbedVideo_Syntax|EmbedVideo Syntax]] 16uo1kstfcsg17u1srazcox1y1c3p00 314 313 2023-04-18T13:02:23Z imported>AwesomO 0 /* Customized code text */ 314 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ===Customized preformatted text=== <pre style="color: red"> Pre formatted display <code>rm -rf /* </code><br \> Will make your computer faster. </pre> <nowiki> <pre style="color: red"> <code>rm -rf /</code><br \> Will make your computer faster. </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> also three <code>'</code> on each side<br> <nowiki>'''</nowiki><br> <nowiki>'''bold'''</nowiki><br> '''bold'''<br> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic'''''<br> <nowiki>'''''</nowiki><br> ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> * Quick copy/paste <pre> <syntaxhighlight lang="python" line> </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> ===Align=== <div style='text-align: left;'>left aligned</div> <pre><div style='text-align: left;'>left aligned</div></pre> <div style='text-align: center;'>center aligned</div> <pre><div style='text-align: center;'>center aligned</div></pre> <div style='text-align: right;'>right aligned</div> <pre><div style='text-align: right;'>right aligned</div></pre> ==Embed Video== [[EmbedVideo_Syntax|EmbedVideo Syntax]] ogdhluijffjmcm7a8ev1f4189h94c3g 315 314 2023-04-18T13:02:43Z imported>AwesomO 0 /* Code markup */ 315 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ====Customized colour <code>code</code> text==== <nowiki><code style="color: blue">is this blue</code></nowiki><br> <code style="color: blue">is this blue</code><br> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ===Customized preformatted text=== <pre style="color: red"> Pre formatted display <code>rm -rf /* </code><br \> Will make your computer faster. </pre> <nowiki> <pre style="color: red"> <code>rm -rf /</code><br \> Will make your computer faster. </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> also three <code>'</code> on each side<br> <nowiki>'''</nowiki><br> <nowiki>'''bold'''</nowiki><br> '''bold'''<br> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic'''''<br> <nowiki>'''''</nowiki><br> ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> * Quick copy/paste <pre> <syntaxhighlight lang="python" line> </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> ===Align=== <div style='text-align: left;'>left aligned</div> <pre><div style='text-align: left;'>left aligned</div></pre> <div style='text-align: center;'>center aligned</div> <pre><div style='text-align: center;'>center aligned</div></pre> <div style='text-align: right;'>right aligned</div> <pre><div style='text-align: right;'>right aligned</div></pre> ==Embed Video== [[EmbedVideo_Syntax|EmbedVideo Syntax]] 1cpma8nuqk92wewxuqxgsdgo0trgzmw 316 315 2023-04-18T13:03:09Z imported>AwesomO 0 /* Customized preformatted text */ 316 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ====Customized colour <code>code</code> text==== <nowiki><code style="color: blue">is this blue</code></nowiki><br> <code style="color: blue">is this blue</code><br> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> also three <code>'</code> on each side<br> <nowiki>'''</nowiki><br> <nowiki>'''bold'''</nowiki><br> '''bold'''<br> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic'''''<br> <nowiki>'''''</nowiki><br> ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> * Quick copy/paste <pre> <syntaxhighlight lang="python" line> </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> ===Align=== <div style='text-align: left;'>left aligned</div> <pre><div style='text-align: left;'>left aligned</div></pre> <div style='text-align: center;'>center aligned</div> <pre><div style='text-align: center;'>center aligned</div></pre> <div style='text-align: right;'>right aligned</div> <pre><div style='text-align: right;'>right aligned</div></pre> ==Embed Video== [[EmbedVideo_Syntax|EmbedVideo Syntax]] 59i88fmbaqivdwfo3ootrqgxtqxxms5 317 316 2023-04-18T13:04:29Z imported>AwesomO 0 /* Preforrmated context */ 317 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ====Customized colour <code>code</code> text==== <nowiki><code style="color: blue">is this blue</code></nowiki><br> <code style="color: blue">is this blue</code><br> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ====Customized preformatted text==== <pre style="color: red"> Preformatted content 10 print "hello world" 20 goto 10 </pre> <br> <nowiki> <pre style="color: red"> Preformatted content 10 print "hello world" 20 goto 10 </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> also three <code>'</code> on each side<br> <nowiki>'''</nowiki><br> <nowiki>'''bold'''</nowiki><br> '''bold'''<br> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic'''''<br> <nowiki>'''''</nowiki><br> ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> * Quick copy/paste <pre> <syntaxhighlight lang="python" line> </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> ===Align=== <div style='text-align: left;'>left aligned</div> <pre><div style='text-align: left;'>left aligned</div></pre> <div style='text-align: center;'>center aligned</div> <pre><div style='text-align: center;'>center aligned</div></pre> <div style='text-align: right;'>right aligned</div> <pre><div style='text-align: right;'>right aligned</div></pre> ==Embed Video== [[EmbedVideo_Syntax|EmbedVideo Syntax]] bcfg5s3jg13oar0byfq9gbdl7pqxo9l 318 317 2023-04-18T13:04:43Z imported>AwesomO 0 /* Customized preformatted text */ 318 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ====Customized colour <code>code</code> text==== <nowiki><code style="color: blue">is this blue</code></nowiki><br> <code style="color: blue">is this blue</code><br> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ====Customized colour preformatted text==== <pre style="color: red"> Preformatted content 10 print "hello world" 20 goto 10 </pre> <br> <nowiki> <pre style="color: red"> Preformatted content 10 print "hello world" 20 goto 10 </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> also three <code>'</code> on each side<br> <nowiki>'''</nowiki><br> <nowiki>'''bold'''</nowiki><br> '''bold'''<br> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic'''''<br> <nowiki>'''''</nowiki><br> ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> * Quick copy/paste <pre> <syntaxhighlight lang="python" line> </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> ===Align=== <div style='text-align: left;'>left aligned</div> <pre><div style='text-align: left;'>left aligned</div></pre> <div style='text-align: center;'>center aligned</div> <pre><div style='text-align: center;'>center aligned</div></pre> <div style='text-align: right;'>right aligned</div> <pre><div style='text-align: right;'>right aligned</div></pre> ==Embed Video== [[EmbedVideo_Syntax|EmbedVideo Syntax]] 8nf6im4slo5cx5tu94q1d2ofttmv70a 382 318 2023-05-04T17:03:30Z Noob 1 /* Embed Video */ 382 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br \></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ====Customized colour <code>code</code> text==== <nowiki><code style="color: blue">is this blue</code></nowiki><br> <code style="color: blue">is this blue</code><br> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ====Customized colour preformatted text==== <pre style="color: red"> Preformatted content 10 print "hello world" 20 goto 10 </pre> <br> <nowiki> <pre style="color: red"> Preformatted content 10 print "hello world" 20 goto 10 </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> also three <code>'</code> on each side<br> <nowiki>'''</nowiki><br> <nowiki>'''bold'''</nowiki><br> '''bold'''<br> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic'''''<br> <nowiki>'''''</nowiki><br> ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> * Quick copy/paste <pre> <syntaxhighlight lang="python" line> </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> ===Align=== <div style='text-align: left;'>left aligned</div> <pre><div style='text-align: left;'>left aligned</div></pre> <div style='text-align: center;'>center aligned</div> <pre><div style='text-align: center;'>center aligned</div></pre> <div style='text-align: right;'>right aligned</div> <pre><div style='text-align: right;'>right aligned</div></pre> ==Youtube extension - Embed Video== * On wiki page ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> <youtube>wB4gvSgYmfY</youtube> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> <youtube width="800" height="400">wB4gvSgYmfY</youtube> ryu5a6kherssjsc61fzbakhcso7r3wv 441 382 2023-05-16T17:10:34Z Noob 1 /* Line Brake */ 441 wikitext text/x-wiki ==Headings== Do Not use <code>=Level 1=</code> Level one is for Page titles<br \> <nowiki>==Level 2 heading==</nowiki> <nowiki>===Level 3 heading===</nowiki> <nowiki>====level 4 heading====</nowiki> <nowiki>=====level 5 heading=====</nowiki> <nowiki>======level 6 heading======</nowiki> ==Info boxes== ===expanding content=== <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> <pre> <div class="toccolours mw-collapsible mw-collapsed"> What you will like in title: <div class="mw-collapsible-content"> and of course the content when expanded.<br \> <code>print "hello content"</code> </div> </div> </pre> ===Collapsing Content=== <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> <pre> <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;"> Content title here </div> <div class="mw-collapsible-content"> and here you place the content <code>print("hello world");</code> </div> </div> </pre> ==Markup== ===Line Brake=== <nowiki><br></nowiki> ===Escape markup=== Escape wiki syntax markup<br \> <nowiki><nowiki>escaped markup</nowiki></nowiki> ===Code markup=== <code>print "hello world"</code><br \> <nowiki><code>print "hello world"</code></nowiki> ====Customized colour <code>code</code> text==== <nowiki><code style="color: blue">is this blue</code></nowiki><br> <code style="color: blue">is this blue</code><br> ===Preforrmated context=== <pre> Preformatted content 10 print "hello world" 20 goto 10 </pre><br \> <nowiki> <pre> content </pre> </nowiki> ====Customized colour preformatted text==== <pre style="color: red"> Preformatted content 10 print "hello world" 20 goto 10 </pre> <br> <nowiki> <pre style="color: red"> Preformatted content 10 print "hello world" 20 goto 10 </pre> </nowiki> ===BlockQuotes=== <blockquote> This is a block quote </blockquote> <nowiki> <blockquote> This is a block quote </blockquote> </nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> <nowiki> <blockquote> Many lined <br \> block <br \> quote <br \> </blockquote> </nowiki> ===underlined=== <u>underlined</u><br \> <nowiki><u>underlined</u></nowiki> ===bold=== <b>bold</b><br \> <nowiki><b>bold</b></nowiki> also three <code>'</code> on each side<br> <nowiki>'''</nowiki><br> <nowiki>'''bold'''</nowiki><br> '''bold'''<br> ===Italic=== <nowiki>''italic''</nowiki><br \> ''italic'' ===bold and italic=== Thats 5 ' each side <nowiki>'''''Bold and italic'''''</nowiki><br \> '''''Bold and italic'''''<br> <nowiki>'''''</nowiki><br> ===Syntax highlighting=== <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> <pre> <syntaxhighlight lang="python" line> def quick_sort(arr): less = [] pivot_list = [] more = [] if len(arr) <= 1: return arr else: pass </syntaxhighlight> </pre> * Quick copy/paste <pre> <syntaxhighlight lang="python" line> </syntaxhighlight> </pre> ===Tables=== https://www.mediawiki.org/wiki/Help:Tables <pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} </pre> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |12.34.56.78 |auto |- |A record |www |12.34.56.78 |auto |} ===Internal Links=== Link to Page:<br \> <nowiki>[[PAGE_NAME]]</nowiki> Link to section:<br \> <nowiki>[SECTION_NAME]</nowiki> Link to Section on another page:<br \> <nowiki>[[PAGE_NAME#SECTION | NAME_TO_DISPLAY]]</nowiki> ===Align=== <div style='text-align: left;'>left aligned</div> <pre><div style='text-align: left;'>left aligned</div></pre> <div style='text-align: center;'>center aligned</div> <pre><div style='text-align: center;'>center aligned</div></pre> <div style='text-align: right;'>right aligned</div> <pre><div style='text-align: right;'>right aligned</div></pre> ==Youtube extension - Embed Video== * On wiki page ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> <youtube>wB4gvSgYmfY</youtube> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> <youtube width="800" height="400">wB4gvSgYmfY</youtube> b5rtxypvu74pv5vf5o1vniwru9ent5u 0 49 94 2023-03-03T21:40:04Z Noob 1 Created page with " ==Installing Yacy on Ubuntu 22.04 Vultr VPS Server== * Spin up ubuntu 22.04 2 vCPUs 4096.00 MB RAM 80 GB SSD Storage * login <code>apt-get update && apt upgrade -y</code><br> <code>apt-get install openjdk-8-jre-headless nginx -y</code><br> <code>mkdir -pv /opt/yacy</code><br> Find Latest version https://download.yacy.net/<br> <code>wget https://download.yacy.net/yacy_v1.924_20210209_10069.tar.gz</code><br> <code>tar xvf yacy_v1.924_20210209_10069.tar.gz -C /opt/yacy/..." 94 wikitext text/x-wiki ==Installing Yacy on Ubuntu 22.04 Vultr VPS Server== * Spin up ubuntu 22.04 2 vCPUs 4096.00 MB RAM 80 GB SSD Storage * login <code>apt-get update && apt upgrade -y</code><br> <code>apt-get install openjdk-8-jre-headless nginx -y</code><br> <code>mkdir -pv /opt/yacy</code><br> Find Latest version https://download.yacy.net/<br> <code>wget https://download.yacy.net/yacy_v1.924_20210209_10069.tar.gz</code><br> <code>tar xvf yacy_v1.924_20210209_10069.tar.gz -C /opt/yacy/</code><br> <code>bash /opt/yacy/yacy/startYACY.sh</code><br> <code>bash /opt/yacy/yacy/bin/passwd.sh $PASSWORD</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri $uri/ =404; proxy_pass http://127.0.0.1:8090; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 3s; proxy_send_timeout 10s; proxy_read_timeout 10s; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> Domain and https<br> <code>snap install certbot --classic</code><br> After DNS points to server<br> <code>certbot --nginx -d yacy.completenoobs.com</code><br> Now can visit https://yacy.completenoobs.com and site working :)<br> j896rx32bti38s69s1lwtrsc17zpy0p 95 94 2023-03-03T21:51:06Z Noob 1 /* Installing Yacy on Ubuntu 22.04 Vultr VPS Server */ 95 wikitext text/x-wiki ==Installing Yacy on Ubuntu 22.04 Vultr VPS Server== * Spin up ubuntu 22.04 2 vCPUs 4096.00 MB RAM 80 GB SSD Storage * login <code>apt-get update && apt upgrade -y</code><br> <code>apt-get install openjdk-8-jre-headless nginx -y</code><br> <code>mkdir -pv /opt/yacy</code><br> Find Latest version https://download.yacy.net/<br> <code>wget https://download.yacy.net/yacy_v1.924_20210209_10069.tar.gz</code><br> <code>tar xvf yacy_v1.924_20210209_10069.tar.gz -C /opt/yacy/</code><br> <code>bash /opt/yacy/yacy/startYACY.sh</code><br> <code>bash /opt/yacy/yacy/bin/passwd.sh $PASSWORD</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 8090/tcp</code><br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri $uri/ =404; proxy_pass http://127.0.0.1:8090; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 3s; proxy_send_timeout 10s; proxy_read_timeout 10s; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> Domain and https<br> <code>snap install certbot --classic</code><br> After DNS points to server<br> <code>certbot --nginx -d yacy.completenoobs.com</code><br> Now can visit https://yacy.completenoobs.com and site working :)<br> 3bqajazatc58yksfw18hy9uhee8oo5b 96 95 2023-03-03T22:30:19Z Noob 1 /* Installing Yacy on Ubuntu 22.04 Vultr VPS Server */ 96 wikitext text/x-wiki ==Installing Yacy on Ubuntu 22.04 Vultr VPS Server== * Spin up ubuntu 22.04 2 vCPUs 4096.00 MB RAM 80 GB SSD Storage * login <code>apt-get update && apt upgrade -y</code><br> <code>apt-get install openjdk-8-jre-headless nginx -y</code><br> <code>mkdir -pv /opt/yacy</code><br> Find Latest version https://download.yacy.net/<br> <code>wget https://download.yacy.net/yacy_v1.924_20210209_10069.tar.gz</code><br> <code>tar xvf yacy_v1.924_20210209_10069.tar.gz -C /opt/yacy/</code><br> <code>bash /opt/yacy/yacy/startYACY.sh</code><br> <code>bash /opt/yacy/yacy/bin/passwd.sh $PASSWORD</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 8090/tcp</code><br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri $uri/ =404; proxy_pass http://127.0.0.1:8090; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 3s; proxy_send_timeout 10s; proxy_read_timeout 10s; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> Domain and https<br> <code>snap install certbot --classic</code><br> After DNS points to server<br> <code>certbot --nginx -d yacy.completenoobs.com</code><br> Now can visit https://yacy.completenoobs.com and site working :)<br> ===TODOS=== * systemd so it starts at reboot. 2wy5wbna6rc2hzythugkrt7lmv0mvql 100 96 2023-03-03T23:01:38Z Noob 1 /* TODOS */ 100 wikitext text/x-wiki ==Installing Yacy on Ubuntu 22.04 Vultr VPS Server== * Spin up ubuntu 22.04 2 vCPUs 4096.00 MB RAM 80 GB SSD Storage * login <code>apt-get update && apt upgrade -y</code><br> <code>apt-get install openjdk-8-jre-headless nginx -y</code><br> <code>mkdir -pv /opt/yacy</code><br> Find Latest version https://download.yacy.net/<br> <code>wget https://download.yacy.net/yacy_v1.924_20210209_10069.tar.gz</code><br> <code>tar xvf yacy_v1.924_20210209_10069.tar.gz -C /opt/yacy/</code><br> <code>bash /opt/yacy/yacy/startYACY.sh</code><br> <code>bash /opt/yacy/yacy/bin/passwd.sh $PASSWORD</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 8090/tcp</code><br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri $uri/ =404; proxy_pass http://127.0.0.1:8090; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 3s; proxy_send_timeout 10s; proxy_read_timeout 10s; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> Domain and https<br> <code>snap install certbot --classic</code><br> After DNS points to server<br> <code>certbot --nginx -d yacy.completenoobs.com</code><br> Now can visit https://yacy.completenoobs.com and site working :)<br> ===TODOS=== * systemd so it starts at reboot. If you see <code>pause reason: network switch to defaults/yacy.network.webportal.unit</code> try rebooting the server (worked for me). 9i7vsfjlz5uxxx9cu49vzdk4h1n03er 101 100 2023-03-03T23:10:00Z Noob 1 /* Installing Yacy on Ubuntu 22.04 Vultr VPS Server */ 101 wikitext text/x-wiki ==Installing Yacy on Ubuntu 22.04 Vultr VPS Server== * Spin up ubuntu 22.04 2 vCPUs 4096.00 MB RAM 80 GB SSD Storage * login <code>apt-get update && apt upgrade -y</code><br> <code>apt-get install openjdk-8-jre-headless nginx -y</code><br> <code>mkdir -pv /opt/yacy</code><br> Find Latest version https://download.yacy.net/<br> <code>wget https://download.yacy.net/yacy_v1.924_20210209_10069.tar.gz</code><br> <code>tar xvf yacy_v1.924_20210209_10069.tar.gz -C /opt/yacy/</code><br> <code>bash /opt/yacy/yacy/startYACY.sh</code><br> <code>bash /opt/yacy/yacy/bin/passwd.sh $PASSWORD</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 8090/tcp</code><br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri $uri/ =404; proxy_pass http://127.0.0.1:8090; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 3s; proxy_send_timeout 10s; proxy_read_timeout 10s; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> Domain and https<br> <code>snap install certbot --classic</code><br> After DNS points to server<br> <code>certbot --nginx -d yacy.completenoobs.com</code><br> Now can visit https://yacy.completenoobs.com and site working :)<br> ===systemd=== Will start YACY at when server reboots.<br> <code>$EDITOR /etc/systemd/system/yacy.service</code><br> <pre> [Unit] Description = start yacy [Service] Type=oneshot ExecStart=/opt/yacy/yacy/startYACY.sh [Install] WantedBy=multi-user.target </pre> <br> <code>systemctl enable yacy</code><br> qjdyj9sxrrk6t3khew1t6iohbyerkcn 102 101 2023-03-03T23:12:05Z Noob 1 /* systemd */ 102 wikitext text/x-wiki ==Installing Yacy on Ubuntu 22.04 Vultr VPS Server== * Spin up ubuntu 22.04 2 vCPUs 4096.00 MB RAM 80 GB SSD Storage * login <code>apt-get update && apt upgrade -y</code><br> <code>apt-get install openjdk-8-jre-headless nginx -y</code><br> <code>mkdir -pv /opt/yacy</code><br> Find Latest version https://download.yacy.net/<br> <code>wget https://download.yacy.net/yacy_v1.924_20210209_10069.tar.gz</code><br> <code>tar xvf yacy_v1.924_20210209_10069.tar.gz -C /opt/yacy/</code><br> <code>bash /opt/yacy/yacy/startYACY.sh</code><br> <code>bash /opt/yacy/yacy/bin/passwd.sh $PASSWORD</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 8090/tcp</code><br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri $uri/ =404; proxy_pass http://127.0.0.1:8090; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 3s; proxy_send_timeout 10s; proxy_read_timeout 10s; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> Domain and https<br> <code>snap install certbot --classic</code><br> After DNS points to server<br> <code>certbot --nginx -d yacy.completenoobs.com</code><br> Now can visit https://yacy.completenoobs.com and site working :)<br> ===systemd=== Will start YACY at when server reboots.<br> <code>$EDITOR /etc/systemd/system/yacy.service</code><br> <pre> [Unit] Description = start yacy [Service] Type=oneshot ExecStart=/opt/yacy/yacy/startYACY.sh [Install] WantedBy=multi-user.target </pre> <br> <code>systemctl enable yacy</code><br> <code>reboot</code><br> dc6bk0peah3t92hpukh0g7a8yt6fwqc 103 102 2023-03-03T23:26:33Z Noob 1 /* systemd */ 103 wikitext text/x-wiki ==Installing Yacy on Ubuntu 22.04 Vultr VPS Server== * Spin up ubuntu 22.04 2 vCPUs 4096.00 MB RAM 80 GB SSD Storage * login <code>apt-get update && apt upgrade -y</code><br> <code>apt-get install openjdk-8-jre-headless nginx -y</code><br> <code>mkdir -pv /opt/yacy</code><br> Find Latest version https://download.yacy.net/<br> <code>wget https://download.yacy.net/yacy_v1.924_20210209_10069.tar.gz</code><br> <code>tar xvf yacy_v1.924_20210209_10069.tar.gz -C /opt/yacy/</code><br> <code>bash /opt/yacy/yacy/startYACY.sh</code><br> <code>bash /opt/yacy/yacy/bin/passwd.sh $PASSWORD</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 8090/tcp</code><br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri $uri/ =404; proxy_pass http://127.0.0.1:8090; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 3s; proxy_send_timeout 10s; proxy_read_timeout 10s; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> Domain and https<br> <code>snap install certbot --classic</code><br> After DNS points to server<br> <code>certbot --nginx -d yacy.completenoobs.com</code><br> Now can visit https://yacy.completenoobs.com and site working :)<br> ===systemd=== Will start YACY at when server reboots.<br> <code>$EDITOR /etc/systemd/system/yacy.service</code><br> <pre> [Unit] Description =Start yacy [Service] Type=forking ExecStartPre=/bin/sleep 15 ExecStart=/opt/yacy/yacy/startYACY.sh [Install] WantedBy=multi-user.target </pre> <br> <code>systemctl enable yacy</code><br> <code>reboot</code><br> 5eutot8lqga75v9lz8l0zuythoulfi6 435 103 2023-05-16T11:44:06Z Noob 1 Noob moved page [[Yacy]] to [[Ubuntu 22.04 Yacy]] without leaving a redirect 103 wikitext text/x-wiki ==Installing Yacy on Ubuntu 22.04 Vultr VPS Server== * Spin up ubuntu 22.04 2 vCPUs 4096.00 MB RAM 80 GB SSD Storage * login <code>apt-get update && apt upgrade -y</code><br> <code>apt-get install openjdk-8-jre-headless nginx -y</code><br> <code>mkdir -pv /opt/yacy</code><br> Find Latest version https://download.yacy.net/<br> <code>wget https://download.yacy.net/yacy_v1.924_20210209_10069.tar.gz</code><br> <code>tar xvf yacy_v1.924_20210209_10069.tar.gz -C /opt/yacy/</code><br> <code>bash /opt/yacy/yacy/startYACY.sh</code><br> <code>bash /opt/yacy/yacy/bin/passwd.sh $PASSWORD</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 8090/tcp</code><br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri $uri/ =404; proxy_pass http://127.0.0.1:8090; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 3s; proxy_send_timeout 10s; proxy_read_timeout 10s; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> Domain and https<br> <code>snap install certbot --classic</code><br> After DNS points to server<br> <code>certbot --nginx -d yacy.completenoobs.com</code><br> Now can visit https://yacy.completenoobs.com and site working :)<br> ===systemd=== Will start YACY at when server reboots.<br> <code>$EDITOR /etc/systemd/system/yacy.service</code><br> <pre> [Unit] Description =Start yacy [Service] Type=forking ExecStartPre=/bin/sleep 15 ExecStart=/opt/yacy/yacy/startYACY.sh [Install] WantedBy=multi-user.target </pre> <br> <code>systemctl enable yacy</code><br> <code>reboot</code><br> 5eutot8lqga75v9lz8l0zuythoulfi6 0 50 105 2023-03-04T00:56:03Z Noob 1 Created page with "= tmux — terminal multiplexer = ==Basics== Description Quote from man page <blockquote> tmux is a terminal multiplexer: it enables a number of terminals to be created, accessed, and controlled from a single screen. tmux may be detached from a screen and continue running in the background, then later reattached. </blockquote> Tmux can do a number of things. In this module we are just going to concentrate on solving the problem of something going wrong with are ssh..." 105 wikitext text/x-wiki = tmux — terminal multiplexer = ==Basics== Description Quote from man page <blockquote> tmux is a terminal multiplexer: it enables a number of terminals to be created, accessed, and controlled from a single screen. tmux may be detached from a screen and continue running in the background, then later reattached. </blockquote> Tmux can do a number of things. In this module we are just going to concentrate on solving the problem of something going wrong with are ssh connection. If we lose are ssh terminal connection, processes we were running will be sent a SIGHUP signal. [https://en.wikipedia.org/wiki/SIGHUP '''''External Link''''' Wikipedia link to SIGHUP] Lets go stright to a example of using tmux to solve this problem. On are server lets run/start tmux. <code>tmux</code> that's it. Now lets run a program and see what happens when we disconnect. <code>$EDITOR test-txt-file</code> <pre> Hello world i am writing or doing something important. i hope i dont disconnect and lose this </pre> Now just close the terminal, do not save and/or exit the text editor, Just close the terminal. Open another terminal and reconnect to your server. Use the command '''''tmux ls''''' to list your tmux sessions. <code>tmux ls</code> My output: <pre> 0: 1 windows (created Mon Jun 1 06:41:43 2020) [140x14] </pre> I am going to reconnect to my tmux session 0, with the command. <code>tmux attach -t 0</code> And thats its. Tmux also solves the problem of your ssh session closing due to inactive <blockquote> packet_write_wait: Connection to 192.248.157.27 port 22: Broken pipe </blockquote> Note: you can run the same tmux session in more than one terminal at the same time. Open 3 terminal and log into server in each terminal <br \> <code>tmux attach -t 0</code><br \> all will be updated in real time. If you exit tmux by typing <code>exit</code> in one terminal the tmux session will end and exit on all 3 terminals. If you dont want that just close terminal without typing <code>exit</code> You do not need tmux installed on your local computer, just the computer(server) you are connecting to. tmux is installed by default on ubuntu server 1804 but if you want to install it on your desktop or if its been removed from your server and want to reinstall <code>apt install tmux</code> === Scrolling on tmux === press <code>CTRL+b</code> followed by <code>[</code> now you can scroll up and down with arrow keys. press <code>q</code> to quit scroll mode oxcbmyqfzqoudx0m9cg7l5k0ok4bd6k 319 105 2023-04-20T02:41:51Z imported>AwesomO 0 /* tmux — terminal multiplexer */ 319 wikitext text/x-wiki = tmux — terminal multiplexer = ==Basics== Description Quote from man page <blockquote> tmux is a terminal multiplexer: it enables a number of terminals to be created, accessed, and controlled from a single screen. tmux may be detached from a screen and continue running in the background, then later reattached. </blockquote> Tmux can do a number of things. In this module we are just going to concentrate on solving the problem of something going wrong with are ssh connection. If we lose are ssh terminal connection, processes we were running will be sent a SIGHUP signal. [[SIGHUP|SIGHUP]] Lets go stright to a example of using '''tmux''' to solve this problem. On are server lets run/start tmux. <code>tmux</code> that's it. Now lets run a program and see what happens when we disconnect. <code>$EDITOR test-txt-file</code> <pre> Hello world i am writing or doing something important. i hope i dont disconnect and lose this </pre> Now just close the terminal, do not save and/or exit the text editor, Just close the terminal. Open another terminal and reconnect to your server. Use the command '''''tmux ls''''' to list your tmux sessions. <code>tmux ls</code> My output: <pre> 0: 1 windows (created Mon Jun 1 06:41:43 2020) [140x14] </pre> I am going to reconnect to my tmux session 0, with the command. <code>tmux attach -t 0</code> And thats its. Tmux also solves the problem of your ssh session closing due to inactive <blockquote> packet_write_wait: Connection to 192.248.157.27 port 22: Broken pipe </blockquote> Note: you can run the same tmux session in more than one terminal at the same time. Open 3 terminal and log into server in each terminal <br \> <code>tmux attach -t 0</code><br \> all will be updated in real time. If you exit tmux by typing <code>exit</code> in one terminal the tmux session will end and exit on all 3 terminals. If you dont want that just close terminal without typing <code>exit</code> You do not need tmux installed on your local computer, just the computer(server) you are connecting to. tmux is installed by default on ubuntu server 1804 but if you want to install it on your desktop or if its been removed from your server and want to reinstall <code>apt install tmux</code> === Scrolling on tmux === press <code>CTRL+b</code> followed by <code>[</code> now you can scroll up and down with arrow keys. press <code>q</code> to quit scroll mode 42w1l7ksmrsyhxv4sieogcj44q4d8ym 417 319 2023-05-11T18:50:28Z Noob 1 Noob moved page [[Tmux]] to [[Ubuntu 22.04 Tmux]] 319 wikitext text/x-wiki = tmux — terminal multiplexer = ==Basics== Description Quote from man page <blockquote> tmux is a terminal multiplexer: it enables a number of terminals to be created, accessed, and controlled from a single screen. tmux may be detached from a screen and continue running in the background, then later reattached. </blockquote> Tmux can do a number of things. In this module we are just going to concentrate on solving the problem of something going wrong with are ssh connection. If we lose are ssh terminal connection, processes we were running will be sent a SIGHUP signal. [[SIGHUP|SIGHUP]] Lets go stright to a example of using '''tmux''' to solve this problem. On are server lets run/start tmux. <code>tmux</code> that's it. Now lets run a program and see what happens when we disconnect. <code>$EDITOR test-txt-file</code> <pre> Hello world i am writing or doing something important. i hope i dont disconnect and lose this </pre> Now just close the terminal, do not save and/or exit the text editor, Just close the terminal. Open another terminal and reconnect to your server. Use the command '''''tmux ls''''' to list your tmux sessions. <code>tmux ls</code> My output: <pre> 0: 1 windows (created Mon Jun 1 06:41:43 2020) [140x14] </pre> I am going to reconnect to my tmux session 0, with the command. <code>tmux attach -t 0</code> And thats its. Tmux also solves the problem of your ssh session closing due to inactive <blockquote> packet_write_wait: Connection to 192.248.157.27 port 22: Broken pipe </blockquote> Note: you can run the same tmux session in more than one terminal at the same time. Open 3 terminal and log into server in each terminal <br \> <code>tmux attach -t 0</code><br \> all will be updated in real time. If you exit tmux by typing <code>exit</code> in one terminal the tmux session will end and exit on all 3 terminals. If you dont want that just close terminal without typing <code>exit</code> You do not need tmux installed on your local computer, just the computer(server) you are connecting to. tmux is installed by default on ubuntu server 1804 but if you want to install it on your desktop or if its been removed from your server and want to reinstall <code>apt install tmux</code> === Scrolling on tmux === press <code>CTRL+b</code> followed by <code>[</code> now you can scroll up and down with arrow keys. press <code>q</code> to quit scroll mode 42w1l7ksmrsyhxv4sieogcj44q4d8ym 503 417 2025-04-10T14:59:49Z AwesomO 5 503 wikitext text/x-wiki = tmux — terminal multiplexer = == Basics == Description Quote from man page <blockquote> tmux is a terminal multiplexer: it enables a number of terminals to be created, accessed, and controlled from a single screen. tmux may be detached from a screen and continue running in the background, then later reattached. </blockquote> Tmux can do a number of things. In this module we are just going to concentrate on solving the problem of something going wrong with our SSH connection. If we lose our SSH terminal connection, processes we were running will be sent a SIGHUP signal. [[SIGHUP|SIGHUP]] Let’s go straight to an example of using '''tmux''' to solve this problem. On our server, let’s run/start tmux: <code>tmux</code> That’s it. Now let’s run a program and see what happens when we disconnect: <code>$EDITOR test-txt-file</code> <pre> Hello world I am writing or doing something important. I hope I don’t disconnect and lose this </pre> Now just close the terminal—do not save and/or exit the text editor, just close the terminal. Open another terminal and reconnect to your server. Use the command '''tmux ls''' to list your tmux sessions: <code>tmux ls</code> My output: <pre> 0: 1 windows (created Mon Jun 1 06:41:43 2020) [140x14] </pre> I am going to reconnect to my tmux session 0 with the command: <code>tmux attach -t 0</code> And that’s it. Tmux also solves the problem of your SSH session closing due to inactivity: <blockquote> packet_write_wait: Connection to 192.248.157.27 port 22: Broken pipe </blockquote> Note: You can run the same tmux session in more than one terminal at the same time. Open 3 terminals and log into the server. In each terminal: <br \> <code>tmux attach -t 0</code> <br \> All will be updated in real time. If you exit tmux by typing <code>exit</code> in one terminal, the tmux session will end and exit on all 3 terminals. If you don’t want that, just close the terminal without typing <code>exit</code>. You do not need tmux installed on your local computer, just the computer (server) you are connecting to. tmux is installed by default on Ubuntu Server 18.04, but if you want to install it on your desktop or if it’s been removed from your server and you want to reinstall: <code>apt install tmux</code> == Scrolling in tmux == Press <code>Ctrl+b</code> followed by <code>[</code>. Now you can scroll up and down with arrow keys. Press <code>q</code> to quit scroll mode. == Managing tmux Sessions and Windows == To close a tmux window and later come back to it, you can use the following steps: === Detaching from a tmux Session (Without Terminating It) === Detach from the current tmux session by pressing: <code>Ctrl-b d</code> This will leave the session running in the background, allowing you to close the terminal or work on other tasks. === Reattaching to a tmux Session === To reattach to a detached session, use: <code>tmux attach-session</code> This command will reconnect you to the most recently detached session. If you have multiple sessions, list them with: <code>tmux list-sessions</code> Then, reattach to a specific session by its name or number: <code>tmux attach-session -t <session_name></code> If another client is attached to the session, you can forcefully detach them and reattach using: <code>tmux attach-session -t <session_name> -d</code> === Closing a tmux Window === To close a specific window in tmux, press: <code>Ctrl-b &</code> Confirm with <code>y</code> to kill the window. Alternatively, you can type <code>exit</code> in the shell of the window to close it. If you prefer using commands, run: <code>tmux kill-window -t <window_number></code> By detaching instead of killing the session, you ensure that your work is preserved and can be resumed later. mraiubl3dgw5wrfl3emmqzmje83gwns 0 52 123 2023-03-05T17:20:05Z Noob 1 Created page with " ==Ubuntu-mate 20.04== Tested on ubuntu-mate 20.04<br \> To disable the touchscreen in ubuntu-mate 20.04 you need to edit the file <code>40-libinput.conf</code><br \> And change the line <code>MatchIsTouchscreen "on"</code> To <code>MatchIsTouchscreen "off"</code>. <code>$EDITOR /usr/share/X11/xorg.conf.d/40-libinput.conf</code> <pre> Section "InputClass" Identifier "libinput touchscreen catchall" MatchIsTouchscreen "on" MatchDevicePath "/dev/in..." 123 wikitext text/x-wiki ==Ubuntu-mate 20.04== Tested on ubuntu-mate 20.04<br \> To disable the touchscreen in ubuntu-mate 20.04 you need to edit the file <code>40-libinput.conf</code><br \> And change the line <code>MatchIsTouchscreen "on"</code> To <code>MatchIsTouchscreen "off"</code>. <code>$EDITOR /usr/share/X11/xorg.conf.d/40-libinput.conf</code> <pre> Section "InputClass" Identifier "libinput touchscreen catchall" MatchIsTouchscreen "on" MatchDevicePath "/dev/input/event*" Driver "libinput" EndSection </pre> <br \> Change to: <br \> <pre> Section "InputClass" Identifier "libinput touchscreen catchall" MatchIsTouchscreen "off" MatchDevicePath "/dev/input/event*" Driver "libinput" EndSection </pre> d2rniigl63j4rannzqnf7qmz8iyia61 0 53 124 2023-03-05T17:21:01Z Noob 1 Created page with "Tested on Ubuntu-mate 20.04<br \> Tested on Ubuntu-server 20.04<br \> <br \> installed ubuntu server 20.04 on giga home server and found it would suspend every 30 minutes if i was not logged in with ssh. does not suspend on virtualbox just on real hardware when xorg is installed. disable suspend:<br \> <code>sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target</code> and if you want to re-enable suspend:<br \> <code>sudo systemctl unmask..." 124 wikitext text/x-wiki Tested on Ubuntu-mate 20.04<br \> Tested on Ubuntu-server 20.04<br \> <br \> installed ubuntu server 20.04 on giga home server and found it would suspend every 30 minutes if i was not logged in with ssh. does not suspend on virtualbox just on real hardware when xorg is installed. disable suspend:<br \> <code>sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target</code> and if you want to re-enable suspend:<br \> <code>sudo systemctl unmask sleep.target suspend.target hibernate.target hybrid-sleep.target</code> for more on the mask and unmask check 'man systemctl' <pre> mask UNIT... Mask one or more units, as specified on the command line. This will link these unit files to /dev/null, making it impossible to start them. This is a stronger version of disable, since it prohibits all kinds of activation of the unit, including enablement and manual activation. Use this option with care. This honors the --runtime option to only mask temporarily until the next reboot of the system. The --now option may be used to ensure that the units are also stopped. This command expects valid unit names only, it does not accept unit file paths. </pre> <pre> unmask UNIT... Unmask one or more unit files, as specified on the command line. This will undo the effect of mask. This command expects valid unit names only, it does not accept unit file paths. </pre> s3zy5kh9kwsxhlzuytvdye7ah25rksz 0 55 130 2023-03-05T21:52:28Z Noob 1 Created page with "Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. =..." 130 wikitext text/x-wiki Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed!<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==temp== ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ===Import Dump=== ====Create Quick local wiki==== localwiki ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> 2g2rwjkvev05z4m8ylou4vmu5qo87ms 161 130 2023-03-07T00:46:59Z Noob 1 /* Request Account and Confirm Email to edit */ 161 wikitext text/x-wiki Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==temp== ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ===Import Dump=== ====Create Quick local wiki==== localwiki ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> 76jsb2koe5rq6xxzapr75hbajwfwpls 167 161 2023-03-09T21:33:42Z Noob 1 /* SpamBot Wars */ 167 wikitext text/x-wiki Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==temp== ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ===Import Dump=== ====Create Quick local wiki==== localwiki ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> mvxk7zf4gphzknrg4cjet70vk5v5y29 183 167 2023-03-20T20:32:00Z Noob 1 /* Dump mediawiki database - xml */ 183 wikitext text/x-wiki Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==temp== ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash ### Bug - after first run does not comment out $wgReadOnly , after that its fine. set -x ## Calls # comcheck=$(cat /var/www/html/mediawiki/LocalSettings.php | grep wgReadOnly | awk '{print $1}' ) # checkcom=${comcheck::1} # time_stamp=$(date '+%d_%m_%y') # checkDir=$(ls /var/www/dumps/$time_stamp) #####Functions #Restart Wiki function to call function RestartWiki { sleep 2 if ! [ $checkcom = "#" ] then sed -i "s/\$wgReadOnly/#\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php echo "wiki should be back online" elif [ $checkcom = '#' ] then echo 'huh' exit 1 fi } # Function readonly wiki function ReadOnlyWiki { if [ $checkcom = "#" ] then sed -i "s/#\$wgReadOnly/\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php fi } # Dump function function DumpWiki { # dump wiki xml php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml #create file for md5sum md5sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.md5sum.txt #md5sum #sha256sum sha256sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.sha256sum.txt } # if line $wgReadOnly not there if [ -z "$comcheck" ] ; then echo "you do not have the line $wgReadOnly will append" echo "\$wgReadOnly = 'Dumping Database, Access will be restored shortly';" >> /var/www/html/mediawiki/LocalSettings.php fi ###make directory with name noobs+time_stamp # Check if dumps dir exists if [ ! -d /var/www/dumps ] then mkdir -pv /var/www/dumps fi # Check we dont have directory with same time stamp if [ ! -d /var/www/dumps/$time_stamp.Noobs ] ; then mkdir /var/www/dumps/$time_stamp.Noobs ReadOnlyWiki DumpWiki RestartWiki else echo "you already have dir $checkDir" RestartWiki exit 1 fi ########################### # Push Dir to xml server scp -i /root/.ssh/xml -r /var/www/dumps/$time_stamp.Noobs root@xml.completenoobs.com:/var/www/html/xmlDumps/ </syntaxhighlight> ===Import Dump=== ====Create Quick local wiki==== localwiki ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> 8a0o94z42icc9kno40o4zokvgkt9w8n 184 183 2023-03-20T20:37:25Z Noob 1 /* Import Dump */ 184 wikitext text/x-wiki Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==temp== ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash ### Bug - after first run does not comment out $wgReadOnly , after that its fine. set -x ## Calls # comcheck=$(cat /var/www/html/mediawiki/LocalSettings.php | grep wgReadOnly | awk '{print $1}' ) # checkcom=${comcheck::1} # time_stamp=$(date '+%d_%m_%y') # checkDir=$(ls /var/www/dumps/$time_stamp) #####Functions #Restart Wiki function to call function RestartWiki { sleep 2 if ! [ $checkcom = "#" ] then sed -i "s/\$wgReadOnly/#\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php echo "wiki should be back online" elif [ $checkcom = '#' ] then echo 'huh' exit 1 fi } # Function readonly wiki function ReadOnlyWiki { if [ $checkcom = "#" ] then sed -i "s/#\$wgReadOnly/\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php fi } # Dump function function DumpWiki { # dump wiki xml php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml #create file for md5sum md5sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.md5sum.txt #md5sum #sha256sum sha256sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.sha256sum.txt } # if line $wgReadOnly not there if [ -z "$comcheck" ] ; then echo "you do not have the line $wgReadOnly will append" echo "\$wgReadOnly = 'Dumping Database, Access will be restored shortly';" >> /var/www/html/mediawiki/LocalSettings.php fi ###make directory with name noobs+time_stamp # Check if dumps dir exists if [ ! -d /var/www/dumps ] then mkdir -pv /var/www/dumps fi # Check we dont have directory with same time stamp if [ ! -d /var/www/dumps/$time_stamp.Noobs ] ; then mkdir /var/www/dumps/$time_stamp.Noobs ReadOnlyWiki DumpWiki RestartWiki else echo "you already have dir $checkDir" RestartWiki exit 1 fi ########################### # Push Dir to xml server scp -i /root/.ssh/xml -r /var/www/dumps/$time_stamp.Noobs root@xml.completenoobs.com:/var/www/html/xmlDumps/ </syntaxhighlight> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== localwiki ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> h7yrwwdb1wvkjk74s93rgvcfxssttke 185 184 2023-03-20T20:39:10Z Noob 1 /* automate xml dumps to server */ 185 wikitext text/x-wiki Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==temp== ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash ### Bug - after first run does not comment out $wgReadOnly , after that its fine. set -x ## Calls # comcheck=$(cat /var/www/html/mediawiki/LocalSettings.php | grep wgReadOnly | awk '{print $1}' ) # checkcom=${comcheck::1} # time_stamp=$(date '+%d_%m_%y') # checkDir=$(ls /var/www/dumps/$time_stamp) #####Functions #Restart Wiki function to call function RestartWiki { sleep 2 if ! [ $checkcom = "#" ] then sed -i "s/\$wgReadOnly/#\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php echo "wiki should be back online" elif [ $checkcom = '#' ] then echo 'huh' exit 1 fi } # Function readonly wiki function ReadOnlyWiki { if [ $checkcom = "#" ] then sed -i "s/#\$wgReadOnly/\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php fi } # Dump function function DumpWiki { # dump wiki xml php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml #create file for md5sum md5sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.md5sum.txt #md5sum #sha256sum sha256sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.sha256sum.txt } # if line $wgReadOnly not there if [ -z "$comcheck" ] ; then echo "you do not have the line $wgReadOnly will append" echo "\$wgReadOnly = 'Dumping Database, Access will be restored shortly';" >> /var/www/html/mediawiki/LocalSettings.php fi ###make directory with name noobs+time_stamp # Check if dumps dir exists if [ ! -d /var/www/dumps ] then mkdir -pv /var/www/dumps fi # Check we dont have directory with same time stamp if [ ! -d /var/www/dumps/$time_stamp.Noobs ] ; then mkdir /var/www/dumps/$time_stamp.Noobs ReadOnlyWiki DumpWiki RestartWiki else echo "you already have dir $checkDir" RestartWiki exit 1 fi ########################### # Push Dir to xml server scp -i /root/.ssh/xml -r /var/www/dumps/$time_stamp.Noobs root@xml.completenoobs.com:/var/www/html/xmlDumps/ </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== localwiki ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> tddhd5jz5nphe7jsa818ykwmq90kbwr 186 185 2023-03-20T21:01:56Z Noob 1 /* Create Quick local wiki */ 186 wikitext text/x-wiki Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==temp== ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash ### Bug - after first run does not comment out $wgReadOnly , after that its fine. set -x ## Calls # comcheck=$(cat /var/www/html/mediawiki/LocalSettings.php | grep wgReadOnly | awk '{print $1}' ) # checkcom=${comcheck::1} # time_stamp=$(date '+%d_%m_%y') # checkDir=$(ls /var/www/dumps/$time_stamp) #####Functions #Restart Wiki function to call function RestartWiki { sleep 2 if ! [ $checkcom = "#" ] then sed -i "s/\$wgReadOnly/#\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php echo "wiki should be back online" elif [ $checkcom = '#' ] then echo 'huh' exit 1 fi } # Function readonly wiki function ReadOnlyWiki { if [ $checkcom = "#" ] then sed -i "s/#\$wgReadOnly/\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php fi } # Dump function function DumpWiki { # dump wiki xml php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml #create file for md5sum md5sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.md5sum.txt #md5sum #sha256sum sha256sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.sha256sum.txt } # if line $wgReadOnly not there if [ -z "$comcheck" ] ; then echo "you do not have the line $wgReadOnly will append" echo "\$wgReadOnly = 'Dumping Database, Access will be restored shortly';" >> /var/www/html/mediawiki/LocalSettings.php fi ###make directory with name noobs+time_stamp # Check if dumps dir exists if [ ! -d /var/www/dumps ] then mkdir -pv /var/www/dumps fi # Check we dont have directory with same time stamp if [ ! -d /var/www/dumps/$time_stamp.Noobs ] ; then mkdir /var/www/dumps/$time_stamp.Noobs ReadOnlyWiki DumpWiki RestartWiki else echo "you already have dir $checkDir" RestartWiki exit 1 fi ########################### # Push Dir to xml server scp -i /root/.ssh/xml -r /var/www/dumps/$time_stamp.Noobs root@xml.completenoobs.com:/var/www/html/xmlDumps/ </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> ti0tc6d0kr8pw7c6lhxy9jdhpi6d2c9 188 186 2023-03-21T03:42:45Z Noob 1 /* temp */ 188 wikitext text/x-wiki Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash ### Bug - after first run does not comment out $wgReadOnly , after that its fine. set -x ## Calls # comcheck=$(cat /var/www/html/mediawiki/LocalSettings.php | grep wgReadOnly | awk '{print $1}' ) # checkcom=${comcheck::1} # time_stamp=$(date '+%d_%m_%y') # checkDir=$(ls /var/www/dumps/$time_stamp) #####Functions #Restart Wiki function to call function RestartWiki { sleep 2 if ! [ $checkcom = "#" ] then sed -i "s/\$wgReadOnly/#\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php echo "wiki should be back online" elif [ $checkcom = '#' ] then echo 'huh' exit 1 fi } # Function readonly wiki function ReadOnlyWiki { if [ $checkcom = "#" ] then sed -i "s/#\$wgReadOnly/\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php fi } # Dump function function DumpWiki { # dump wiki xml php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml #create file for md5sum md5sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.md5sum.txt #md5sum #sha256sum sha256sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.sha256sum.txt } # if line $wgReadOnly not there if [ -z "$comcheck" ] ; then echo "you do not have the line $wgReadOnly will append" echo "\$wgReadOnly = 'Dumping Database, Access will be restored shortly';" >> /var/www/html/mediawiki/LocalSettings.php fi ###make directory with name noobs+time_stamp # Check if dumps dir exists if [ ! -d /var/www/dumps ] then mkdir -pv /var/www/dumps fi # Check we dont have directory with same time stamp if [ ! -d /var/www/dumps/$time_stamp.Noobs ] ; then mkdir /var/www/dumps/$time_stamp.Noobs ReadOnlyWiki DumpWiki RestartWiki else echo "you already have dir $checkDir" RestartWiki exit 1 fi ########################### # Push Dir to xml server scp -i /root/.ssh/xml -r /var/www/dumps/$time_stamp.Noobs root@xml.completenoobs.com:/var/www/html/xmlDumps/ </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> q1pyu7jjkfd5g7g9e5ztw8y4pgwrijk 229 188 2023-03-29T21:10:16Z Noob 1 /* SpamBot Wars */ 229 wikitext text/x-wiki Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash ### Bug - after first run does not comment out $wgReadOnly , after that its fine. set -x ## Calls # comcheck=$(cat /var/www/html/mediawiki/LocalSettings.php | grep wgReadOnly | awk '{print $1}' ) # checkcom=${comcheck::1} # time_stamp=$(date '+%d_%m_%y') # checkDir=$(ls /var/www/dumps/$time_stamp) #####Functions #Restart Wiki function to call function RestartWiki { sleep 2 if ! [ $checkcom = "#" ] then sed -i "s/\$wgReadOnly/#\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php echo "wiki should be back online" elif [ $checkcom = '#' ] then echo 'huh' exit 1 fi } # Function readonly wiki function ReadOnlyWiki { if [ $checkcom = "#" ] then sed -i "s/#\$wgReadOnly/\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php fi } # Dump function function DumpWiki { # dump wiki xml php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml #create file for md5sum md5sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.md5sum.txt #md5sum #sha256sum sha256sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.sha256sum.txt } # if line $wgReadOnly not there if [ -z "$comcheck" ] ; then echo "you do not have the line $wgReadOnly will append" echo "\$wgReadOnly = 'Dumping Database, Access will be restored shortly';" >> /var/www/html/mediawiki/LocalSettings.php fi ###make directory with name noobs+time_stamp # Check if dumps dir exists if [ ! -d /var/www/dumps ] then mkdir -pv /var/www/dumps fi # Check we dont have directory with same time stamp if [ ! -d /var/www/dumps/$time_stamp.Noobs ] ; then mkdir /var/www/dumps/$time_stamp.Noobs ReadOnlyWiki DumpWiki RestartWiki else echo "you already have dir $checkDir" RestartWiki exit 1 fi ########################### # Push Dir to xml server scp -i /root/.ssh/xml -r /var/www/dumps/$time_stamp.Noobs root@xml.completenoobs.com:/var/www/html/xmlDumps/ </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> ==Notes== ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> 99iev2kfk3dyivqt2k3cedom0x6kcqb 247 229 2023-04-02T20:23:18Z Noob 1 /* SpamBot Wars */ 247 wikitext text/x-wiki Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash ### Bug - after first run does not comment out $wgReadOnly , after that its fine. set -x ## Calls # comcheck=$(cat /var/www/html/mediawiki/LocalSettings.php | grep wgReadOnly | awk '{print $1}' ) # checkcom=${comcheck::1} # time_stamp=$(date '+%d_%m_%y') # checkDir=$(ls /var/www/dumps/$time_stamp) #####Functions #Restart Wiki function to call function RestartWiki { sleep 2 if ! [ $checkcom = "#" ] then sed -i "s/\$wgReadOnly/#\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php echo "wiki should be back online" elif [ $checkcom = '#' ] then echo 'huh' exit 1 fi } # Function readonly wiki function ReadOnlyWiki { if [ $checkcom = "#" ] then sed -i "s/#\$wgReadOnly/\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php fi } # Dump function function DumpWiki { # dump wiki xml php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml #create file for md5sum md5sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.md5sum.txt #md5sum #sha256sum sha256sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.sha256sum.txt } # if line $wgReadOnly not there if [ -z "$comcheck" ] ; then echo "you do not have the line $wgReadOnly will append" echo "\$wgReadOnly = 'Dumping Database, Access will be restored shortly';" >> /var/www/html/mediawiki/LocalSettings.php fi ###make directory with name noobs+time_stamp # Check if dumps dir exists if [ ! -d /var/www/dumps ] then mkdir -pv /var/www/dumps fi # Check we dont have directory with same time stamp if [ ! -d /var/www/dumps/$time_stamp.Noobs ] ; then mkdir /var/www/dumps/$time_stamp.Noobs ReadOnlyWiki DumpWiki RestartWiki else echo "you already have dir $checkDir" RestartWiki exit 1 fi ########################### # Push Dir to xml server scp -i /root/.ssh/xml -r /var/www/dumps/$time_stamp.Noobs root@xml.completenoobs.com:/var/www/html/xmlDumps/ </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==Remove <b>Index.php</b> From URL== [[Mediawiki_Remove_index.php|How to remove the Index.php from URL]] ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> ==Notes== ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> fubg1unrgoweveoutaawil1xwmyihgg 320 247 2023-04-17T03:06:49Z imported>AwesomO 0 /* automate xml dumps to server */ 320 wikitext text/x-wiki Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash ### Bug - after first run does not comment out $wgReadOnly , after that its fine. set -x ## Calls # comcheck=$(cat /var/www/html/mediawiki/LocalSettings.php | grep wgReadOnly | awk '{print $1}' ) # checkcom=${comcheck::1} # time_stamp=$(date '+%d_%m_%y') # checkDir=$(ls /var/www/dumps/$time_stamp) #####Functions #Restart Wiki function to call function RestartWiki { sleep 2 if ! [ $checkcom = "#" ] then sed -i "s/\$wgReadOnly/#\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php echo "wiki should be back online" elif [ $checkcom = '#' ] then echo 'huh' exit 1 fi } # Function readonly wiki function ReadOnlyWiki { if [ $checkcom = "#" ] then sed -i "s/#\$wgReadOnly/\$wgReadOnly/g" /var/www/html/mediawiki/LocalSettings.php fi } # Dump function function DumpWiki { # dump wiki xml php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml #create file for md5sum md5sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.md5sum.txt #md5sum #sha256sum sha256sum /var/www/dumps/$time_stamp.Noobs/$time_stamp.Noobs.xml > /var/www/dumps/$time_stamp.Noobs/$time_stamp.sha256sum.txt } # if line $wgReadOnly not there if [ -z "$comcheck" ] ; then echo "you do not have the line $wgReadOnly will append" echo "\$wgReadOnly = 'Dumping Database, Access will be restored shortly';" >> /var/www/html/mediawiki/LocalSettings.php fi ###make directory with name noobs+time_stamp # Check if dumps dir exists if [ ! -d /var/www/dumps ] then mkdir -pv /var/www/dumps fi # Check we dont have directory with same time stamp if [ ! -d /var/www/dumps/$time_stamp.Noobs ] ; then mkdir /var/www/dumps/$time_stamp.Noobs ReadOnlyWiki DumpWiki RestartWiki else echo "you already have dir $checkDir" RestartWiki exit 1 fi ########################### # Push Dir to xml server scp -i /root/.ssh/xml -r /var/www/dumps/$time_stamp.Noobs root@xml.completenoobs.com:/var/www/html/xmlDumps/ </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==Remove <b>Index.php</b> From URL== [[Mediawiki_Remove_index.php|How to remove the Index.php from URL]] ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> ==Notes== ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> eph6tnzypco80d4x1a444tfk0lgk1ne 321 320 2023-04-17T15:07:31Z imported>AwesomO 0 /* automate xml dumps to server */ 321 wikitext text/x-wiki Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash set -x time_stamp=$(date '+%d_%m_%y') dumps_dir="/var/www/dumps" noobs_dir="/var/www/html/noobs" local_settings="$noobs_dir/LocalSettings.php" wiki_dump_dir="$dumps_dir/$time_stamp.Noobs" xmlkey="/root/.ssh/xmlkey" remote_host="rscp@xml.completenoobs.com" remote_path="/home/rscp/media/" function ensure_read_only_line_exists { if ! grep -q "wgReadOnly" "$local_settings"; then cat <<EOF >> "$local_settings" \$wgReadOnly = 'Dumping Database, Access will be restored shortly'; EOF fi } function set_wiki_read_only { sed -i 's/^#*\(\$wgReadOnly\)/\1/' "$local_settings" } function unset_wiki_read_only { sed -i 's/^\(\$wgReadOnly\)/#\1/' "$local_settings" } function create_directories { mkdir -p "$dumps_dir" mkdir -p "$wiki_dump_dir" } function dump_wiki { php "$noobs_dir/maintenance/dumpBackup.php" --full > "$wiki_dump_dir/$time_stamp.Noobs.xml" } function generate_checksums { md5sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.md5sum.txt" sha256sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.sha256sum.txt" } function push_to_remote { scp -i /root/.ssh/xmlkey -r /var/www/dumps/$time_stamp.Noobs rscp@xml.completenoobs.com:/home/rscp/media/ #rsync -avz -e "ssh -i $xmlkey" "$wiki_dump_dir" "$remote_host:$remote_path" } # Main script ensure_read_only_line_exists create_directories set_wiki_read_only dump_wiki generate_checksums unset_wiki_read_only push_to_remote </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==Remove <b>Index.php</b> From URL== [[Mediawiki_Remove_index.php|How to remove the Index.php from URL]] ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> ==Notes== ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> h01ok4v1fxqv2ndz01345w3oqh7gdjh 439 321 2023-05-16T12:11:08Z Noob 1 Noob moved page [[Host Your Own Mediawiki Online - Ubuntu]] to [[Ubuntu 22.04 Host Your Own Mediawiki Online - LXC Ubuntu Container]] without leaving a redirect 321 wikitext text/x-wiki Installing MediaWiki on a container and exporting to the cloud. Local OS used Ubuntu-Mate 20.04 Tested with ethernet. Untested with wifi. TODO's * Remove 'index.php' from URL * Find out more about 'DocBookExport' and test how it works * Move MediaWiki Server to FreeBSD Currently trying to solve the spambot problem, they got round the need to request to open an account somehow, will update once solved. $EDITOR is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash set -x time_stamp=$(date '+%d_%m_%y') dumps_dir="/var/www/dumps" noobs_dir="/var/www/html/noobs" local_settings="$noobs_dir/LocalSettings.php" wiki_dump_dir="$dumps_dir/$time_stamp.Noobs" xmlkey="/root/.ssh/xmlkey" remote_host="rscp@xml.completenoobs.com" remote_path="/home/rscp/media/" function ensure_read_only_line_exists { if ! grep -q "wgReadOnly" "$local_settings"; then cat <<EOF >> "$local_settings" \$wgReadOnly = 'Dumping Database, Access will be restored shortly'; EOF fi } function set_wiki_read_only { sed -i 's/^#*\(\$wgReadOnly\)/\1/' "$local_settings" } function unset_wiki_read_only { sed -i 's/^\(\$wgReadOnly\)/#\1/' "$local_settings" } function create_directories { mkdir -p "$dumps_dir" mkdir -p "$wiki_dump_dir" } function dump_wiki { php "$noobs_dir/maintenance/dumpBackup.php" --full > "$wiki_dump_dir/$time_stamp.Noobs.xml" } function generate_checksums { md5sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.md5sum.txt" sha256sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.sha256sum.txt" } function push_to_remote { scp -i /root/.ssh/xmlkey -r /var/www/dumps/$time_stamp.Noobs rscp@xml.completenoobs.com:/home/rscp/media/ #rsync -avz -e "ssh -i $xmlkey" "$wiki_dump_dir" "$remote_host:$remote_path" } # Main script ensure_read_only_line_exists create_directories set_wiki_read_only dump_wiki generate_checksums unset_wiki_read_only push_to_remote </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==Remove <b>Index.php</b> From URL== [[Mediawiki_Remove_index.php|How to remove the Index.php from URL]] ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> ==Notes== ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> h01ok4v1fxqv2ndz01345w3oqh7gdjh 0 56 137 2023-03-06T10:53:08Z Noob 1 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-NC-SA Licence</b><br \> More information about the <b>CC BY-NC-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-nc-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> <pre> You are free to: Share — co..." 137 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-NC-SA Licence</b><br \> More information about the <b>CC BY-NC-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-nc-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> <pre> You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> <pre> Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License ("Public License"). To the extent this Public License may be interpreted as a contract, You are granted the Licensed Rights in consideration of Your acceptance of these terms and conditions, and the Licensor grants You such rights in consideration of benefits the Licensor receives from making the Licensed Material available under these terms and conditions. Section 1 – Definitions. Adapted Material means material subject to Copyright and Similar Rights that is derived from or based upon the Licensed Material and in which the Licensed Material is translated, altered, arranged, transformed, or otherwise modified in a manner requiring permission under the Copyright and Similar Rights held by the Licensor. For purposes of this Public License, where the Licensed Material is a musical work, performance, or sound recording, Adapted Material is always produced where the Licensed Material is synched in timed relation with a moving image. Adapter's License means the license You apply to Your Copyright and Similar Rights in Your contributions to Adapted Material in accordance with the terms and conditions of this Public License. BY-NC-SA Compatible License means a license listed at creativecommons.org/compatiblelicenses, approved by Creative Commons as essentially the equivalent of this Public License. Copyright and Similar Rights means copyright and/or similar rights closely related to copyright including, without limitation, performance, broadcast, sound recording, and Sui Generis Database Rights, without regard to how the rights are labeled or categorized. For purposes of this Public License, the rights specified in Section 2(b)(1)-(2) are not Copyright and Similar Rights. Effective Technological Measures means those measures that, in the absence of proper authority, may not be circumvented under laws fulfilling obligations under Article 11 of the WIPO Copyright Treaty adopted on December 20, 1996, and/or similar international agreements. Exceptions and Limitations means fair use, fair dealing, and/or any other exception or limitation to Copyright and Similar Rights that applies to Your use of the Licensed Material. License Elements means the license attributes listed in the name of a Creative Commons Public License. The License Elements of this Public License are Attribution, NonCommercial, and ShareAlike. Licensed Material means the artistic or literary work, database, or other material to which the Licensor applied this Public License. Licensed Rights means the rights granted to You subject to the terms and conditions of this Public License, which are limited to all Copyright and Similar Rights that apply to Your use of the Licensed Material and that the Licensor has authority to license. Licensor means the individual(s) or entity(ies) granting rights under this Public License. NonCommercial means not primarily intended for or directed towards commercial advantage or monetary compensation. For purposes of this Public License, the exchange of the Licensed Material for other material subject to Copyright and Similar Rights by digital file-sharing or similar means is NonCommercial provided there is no payment of monetary compensation in connection with the exchange. Share means to provide material to the public by any means or process that requires permission under the Licensed Rights, such as reproduction, public display, public performance, distribution, dissemination, communication, or importation, and to make material available to the public including in ways that members of the public may access the material from a place and at a time individually chosen by them. Sui Generis Database Rights means rights other than copyright resulting from Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, as amended and/or succeeded, as well as other essentially equivalent rights anywhere in the world. You means the individual or entity exercising the Licensed Rights under this Public License. Your has a corresponding meaning. Section 2 – Scope. License grant. Subject to the terms and conditions of this Public License, the Licensor hereby grants You a worldwide, royalty-free, non-sublicensable, non-exclusive, irrevocable license to exercise the Licensed Rights in the Licensed Material to: reproduce and Share the Licensed Material, in whole or in part, for NonCommercial purposes only; and produce, reproduce, and Share Adapted Material for NonCommercial purposes only. Exceptions and Limitations. For the avoidance of doubt, where Exceptions and Limitations apply to Your use, this Public License does not apply, and You do not need to comply with its terms and conditions. Term. The term of this Public License is specified in Section 6(a). Media and formats; technical modifications allowed. The Licensor authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this Public License, simply making modifications authorized by this Section 2(a)(4) never produces Adapted Material. Downstream recipients. Offer from the Licensor – Licensed Material. Every recipient of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights under the terms and conditions of this Public License. Additional offer from the Licensor – Adapted Material. Every recipient of Adapted Material from You automatically receives an offer from the Licensor to exercise the Licensed Rights in the Adapted Material under the conditions of the Adapter’s License You apply. No downstream restrictions. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, the Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed Material. No endorsement. Nothing in this Public License constitutes or may be construed as permission to assert or imply that You are, or that Your use of the Licensed Material is, connected with, or sponsored, endorsed, or granted official status by, the Licensor or others designated to receive attribution as provided in Section 3(a)(1)(A)(i). Other rights. Moral rights, such as the right of integrity, are not licensed under this Public License, nor are publicity, privacy, and/or other similar personality rights; however, to the extent possible, the Licensor waives and/or agrees not to assert any such rights held by the Licensor to the limited extent necessary to allow You to exercise the Licensed Rights, but not otherwise. Patent and trademark rights are not licensed under this Public License. To the extent possible, the Licensor waives any right to collect royalties from You for the exercise of the Licensed Rights, whether directly or through a collecting society under any voluntary or waivable statutory or compulsory licensing scheme. In all other cases the Licensor expressly reserves any right to collect such royalties, including when the Licensed Material is used other than for NonCommercial purposes. Section 3 – License Conditions. Your exercise of the Licensed Rights is expressly made subject to the following conditions. Attribution. If You Share the Licensed Material (including in modified form), You must: retain the following if it is supplied by the Licensor with the Licensed Material: identification of the creator(s) of the Licensed Material and any others designated to receive attribution, in any reasonable manner requested by the Licensor (including by pseudonym if designated); a copyright notice; a notice that refers to this Public License; a notice that refers to the disclaimer of warranties; a URI or hyperlink to the Licensed Material to the extent reasonably practicable; indicate if You modified the Licensed Material and retain an indication of any previous modifications; and indicate the Licensed Material is licensed under this Public License, and include the text of, or the URI or hyperlink to, this Public License. You may satisfy the conditions in Section 3(a)(1) in any reasonable manner based on the medium, means, and context in which You Share the Licensed Material. For example, it may be reasonable to satisfy the conditions by providing a URI or hyperlink to a resource that includes the required information. If requested by the Licensor, You must remove any of the information required by Section 3(a)(1)(A) to the extent reasonably practicable. ShareAlike. In addition to the conditions in Section 3(a), if You Share Adapted Material You produce, the following conditions also apply. The Adapter’s License You apply must be a Creative Commons license with the same License Elements, this version or later, or a BY-NC-SA Compatible License. You must include the text of, or the URI or hyperlink to, the Adapter's License You apply. You may satisfy this condition in any reasonable manner based on the medium, means, and context in which You Share Adapted Material. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, Adapted Material that restrict exercise of the rights granted under the Adapter's License You apply. Section 4 – Sui Generis Database Rights. Where the Licensed Rights include Sui Generis Database Rights that apply to Your use of the Licensed Material: for the avoidance of doubt, Section 2(a)(1) grants You the right to extract, reuse, reproduce, and Share all or a substantial portion of the contents of the database for NonCommercial purposes only; if You include all or a substantial portion of the database contents in a database in which You have Sui Generis Database Rights, then the database in which You have Sui Generis Database Rights (but not its individual contents) is Adapted Material, including for purposes of Section 3(b); and You must comply with the conditions in Section 3(a) if You Share all or a substantial portion of the contents of the database. For the avoidance of doubt, this Section 4 supplements and does not replace Your obligations under this Public License where the Licensed Rights include other Copyright and Similar Rights. Section 5 – Disclaimer of Warranties and Limitation of Liability. Unless otherwise separately undertaken by the Licensor, to the extent possible, the Licensor offers the Licensed Material as-is and as-available, and makes no representations or warranties of any kind concerning the Licensed Material, whether express, implied, statutory, or other. This includes, without limitation, warranties of title, merchantability, fitness for a particular purpose, non-infringement, absence of latent or other defects, accuracy, or the presence or absence of errors, whether or not known or discoverable. Where disclaimers of warranties are not allowed in full or in part, this disclaimer may not apply to You. To the extent possible, in no event will the Licensor be liable to You on any legal theory (including, without limitation, negligence) or otherwise for any direct, special, indirect, incidental, consequential, punitive, exemplary, or other losses, costs, expenses, or damages arising out of this Public License or use of the Licensed Material, even if the Licensor has been advised of the possibility of such losses, costs, expenses, or damages. Where a limitation of liability is not allowed in full or in part, this limitation may not apply to You. The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the extent possible, most closely approximates an absolute disclaimer and waiver of all liability. Section 6 – Term and Termination. This Public License applies for the term of the Copyright and Similar Rights licensed here. However, if You fail to comply with this Public License, then Your rights under this Public License terminate automatically. Where Your right to use the Licensed Material has terminated under Section 6(a), it reinstates: automatically as of the date the violation is cured, provided it is cured within 30 days of Your discovery of the violation; or upon express reinstatement by the Licensor. For the avoidance of doubt, this Section 6(b) does not affect any right the Licensor may have to seek remedies for Your violations of this Public License. For the avoidance of doubt, the Licensor may also offer the Licensed Material under separate terms or conditions or stop distributing the Licensed Material at any time; however, doing so will not terminate this Public License. Sections 1, 5, 6, 7, and 8 survive termination of this Public License. Section 7 – Other Terms and Conditions. The Licensor shall not be bound by any additional or different terms or conditions communicated by You unless expressly agreed. Any arrangements, understandings, or agreements regarding the Licensed Material not stated herein are separate from and independent of the terms and conditions of this Public License. Section 8 – Interpretation. For the avoidance of doubt, this Public License does not, and shall not be interpreted to, reduce, limit, restrict, or impose conditions on any use of the Licensed Material that could lawfully be made without permission under this Public License. To the extent possible, if any provision of this Public License is deemed unenforceable, it shall be automatically reformed to the minimum extent necessary to make it enforceable. If the provision cannot be reformed, it shall be severed from this Public License without affecting the enforceability of the remaining terms and conditions. No term or condition of this Public License will be waived and no failure to comply consented to unless expressly agreed to by the Licensor. Nothing in this Public License constitutes or may be interpreted as a limitation upon, or waiver of, any privileges and immunities that apply to the Licensor or You, including from the legal processes of any jurisdiction or authority. </pre> </div> </div> |} oxv1fhogrcprnkzkrjy9kxsnke57uv6 138 137 2023-03-06T10:53:20Z Noob 1 Protected "[[LICENCE HEADER CC BY-NC-SA 4.0]]" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) 137 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY-NC-SA Licence</b><br \> More information about the <b>CC BY-NC-SA licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by-nc-sa/4.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> <pre> You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: <div class="mw-collapsible-content"> <pre> Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License ("Public License"). To the extent this Public License may be interpreted as a contract, You are granted the Licensed Rights in consideration of Your acceptance of these terms and conditions, and the Licensor grants You such rights in consideration of benefits the Licensor receives from making the Licensed Material available under these terms and conditions. Section 1 – Definitions. Adapted Material means material subject to Copyright and Similar Rights that is derived from or based upon the Licensed Material and in which the Licensed Material is translated, altered, arranged, transformed, or otherwise modified in a manner requiring permission under the Copyright and Similar Rights held by the Licensor. For purposes of this Public License, where the Licensed Material is a musical work, performance, or sound recording, Adapted Material is always produced where the Licensed Material is synched in timed relation with a moving image. Adapter's License means the license You apply to Your Copyright and Similar Rights in Your contributions to Adapted Material in accordance with the terms and conditions of this Public License. BY-NC-SA Compatible License means a license listed at creativecommons.org/compatiblelicenses, approved by Creative Commons as essentially the equivalent of this Public License. Copyright and Similar Rights means copyright and/or similar rights closely related to copyright including, without limitation, performance, broadcast, sound recording, and Sui Generis Database Rights, without regard to how the rights are labeled or categorized. For purposes of this Public License, the rights specified in Section 2(b)(1)-(2) are not Copyright and Similar Rights. Effective Technological Measures means those measures that, in the absence of proper authority, may not be circumvented under laws fulfilling obligations under Article 11 of the WIPO Copyright Treaty adopted on December 20, 1996, and/or similar international agreements. Exceptions and Limitations means fair use, fair dealing, and/or any other exception or limitation to Copyright and Similar Rights that applies to Your use of the Licensed Material. License Elements means the license attributes listed in the name of a Creative Commons Public License. The License Elements of this Public License are Attribution, NonCommercial, and ShareAlike. Licensed Material means the artistic or literary work, database, or other material to which the Licensor applied this Public License. Licensed Rights means the rights granted to You subject to the terms and conditions of this Public License, which are limited to all Copyright and Similar Rights that apply to Your use of the Licensed Material and that the Licensor has authority to license. Licensor means the individual(s) or entity(ies) granting rights under this Public License. NonCommercial means not primarily intended for or directed towards commercial advantage or monetary compensation. For purposes of this Public License, the exchange of the Licensed Material for other material subject to Copyright and Similar Rights by digital file-sharing or similar means is NonCommercial provided there is no payment of monetary compensation in connection with the exchange. Share means to provide material to the public by any means or process that requires permission under the Licensed Rights, such as reproduction, public display, public performance, distribution, dissemination, communication, or importation, and to make material available to the public including in ways that members of the public may access the material from a place and at a time individually chosen by them. Sui Generis Database Rights means rights other than copyright resulting from Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, as amended and/or succeeded, as well as other essentially equivalent rights anywhere in the world. You means the individual or entity exercising the Licensed Rights under this Public License. Your has a corresponding meaning. Section 2 – Scope. License grant. Subject to the terms and conditions of this Public License, the Licensor hereby grants You a worldwide, royalty-free, non-sublicensable, non-exclusive, irrevocable license to exercise the Licensed Rights in the Licensed Material to: reproduce and Share the Licensed Material, in whole or in part, for NonCommercial purposes only; and produce, reproduce, and Share Adapted Material for NonCommercial purposes only. Exceptions and Limitations. For the avoidance of doubt, where Exceptions and Limitations apply to Your use, this Public License does not apply, and You do not need to comply with its terms and conditions. Term. The term of this Public License is specified in Section 6(a). Media and formats; technical modifications allowed. The Licensor authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this Public License, simply making modifications authorized by this Section 2(a)(4) never produces Adapted Material. Downstream recipients. Offer from the Licensor – Licensed Material. Every recipient of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights under the terms and conditions of this Public License. Additional offer from the Licensor – Adapted Material. Every recipient of Adapted Material from You automatically receives an offer from the Licensor to exercise the Licensed Rights in the Adapted Material under the conditions of the Adapter’s License You apply. No downstream restrictions. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, the Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed Material. No endorsement. Nothing in this Public License constitutes or may be construed as permission to assert or imply that You are, or that Your use of the Licensed Material is, connected with, or sponsored, endorsed, or granted official status by, the Licensor or others designated to receive attribution as provided in Section 3(a)(1)(A)(i). Other rights. Moral rights, such as the right of integrity, are not licensed under this Public License, nor are publicity, privacy, and/or other similar personality rights; however, to the extent possible, the Licensor waives and/or agrees not to assert any such rights held by the Licensor to the limited extent necessary to allow You to exercise the Licensed Rights, but not otherwise. Patent and trademark rights are not licensed under this Public License. To the extent possible, the Licensor waives any right to collect royalties from You for the exercise of the Licensed Rights, whether directly or through a collecting society under any voluntary or waivable statutory or compulsory licensing scheme. In all other cases the Licensor expressly reserves any right to collect such royalties, including when the Licensed Material is used other than for NonCommercial purposes. Section 3 – License Conditions. Your exercise of the Licensed Rights is expressly made subject to the following conditions. Attribution. If You Share the Licensed Material (including in modified form), You must: retain the following if it is supplied by the Licensor with the Licensed Material: identification of the creator(s) of the Licensed Material and any others designated to receive attribution, in any reasonable manner requested by the Licensor (including by pseudonym if designated); a copyright notice; a notice that refers to this Public License; a notice that refers to the disclaimer of warranties; a URI or hyperlink to the Licensed Material to the extent reasonably practicable; indicate if You modified the Licensed Material and retain an indication of any previous modifications; and indicate the Licensed Material is licensed under this Public License, and include the text of, or the URI or hyperlink to, this Public License. You may satisfy the conditions in Section 3(a)(1) in any reasonable manner based on the medium, means, and context in which You Share the Licensed Material. For example, it may be reasonable to satisfy the conditions by providing a URI or hyperlink to a resource that includes the required information. If requested by the Licensor, You must remove any of the information required by Section 3(a)(1)(A) to the extent reasonably practicable. ShareAlike. In addition to the conditions in Section 3(a), if You Share Adapted Material You produce, the following conditions also apply. The Adapter’s License You apply must be a Creative Commons license with the same License Elements, this version or later, or a BY-NC-SA Compatible License. You must include the text of, or the URI or hyperlink to, the Adapter's License You apply. You may satisfy this condition in any reasonable manner based on the medium, means, and context in which You Share Adapted Material. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, Adapted Material that restrict exercise of the rights granted under the Adapter's License You apply. Section 4 – Sui Generis Database Rights. Where the Licensed Rights include Sui Generis Database Rights that apply to Your use of the Licensed Material: for the avoidance of doubt, Section 2(a)(1) grants You the right to extract, reuse, reproduce, and Share all or a substantial portion of the contents of the database for NonCommercial purposes only; if You include all or a substantial portion of the database contents in a database in which You have Sui Generis Database Rights, then the database in which You have Sui Generis Database Rights (but not its individual contents) is Adapted Material, including for purposes of Section 3(b); and You must comply with the conditions in Section 3(a) if You Share all or a substantial portion of the contents of the database. For the avoidance of doubt, this Section 4 supplements and does not replace Your obligations under this Public License where the Licensed Rights include other Copyright and Similar Rights. Section 5 – Disclaimer of Warranties and Limitation of Liability. Unless otherwise separately undertaken by the Licensor, to the extent possible, the Licensor offers the Licensed Material as-is and as-available, and makes no representations or warranties of any kind concerning the Licensed Material, whether express, implied, statutory, or other. This includes, without limitation, warranties of title, merchantability, fitness for a particular purpose, non-infringement, absence of latent or other defects, accuracy, or the presence or absence of errors, whether or not known or discoverable. Where disclaimers of warranties are not allowed in full or in part, this disclaimer may not apply to You. To the extent possible, in no event will the Licensor be liable to You on any legal theory (including, without limitation, negligence) or otherwise for any direct, special, indirect, incidental, consequential, punitive, exemplary, or other losses, costs, expenses, or damages arising out of this Public License or use of the Licensed Material, even if the Licensor has been advised of the possibility of such losses, costs, expenses, or damages. Where a limitation of liability is not allowed in full or in part, this limitation may not apply to You. The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the extent possible, most closely approximates an absolute disclaimer and waiver of all liability. Section 6 – Term and Termination. This Public License applies for the term of the Copyright and Similar Rights licensed here. However, if You fail to comply with this Public License, then Your rights under this Public License terminate automatically. Where Your right to use the Licensed Material has terminated under Section 6(a), it reinstates: automatically as of the date the violation is cured, provided it is cured within 30 days of Your discovery of the violation; or upon express reinstatement by the Licensor. For the avoidance of doubt, this Section 6(b) does not affect any right the Licensor may have to seek remedies for Your violations of this Public License. For the avoidance of doubt, the Licensor may also offer the Licensed Material under separate terms or conditions or stop distributing the Licensed Material at any time; however, doing so will not terminate this Public License. Sections 1, 5, 6, 7, and 8 survive termination of this Public License. Section 7 – Other Terms and Conditions. The Licensor shall not be bound by any additional or different terms or conditions communicated by You unless expressly agreed. Any arrangements, understandings, or agreements regarding the Licensed Material not stated herein are separate from and independent of the terms and conditions of this Public License. Section 8 – Interpretation. For the avoidance of doubt, this Public License does not, and shall not be interpreted to, reduce, limit, restrict, or impose conditions on any use of the Licensed Material that could lawfully be made without permission under this Public License. To the extent possible, if any provision of this Public License is deemed unenforceable, it shall be automatically reformed to the minimum extent necessary to make it enforceable. If the provision cannot be reformed, it shall be severed from this Public License without affecting the enforceability of the remaining terms and conditions. No term or condition of this Public License will be waived and no failure to comply consented to unless expressly agreed to by the Licensor. Nothing in this Public License constitutes or may be interpreted as a limitation upon, or waiver of, any privileges and immunities that apply to the Licensor or You, including from the legal processes of any jurisdiction or authority. </pre> </div> </div> |} oxv1fhogrcprnkzkrjy9kxsnke57uv6 4 58 162 2023-03-07T00:58:38Z Noob 1 Created page with "{{:LICENCE_HEADER_CC_BY-SA}}<br \> Welcome to [https://www.completenoobs.com completenoobs.com]! Before you do anything on our wiki you must read and accept the following terms. '''PLEASE READ THESE TERMS OF USE CAREFULLY BEFORE USING THE SERVICES. BY ACCESSING THIS SITE OR USING ANY PART OF THE SITE OR ANY CONTENT OR SERVICES (AS EACH IS DEFINED BELOW) ON THE SITE, YOU AGREE TO BECOME BOUND BY THESE TERMS AND CONDITIONS. IF YOU DO NOT AGREE TO ALL THE TERMS AND CONDIT..." 162 wikitext text/x-wiki {{:LICENCE_HEADER_CC_BY-SA}}<br \> Welcome to [https://www.completenoobs.com completenoobs.com]! Before you do anything on our wiki you must read and accept the following terms. '''PLEASE READ THESE TERMS OF USE CAREFULLY BEFORE USING THE SERVICES. BY ACCESSING THIS SITE OR USING ANY PART OF THE SITE OR ANY CONTENT OR SERVICES (AS EACH IS DEFINED BELOW) ON THE SITE, YOU AGREE TO BECOME BOUND BY THESE TERMS AND CONDITIONS. IF YOU DO NOT AGREE TO ALL THE TERMS AND CONDITIONS, THEN YOU MAY NOT ACCESS THE SITE OR USE THE CONTENT OR ANY SERVICES IN THE SITE. COMPLETENOOBS ACCEPTANCE IS EXPRESSLY CONDITIONED UPON YOUR ASSENT TO ALL OF THESE TERMS AND CONDITIONS, TO THE EXCLUSION OF ALL OTHER TERMS; IF THESE TERMS AND CONDITIONS ARE CONSIDERED AN OFFER BY COMPLETENOOBS ACCEPTANCE IS EXPRESSLY LIMITED TO THESE TERMS.''' ==Modifications of Terms of Use== CompleteNoobs.com reserves the right, at its sole discretion, to modify or replace the Terms of Use at any time. If the alterations constitute a material change to the Terms of Use, CompleteNoobs.com will notify you by posting an announcement on the Site or on the mailing list. What constitutes a "material change" will be determined at CompleteNoobs sole discretion, in good faith and using common sense and reasonable judgment. You shall be responsible for reviewing and becoming familiar with any such modifications. Use of the Services by you following such notification constitutes your acceptance of the terms and conditions of the Terms of Use as modified. ==Services== Not sure what to write here - we just want to host and share libre licenced Computer Science Content, that can be downloaded and shared by others freely.! CompleteNoobs.com content is available to anyone on the Internet for both entertainment and information. ==Content== CompleteNoobs.com is a Wiki for Libre Licenced Computer Science Content, and takes no responsibility for the content uploaded by third parties. CompleteNoobs.com wiki is provided "as is". CompleteNoobs.com has no responsibility for lack of availability of any wiki or of any particular content. You should be aware that the wikis are editable by the public, and, as such, may contain inappropriate content at any time. Any use you make of content hosted by CompleteNoobs.com must be in line with the terms of that wiki's license. Any content you upload or post to any CompleteNoobs.com wiki must be compatible with the relevant license, not violate another person's intellectual property or infringe on any copyright, patent, trademark, trade secret, or other proprietary rights. No content shall be added which violates any applicable law, including local, state, national, and international laws. You understand that CompleteNoobs.com does not control, and is not responsible for Content made available through the Service, and that by using the Service, you may be exposed to Content that is offensive, indecent, inaccurate, misleading, or otherwise objectionable. Furthermore, under no circumstances will CompleteNoobs.com be liable in any way for any Content or for any loss or damage of any kind incurred as a result of the use of any Content posted, emailed or otherwise made available via the Service. You agree that you will not make any changes to CompleteNoobs.com that is in breach of the [[Content Policy]] and will make efforts to remove or report any content which may be in breach of such conditions as described in the policy. You acknowledge that CompleteNoobs.com does not pre-screen or approve Content, but that CompleteNoobs.com shall have the right (but not the obligation) in its sole discretion to refuse, delete or move any Content that is available via the Service, for violating the Terms of use or for any other reason. ==Indemnity== You will indemnify and hold harmless CompleteNoobs.com, its parents, subsidiaries, affiliates, customers, vendors, officers and employees from any liability, damage or cost (including reasonable attorneys. fees and cost) from (i) any claim or demand made by any third party due to or arising out of your access to the Site, use of the Services, violation of the Terms of Use by you, or the infringement by you, or any third party using your account or User ID, of any intellectual property or other right of any person or entity. ==Warranty Disclaimers== You acknowledge that CompleteNoobs.com has no control over, and no duty to take any action regarding: which users gain access to the Site or use the Services; what effects the Content may have on you; how you may interpret or use the Content; or what actions you may take as a result of having been exposed to the Content. You release CompleteNoobs.com from all liability for you having acquired or not acquired Content through the Site or the Services. The Site or Services may contain, or direct you to sites containing, information that some people may find offensive or inappropriate. CompleteNoobs.com makes no representations concerning any content contained in or accessed through the Site or Services, and CompleteNoobs.com will not be responsible or liable for the accuracy, copyright compliance, legality or decency of material contained in or accessed through the Site or the Services. THE SERVICE, CONTENT, AND SITE ARE PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. SOME STATES DO NOT ALLOW LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY LASTS, SO THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU. ==Changes to wikis== CompleteNoobs.com reserves the right to close, move, merge, or rename, a wiki for any reason. CompleteNoobs.com shall not be held liable for any modification, suspension or discontinuance of any wiki, or of the service as a whole. ==Advertising== CompleteNoobs.com Advertising and funding page can be found [[COMPLETENOOBS_FUNDING | HERE]]<br \> No Advertising allowed on the Main Wiki pages.<br \> You are allowed to mention which service you used and where to find, but No Affiliate Links are allowed in main wiki pages.<br \> You can open a personal user page <code>index.php/User:<$WIKI_USERNAME></code> where you can place your donations and affiliate links, and links to your other works.<br \> CompleteNoobs.com takes no responsibility for the content of externally provided advertising. The content of advertisements may be protected by copyrights, or other proprietary rights and laws, and should not be assumed to be available under the terms of any free content license. CompleteNoobs.com will never host pop-up adverts. ==Links== The Services may provide, or third parties may provide, links to other World Wide Web sites or resources. Because CompleteNoobs.com has no control over such sites and resources, you acknowledge and agree that CompleteNoobs.com is not responsible for the availability of such external sites or resources, and does not endorse and is not responsible or liable for any Content, advertising, products or other materials on or available from such sites or resources. You further acknowledge and agree that CompleteNoobs.com shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such Content, goods or services available on or through any such site or resource. ==Copyright Complaints== We respect the intellectual property rights of others and we prohibit users from uploading, posting or otherwise transmitting on the CompleteNoobs.com website or service any materials that violate another party's intellectual property rights. When we receive proper Notification of Alleged Copyright Infringement as described in our [[CompleteNoobs:Copyright_Policy|Copyright Policy]], we promptly remove or disable access to the allegedly infringing material and terminate the accounts of repeat infringers as described herein in accordance with the Digital Millenium Copyright Act. If you believe that any material on the Site infringes upon any copyright which you own or control, you may send a written notification of such infringement to our [[Talk:CompleteNoobs:Copyright_Policy |Copyright Policy Discussion Page.]]. Please see our [[CompleteNoobs:Copyright_Policy|Copyright Policy]] for more information on how to report infringement of your copyright. ==User Disputes== You are solely responsible for your interactions with other CompleteNoobs users. We reserve the right, but have no obligation, to monitor disputes between you and other users. ==Collection of personal information== User information is stored on servers in the United Kingdom and other countries. The Only information you need to give to sign up is a UserName, Password and eMail address. he username does not need to be your real name. Therefore, any personal information you choose to give is not compulsory. CompleteNoobs sites are not intended for, and may not be used by, children under the age of 13 years old. You may change your email in your user preferences. If you choose to enter a real name in your preferences, this will be publicly available. However, this field is optional, and there is no requirement for any user to give a real name. Information from our server logs may be stored and used to gather aggregate data about users, and used to determine whether the identity of one or more users is the same in cases of abuse. This data includes your IP address, and details about your browser. Your browser must permit cookies to be set (by *.CompleteNoobs.com) in order for you to log in to CompleteNoobs.com. If you do not make an account on any wiki, you need not accept cookie requests from this site. Pages created and Edited by users will show the username, user's IP address in the page history of the article they edited, and also in other places on the site, including watchlists and recent changes, and in any external feeds made of such pages. ===Data Collected by apache server and fail2ban=== The type of info stored on apache2 access logs <div class="toccolours mw-collapsible mw-collapsed"> Example of The type of Data stored on apache2 access logs<br \> Time, Date, IP address, OS, Browser Used, Action done. <div class="mw-collapsible-content"> <pre> 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /index.php/Main_Page HTTP/1.1" 200 15063 "https://10.3.45.200/index.php?title=MediaWiki:Shoutwiki-loginform-tos&action=edit" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /load.php?lang=en-gb&modules=ext.pageNotice%7Cjquery.makeCollapsible.styles%7Cjquery.tablesorter.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9251 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:55:01 +0000] "GET /index.php/User:Testin HTTP/1.1" 200 5168 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:55:02 +0000] "GET /load.php?lang=en-gb&modules=skins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 8414 "https://10.3.45.200/index.php/User:Testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /index.php/User:Greenadmin HTTP/1.1" 200 9723 "https://10.3.45.200/index.php?title=MediaWiki:Shoutwiki-loginform-tos&action=edit" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /load.php?lang=en-gb&modules=skins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 8414 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.notification%2CvisibleTimeout&skin=vector&version=1v0pl HTTP/1.1" 200 9100 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "POST /api.php HTTP/1.1" 200 984 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "GET /index.php?title=Special:UserLogout&returnto=User%3AGreenadmin HTTP/1.1" 200 3788 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /index.php?title=Special:UserLogin&returnto=User%3AGreenadmin HTTP/1.1" 200 4556 "https://10.3.45.200/index.php?title=Special:UserLogout&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.htmlform.styles%7Cmediawiki.special.userlogin.common.styles%7Cmediawiki.special.userlogin.login.styles%7Cmediawiki.ui%7Cmediawiki.ui.button%2Ccheckbox%2Cinput%2Cradio%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10621 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&safemode=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:40 +0000] "POST /index.php?title=Special:UserLogin&returnto=User:Greenadmin HTTP/1.1" 302 1492 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:40 +0000] "GET /index.php/User:Greenadmin HTTP/1.1" 200 4471 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:47 +0000] "GET /index.php/Special:SpecialPages HTTP/1.1" 200 6257 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:47 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9983 "https://10.3.45.200/index.php/Special:SpecialPages" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:51 +0000] "GET /index.php/Special:UserRights HTTP/1.1" 200 4184 "https://10.3.45.200/index.php/Special:SpecialPages" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:53 +0000] "GET /api.php?action=query&format=json&formatversion=2&list=allusers&auprefix=Test&aulimit=10 HTTP/1.1" 200 655 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:54 +0000] "GET /api.php?action=query&format=json&formatversion=2&list=allusers&auprefix=Testin&aulimit=10 HTTP/1.1" 200 655 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:55 +0000] "GET /index.php?title=Special%3AUserRights&user=testin HTTP/1.1" 200 5769 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:56 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cmediawiki.interface.helpers.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10181 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "POST /index.php/Special:UserRights HTTP/1.1" 302 1128 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cmediawiki.interface.helpers.styles%7Cmediawiki.notification.convertmessagebox.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10536 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "GET /index.php/Special:UserRights/testin HTTP/1.1" 200 5832 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:07 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.searchSuggest&skin=vector&version=4itwt HTTP/1.1" 200 7618 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:09 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=c&namespace=0&limit=10 HTTP/1.1" 200 597 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:10 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=cop&namespace=0&limit=10 HTTP/1.1" 200 600 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:10 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copy&namespace=0&limit=10 HTTP/1.1" 200 601 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyr&namespace=0&limit=10 HTTP/1.1" 200 575 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyri&namespace=0&limit=10 HTTP/1.1" 200 5879 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyright&namespace=0&limit=10 HTTP/1.1" 200 606 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:12 +0000] "GET /index.php?search=copyright&title=Special%3ASearch&go=Go HTTP/1.1" 200 7130 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:12 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%2Cui%7Cmediawiki.special.search.styles%7Cmediawiki.ui.button%2Cinput%7Cmediawiki.widgets.SearchInputWidget.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 21313 "https://10.3.45.200/index.php?search=copyright&title=Special%3ASearch&go=Go" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:14 +0000] "GET /index.php?title=Copyright&action=edit&redlink=1 HTTP/1.1" 200 6405 "https://10.3.45.200/index.php?search=copyright&title=Special%3ASearch&go=Go" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:14 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.action.edit.styles%7Cmediawiki.editfont.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 18053 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "POST /api.php HTTP/1.1" 200 1140 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "POST /index.php?title=Copyright&action=submit HTTP/1.1" 302 1276 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "GET /index.php/Copyright HTTP/1.1" 200 8086 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "GET /load.php?lang=en-gb&modules=ext.pageNotice%7Cjquery.makeCollapsible.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9104 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:42 +0000] "GET /resources/src/mediawiki.action/images/check-success.svg?116d2 HTTP/1.1" 200 607 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:43 +0000] "GET /index.php?title=Copyright&action=protect HTTP/1.1" 200 6673 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:44 +0000] "GET /load.php?lang=en-gb&modules=jquery%2Coojs%2Coojs-ui-core%2Csite%7Cjquery.client%2ClengthLimit%7Cmediawiki.String%2CTitle%2Capi%2Cbase%2Ccldr%2Chtmlform%2CjqueryMsg%2Clanguage%2Cutil%7Cmediawiki.action.protect%7Cmediawiki.htmlform.ooui%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready%7Cmediawiki.page.watch.ajax%7Cskins.vector.legacy.js%7Cuser.defaults&skin=vector&version=ibd6y HTTP/1.1" 200 499559 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:44 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.action.styles%7Cmediawiki.htmlform.ooui.styles%7Cmediawiki.htmlform.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 18758 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:49 +0000] "POST /index.php?title=Copyright&action=protect HTTP/1.1" 302 1112 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:50 +0000] "GET /index.php/Copyright HTTP/1.1" 200 7941 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:53 +0000] "POST /api.php HTTP/1.1" 200 984 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:53 +0000] "GET /index.php?title=Special:UserLogout&returnto=Copyright HTTP/1.1" 200 3747 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:55 +0000] "GET /index.php?title=Special:UserLogin&returnto=Copyright HTTP/1.1" 200 4548 "https://10.3.45.200/index.php?title=Special:UserLogout&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:03 +0000] "POST /index.php?title=Special:UserLogin&returnto=Copyright HTTP/1.1" 302 1482 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:04 +0000] "GET /index.php/Copyright HTTP/1.1" 200 7824 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:07 +0000] "GET /index.php?title=Talk:Copyright&action=edit&redlink=1 HTTP/1.1" 200 6396 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "POST /api.php HTTP/1.1" 200 1140 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "POST /index.php?title=Talk:Copyright&action=submit HTTP/1.1" 302 1281 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "GET /index.php/Talk:Copyright HTTP/1.1" 200 5164 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example of data stored in Apache error logs:<br \> Date, Time, IP address and port, Action <div class="mw-collapsible-content"> <pre> [Fri Jul 23 04:25:43.125317 2021] [php7:error] [pid 7609] [client 93.157.23.18:55862] script '/var/www/html/mediawiki/c99.php' not found or unable to stat [Fri Jul 23 04:25:43.131058 2021] [php7:error] [pid 7608] [client 93.157.23.18:55852] script '/var/www/html/mediawiki/c99.php' not found or unable to stat </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example of Fail2ban.log data:<br \> Date, Time, IP address <div class="mw-collapsible-content"> <pre> 2021-07-27 12:06:31,021 fail2ban.filter [331]: INFO [mediawiki] Found 10.3.45.1 - 2021-07-27 12:06:31 2021-07-27 12:06:31,291 fail2ban.actions [331]: NOTICE [mediawiki] Ban 10.3.45.1 2021-07-27 12:07:21,629 fail2ban.actions [324]: NOTICE [mediawiki] Restore Ban 10.3.45.1 2021-07-27 12:10:01,086 fail2ban.actions [324]: NOTICE [mediawiki] Unban 10.3.45.1 </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example in Fail2Log.log:<br \> IP address, Date, Time, Username used <div class="mw-collapsible-content"> <pre> Failed:10.3.45.1 2021-07-27 11:16:07 UTC greenadmin Failed:10.3.45.1 2021-07-27 11:16:15 UTC greenadmin Failed:10.3.45.1 2021-07-27 11:16:50 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:05:59 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:11 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:15 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:23 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:31 UTC greenadmin </pre> </div> </div> ==Submissions== You acknowledge and agree that any questions, comments, suggestions, ideas, feedback or other information about the Site or the Service ("Submissions"), provided by you to CompleteNoobs.com are non-confidential and shall become the sole property of CompleteNoobs.com. CompleteNoobs.com shall own exclusive rights, including all intellectual property rights, and shall be entitled to the unrestricted use and dissemination of these Submissions for any purpose, commercial or otherwise, without acknowledgment or compensation to you. ==Termination== CompleteNoobs.com may terminate or suspend any and all Services and your user account immediately, without prior notice or liability, if you breach any of the terms or conditions of the Terms of Use. Upon termination of your account, your right to use the Services will immediately cease. If you wish to terminate your account, you may simply discontinue using the Services. All provisions of the Terms of Use which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability. ==Other== These Terms of Use constitute the entire agreement between you and CompleteNoobs.com regarding the use of the Site and/or the Service, superseding any prior agreements between you and CompleteNoobs.com relating to your use of the Site or the Service. The failure of CompleteNoobs.com to exercise or enforce any right or provision of these Terms of Use shall not constitute a waiver of such right or provision in that or any other instance. If any provision of this Agreement is held invalid, the remainder of this Agreement shall continue in full force and effect. If any provision of these Terms of Use shall be deemed unlawful, void or for any reason unenforceable, then that provision shall be deemed severable from these Terms of Use and shall not affect the validity and enforceability of any remaining provisions. ==Supremacy of English Language Terms of Use== Where a translation of these Terms of use is inconsistent with the English language version, the English language version shall prevail. hoivkql3dt4g8m2sv4jr2cq4o71167n 163 162 2023-03-07T00:58:50Z Noob 1 Protected "[[CompleteNoobs:Terms of Service]]" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) 162 wikitext text/x-wiki {{:LICENCE_HEADER_CC_BY-SA}}<br \> Welcome to [https://www.completenoobs.com completenoobs.com]! Before you do anything on our wiki you must read and accept the following terms. '''PLEASE READ THESE TERMS OF USE CAREFULLY BEFORE USING THE SERVICES. BY ACCESSING THIS SITE OR USING ANY PART OF THE SITE OR ANY CONTENT OR SERVICES (AS EACH IS DEFINED BELOW) ON THE SITE, YOU AGREE TO BECOME BOUND BY THESE TERMS AND CONDITIONS. IF YOU DO NOT AGREE TO ALL THE TERMS AND CONDITIONS, THEN YOU MAY NOT ACCESS THE SITE OR USE THE CONTENT OR ANY SERVICES IN THE SITE. COMPLETENOOBS ACCEPTANCE IS EXPRESSLY CONDITIONED UPON YOUR ASSENT TO ALL OF THESE TERMS AND CONDITIONS, TO THE EXCLUSION OF ALL OTHER TERMS; IF THESE TERMS AND CONDITIONS ARE CONSIDERED AN OFFER BY COMPLETENOOBS ACCEPTANCE IS EXPRESSLY LIMITED TO THESE TERMS.''' ==Modifications of Terms of Use== CompleteNoobs.com reserves the right, at its sole discretion, to modify or replace the Terms of Use at any time. If the alterations constitute a material change to the Terms of Use, CompleteNoobs.com will notify you by posting an announcement on the Site or on the mailing list. What constitutes a "material change" will be determined at CompleteNoobs sole discretion, in good faith and using common sense and reasonable judgment. You shall be responsible for reviewing and becoming familiar with any such modifications. Use of the Services by you following such notification constitutes your acceptance of the terms and conditions of the Terms of Use as modified. ==Services== Not sure what to write here - we just want to host and share libre licenced Computer Science Content, that can be downloaded and shared by others freely.! CompleteNoobs.com content is available to anyone on the Internet for both entertainment and information. ==Content== CompleteNoobs.com is a Wiki for Libre Licenced Computer Science Content, and takes no responsibility for the content uploaded by third parties. CompleteNoobs.com wiki is provided "as is". CompleteNoobs.com has no responsibility for lack of availability of any wiki or of any particular content. You should be aware that the wikis are editable by the public, and, as such, may contain inappropriate content at any time. Any use you make of content hosted by CompleteNoobs.com must be in line with the terms of that wiki's license. Any content you upload or post to any CompleteNoobs.com wiki must be compatible with the relevant license, not violate another person's intellectual property or infringe on any copyright, patent, trademark, trade secret, or other proprietary rights. No content shall be added which violates any applicable law, including local, state, national, and international laws. You understand that CompleteNoobs.com does not control, and is not responsible for Content made available through the Service, and that by using the Service, you may be exposed to Content that is offensive, indecent, inaccurate, misleading, or otherwise objectionable. Furthermore, under no circumstances will CompleteNoobs.com be liable in any way for any Content or for any loss or damage of any kind incurred as a result of the use of any Content posted, emailed or otherwise made available via the Service. You agree that you will not make any changes to CompleteNoobs.com that is in breach of the [[Content Policy]] and will make efforts to remove or report any content which may be in breach of such conditions as described in the policy. You acknowledge that CompleteNoobs.com does not pre-screen or approve Content, but that CompleteNoobs.com shall have the right (but not the obligation) in its sole discretion to refuse, delete or move any Content that is available via the Service, for violating the Terms of use or for any other reason. ==Indemnity== You will indemnify and hold harmless CompleteNoobs.com, its parents, subsidiaries, affiliates, customers, vendors, officers and employees from any liability, damage or cost (including reasonable attorneys. fees and cost) from (i) any claim or demand made by any third party due to or arising out of your access to the Site, use of the Services, violation of the Terms of Use by you, or the infringement by you, or any third party using your account or User ID, of any intellectual property or other right of any person or entity. ==Warranty Disclaimers== You acknowledge that CompleteNoobs.com has no control over, and no duty to take any action regarding: which users gain access to the Site or use the Services; what effects the Content may have on you; how you may interpret or use the Content; or what actions you may take as a result of having been exposed to the Content. You release CompleteNoobs.com from all liability for you having acquired or not acquired Content through the Site or the Services. The Site or Services may contain, or direct you to sites containing, information that some people may find offensive or inappropriate. CompleteNoobs.com makes no representations concerning any content contained in or accessed through the Site or Services, and CompleteNoobs.com will not be responsible or liable for the accuracy, copyright compliance, legality or decency of material contained in or accessed through the Site or the Services. THE SERVICE, CONTENT, AND SITE ARE PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. SOME STATES DO NOT ALLOW LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY LASTS, SO THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU. ==Changes to wikis== CompleteNoobs.com reserves the right to close, move, merge, or rename, a wiki for any reason. CompleteNoobs.com shall not be held liable for any modification, suspension or discontinuance of any wiki, or of the service as a whole. ==Advertising== CompleteNoobs.com Advertising and funding page can be found [[COMPLETENOOBS_FUNDING | HERE]]<br \> No Advertising allowed on the Main Wiki pages.<br \> You are allowed to mention which service you used and where to find, but No Affiliate Links are allowed in main wiki pages.<br \> You can open a personal user page <code>index.php/User:<$WIKI_USERNAME></code> where you can place your donations and affiliate links, and links to your other works.<br \> CompleteNoobs.com takes no responsibility for the content of externally provided advertising. The content of advertisements may be protected by copyrights, or other proprietary rights and laws, and should not be assumed to be available under the terms of any free content license. CompleteNoobs.com will never host pop-up adverts. ==Links== The Services may provide, or third parties may provide, links to other World Wide Web sites or resources. Because CompleteNoobs.com has no control over such sites and resources, you acknowledge and agree that CompleteNoobs.com is not responsible for the availability of such external sites or resources, and does not endorse and is not responsible or liable for any Content, advertising, products or other materials on or available from such sites or resources. You further acknowledge and agree that CompleteNoobs.com shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such Content, goods or services available on or through any such site or resource. ==Copyright Complaints== We respect the intellectual property rights of others and we prohibit users from uploading, posting or otherwise transmitting on the CompleteNoobs.com website or service any materials that violate another party's intellectual property rights. When we receive proper Notification of Alleged Copyright Infringement as described in our [[CompleteNoobs:Copyright_Policy|Copyright Policy]], we promptly remove or disable access to the allegedly infringing material and terminate the accounts of repeat infringers as described herein in accordance with the Digital Millenium Copyright Act. If you believe that any material on the Site infringes upon any copyright which you own or control, you may send a written notification of such infringement to our [[Talk:CompleteNoobs:Copyright_Policy |Copyright Policy Discussion Page.]]. Please see our [[CompleteNoobs:Copyright_Policy|Copyright Policy]] for more information on how to report infringement of your copyright. ==User Disputes== You are solely responsible for your interactions with other CompleteNoobs users. We reserve the right, but have no obligation, to monitor disputes between you and other users. ==Collection of personal information== User information is stored on servers in the United Kingdom and other countries. The Only information you need to give to sign up is a UserName, Password and eMail address. he username does not need to be your real name. Therefore, any personal information you choose to give is not compulsory. CompleteNoobs sites are not intended for, and may not be used by, children under the age of 13 years old. You may change your email in your user preferences. If you choose to enter a real name in your preferences, this will be publicly available. However, this field is optional, and there is no requirement for any user to give a real name. Information from our server logs may be stored and used to gather aggregate data about users, and used to determine whether the identity of one or more users is the same in cases of abuse. This data includes your IP address, and details about your browser. Your browser must permit cookies to be set (by *.CompleteNoobs.com) in order for you to log in to CompleteNoobs.com. If you do not make an account on any wiki, you need not accept cookie requests from this site. Pages created and Edited by users will show the username, user's IP address in the page history of the article they edited, and also in other places on the site, including watchlists and recent changes, and in any external feeds made of such pages. ===Data Collected by apache server and fail2ban=== The type of info stored on apache2 access logs <div class="toccolours mw-collapsible mw-collapsed"> Example of The type of Data stored on apache2 access logs<br \> Time, Date, IP address, OS, Browser Used, Action done. <div class="mw-collapsible-content"> <pre> 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /index.php/Main_Page HTTP/1.1" 200 15063 "https://10.3.45.200/index.php?title=MediaWiki:Shoutwiki-loginform-tos&action=edit" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /load.php?lang=en-gb&modules=ext.pageNotice%7Cjquery.makeCollapsible.styles%7Cjquery.tablesorter.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9251 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:54:57 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:55:01 +0000] "GET /index.php/User:Testin HTTP/1.1" 200 5168 "https://10.3.45.200/index.php/Main_Page" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:13:55:02 +0000] "GET /load.php?lang=en-gb&modules=skins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 8414 "https://10.3.45.200/index.php/User:Testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /index.php/User:Greenadmin HTTP/1.1" 200 9723 "https://10.3.45.200/index.php?title=MediaWiki:Shoutwiki-loginform-tos&action=edit" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /load.php?lang=en-gb&modules=skins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 8414 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:23 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.notification%2CvisibleTimeout&skin=vector&version=1v0pl HTTP/1.1" 200 9100 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "POST /api.php HTTP/1.1" 200 984 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:26 +0000] "GET /index.php?title=Special:UserLogout&returnto=User%3AGreenadmin HTTP/1.1" 200 3788 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /index.php?title=Special:UserLogin&returnto=User%3AGreenadmin HTTP/1.1" 200 4556 "https://10.3.45.200/index.php?title=Special:UserLogout&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.htmlform.styles%7Cmediawiki.special.userlogin.common.styles%7Cmediawiki.special.userlogin.login.styles%7Cmediawiki.ui%7Cmediawiki.ui.button%2Ccheckbox%2Cinput%2Cradio%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10621 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:29 +0000] "GET /load.php?lang=en-gb&modules=startup&only=scripts&raw=1&safemode=1&skin=vector HTTP/1.1" 304 618 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:40 +0000] "POST /index.php?title=Special:UserLogin&returnto=User:Greenadmin HTTP/1.1" 302 1492 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:40 +0000] "GET /index.php/User:Greenadmin HTTP/1.1" 200 4471 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=User%3AGreenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:47 +0000] "GET /index.php/Special:SpecialPages HTTP/1.1" 200 6257 "https://10.3.45.200/index.php/User:Greenadmin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:47 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9983 "https://10.3.45.200/index.php/Special:SpecialPages" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:51 +0000] "GET /index.php/Special:UserRights HTTP/1.1" 200 4184 "https://10.3.45.200/index.php/Special:SpecialPages" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:53 +0000] "GET /api.php?action=query&format=json&formatversion=2&list=allusers&auprefix=Test&aulimit=10 HTTP/1.1" 200 655 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:54 +0000] "GET /api.php?action=query&format=json&formatversion=2&list=allusers&auprefix=Testin&aulimit=10 HTTP/1.1" 200 655 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:55 +0000] "GET /index.php?title=Special%3AUserRights&user=testin HTTP/1.1" 200 5769 "https://10.3.45.200/index.php/Special:UserRights" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:08:56 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cmediawiki.interface.helpers.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10181 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "POST /index.php/Special:UserRights HTTP/1.1" 302 1128 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%7Cmediawiki.interface.helpers.styles%7Cmediawiki.notification.convertmessagebox.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 10536 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:02 +0000] "GET /index.php/Special:UserRights/testin HTTP/1.1" 200 5832 "https://10.3.45.200/index.php?title=Special%3AUserRights&user=testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:07 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.searchSuggest&skin=vector&version=4itwt HTTP/1.1" 200 7618 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:09 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=c&namespace=0&limit=10 HTTP/1.1" 200 597 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:10 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=cop&namespace=0&limit=10 HTTP/1.1" 200 600 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:10 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copy&namespace=0&limit=10 HTTP/1.1" 200 601 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyr&namespace=0&limit=10 HTTP/1.1" 200 575 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyri&namespace=0&limit=10 HTTP/1.1" 200 5879 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:11 +0000] "GET /api.php?action=opensearch&format=json&formatversion=2&search=copyright&namespace=0&limit=10 HTTP/1.1" 200 606 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:12 +0000] "GET /index.php?search=copyright&title=Special%3ASearch&go=Go HTTP/1.1" 200 7130 "https://10.3.45.200/index.php/Special:UserRights/testin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:12 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.helplink%2Cspecial%2Cui%7Cmediawiki.special.search.styles%7Cmediawiki.ui.button%2Cinput%7Cmediawiki.widgets.SearchInputWidget.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 21313 "https://10.3.45.200/index.php?search=copyright&title=Special%3ASearch&go=Go" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:14 +0000] "GET /index.php?title=Copyright&action=edit&redlink=1 HTTP/1.1" 200 6405 "https://10.3.45.200/index.php?search=copyright&title=Special%3ASearch&go=Go" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:14 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.action.edit.styles%7Cmediawiki.editfont.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 18053 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "POST /api.php HTTP/1.1" 200 1140 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "POST /index.php?title=Copyright&action=submit HTTP/1.1" 302 1276 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "GET /index.php/Copyright HTTP/1.1" 200 8086 "https://10.3.45.200/index.php?title=Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:41 +0000] "GET /load.php?lang=en-gb&modules=ext.pageNotice%7Cjquery.makeCollapsible.styles%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 9104 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:42 +0000] "GET /resources/src/mediawiki.action/images/check-success.svg?116d2 HTTP/1.1" 200 607 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:43 +0000] "GET /index.php?title=Copyright&action=protect HTTP/1.1" 200 6673 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:44 +0000] "GET /load.php?lang=en-gb&modules=jquery%2Coojs%2Coojs-ui-core%2Csite%7Cjquery.client%2ClengthLimit%7Cmediawiki.String%2CTitle%2Capi%2Cbase%2Ccldr%2Chtmlform%2CjqueryMsg%2Clanguage%2Cutil%7Cmediawiki.action.protect%7Cmediawiki.htmlform.ooui%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready%7Cmediawiki.page.watch.ajax%7Cskins.vector.legacy.js%7Cuser.defaults&skin=vector&version=ibd6y HTTP/1.1" 200 499559 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:44 +0000] "GET /load.php?lang=en-gb&modules=mediawiki.action.styles%7Cmediawiki.htmlform.ooui.styles%7Cmediawiki.htmlform.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1" 200 18758 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:49 +0000] "POST /index.php?title=Copyright&action=protect HTTP/1.1" 302 1112 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:50 +0000] "GET /index.php/Copyright HTTP/1.1" 200 7941 "https://10.3.45.200/index.php?title=Copyright&action=protect" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:53 +0000] "POST /api.php HTTP/1.1" 200 984 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:53 +0000] "GET /index.php?title=Special:UserLogout&returnto=Copyright HTTP/1.1" 200 3747 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:09:55 +0000] "GET /index.php?title=Special:UserLogin&returnto=Copyright HTTP/1.1" 200 4548 "https://10.3.45.200/index.php?title=Special:UserLogout&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:03 +0000] "POST /index.php?title=Special:UserLogin&returnto=Copyright HTTP/1.1" 302 1482 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:04 +0000] "GET /index.php/Copyright HTTP/1.1" 200 7824 "https://10.3.45.200/index.php?title=Special:UserLogin&returnto=Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:07 +0000] "GET /index.php?title=Talk:Copyright&action=edit&redlink=1 HTTP/1.1" 200 6396 "https://10.3.45.200/index.php/Copyright" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "POST /api.php HTTP/1.1" 200 1140 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "POST /index.php?title=Talk:Copyright&action=submit HTTP/1.1" 302 1281 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" 10.3.45.1 - - [27/Jul/2021:14:10:21 +0000] "GET /index.php/Talk:Copyright HTTP/1.1" 200 5164 "https://10.3.45.200/index.php?title=Talk:Copyright&action=edit&redlink=1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example of data stored in Apache error logs:<br \> Date, Time, IP address and port, Action <div class="mw-collapsible-content"> <pre> [Fri Jul 23 04:25:43.125317 2021] [php7:error] [pid 7609] [client 93.157.23.18:55862] script '/var/www/html/mediawiki/c99.php' not found or unable to stat [Fri Jul 23 04:25:43.131058 2021] [php7:error] [pid 7608] [client 93.157.23.18:55852] script '/var/www/html/mediawiki/c99.php' not found or unable to stat </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example of Fail2ban.log data:<br \> Date, Time, IP address <div class="mw-collapsible-content"> <pre> 2021-07-27 12:06:31,021 fail2ban.filter [331]: INFO [mediawiki] Found 10.3.45.1 - 2021-07-27 12:06:31 2021-07-27 12:06:31,291 fail2ban.actions [331]: NOTICE [mediawiki] Ban 10.3.45.1 2021-07-27 12:07:21,629 fail2ban.actions [324]: NOTICE [mediawiki] Restore Ban 10.3.45.1 2021-07-27 12:10:01,086 fail2ban.actions [324]: NOTICE [mediawiki] Unban 10.3.45.1 </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Example in Fail2Log.log:<br \> IP address, Date, Time, Username used <div class="mw-collapsible-content"> <pre> Failed:10.3.45.1 2021-07-27 11:16:07 UTC greenadmin Failed:10.3.45.1 2021-07-27 11:16:15 UTC greenadmin Failed:10.3.45.1 2021-07-27 11:16:50 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:05:59 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:11 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:15 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:23 UTC greenadmin Failed:10.3.45.1 2021-07-27 12:06:31 UTC greenadmin </pre> </div> </div> ==Submissions== You acknowledge and agree that any questions, comments, suggestions, ideas, feedback or other information about the Site or the Service ("Submissions"), provided by you to CompleteNoobs.com are non-confidential and shall become the sole property of CompleteNoobs.com. CompleteNoobs.com shall own exclusive rights, including all intellectual property rights, and shall be entitled to the unrestricted use and dissemination of these Submissions for any purpose, commercial or otherwise, without acknowledgment or compensation to you. ==Termination== CompleteNoobs.com may terminate or suspend any and all Services and your user account immediately, without prior notice or liability, if you breach any of the terms or conditions of the Terms of Use. Upon termination of your account, your right to use the Services will immediately cease. If you wish to terminate your account, you may simply discontinue using the Services. All provisions of the Terms of Use which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability. ==Other== These Terms of Use constitute the entire agreement between you and CompleteNoobs.com regarding the use of the Site and/or the Service, superseding any prior agreements between you and CompleteNoobs.com relating to your use of the Site or the Service. The failure of CompleteNoobs.com to exercise or enforce any right or provision of these Terms of Use shall not constitute a waiver of such right or provision in that or any other instance. If any provision of this Agreement is held invalid, the remainder of this Agreement shall continue in full force and effect. If any provision of these Terms of Use shall be deemed unlawful, void or for any reason unenforceable, then that provision shall be deemed severable from these Terms of Use and shall not affect the validity and enforceability of any remaining provisions. ==Supremacy of English Language Terms of Use== Where a translation of these Terms of use is inconsistent with the English language version, the English language version shall prevail. hoivkql3dt4g8m2sv4jr2cq4o71167n 0 62 212 2023-03-24T01:55:56Z Noob 1 Created page with "==tested with ubuntu-mate 20.04 using celluoid == To play encrypted DVDs on ubuntu you need to install <code>libdvd-pkg</code> which does not come preinstalled on ubuntu-mate 20.04.<br> <br> <code>sudo apt install libdvd-pkg && sudo dpkg-reconfigure libdvd-pkg</code><br> <br> And now you can watch encrypted DVDs using celluloid.<br>" 212 wikitext text/x-wiki ==tested with ubuntu-mate 20.04 using celluoid == To play encrypted DVDs on ubuntu you need to install <code>libdvd-pkg</code> which does not come preinstalled on ubuntu-mate 20.04.<br> <br> <code>sudo apt install libdvd-pkg && sudo dpkg-reconfigure libdvd-pkg</code><br> <br> And now you can watch encrypted DVDs using celluloid.<br> s2elr0n9ncec4or8sk0e17qb6gxjhny 0 63 214 2023-03-27T21:43:12Z Noob 1 Created page with "PlaceHolder for tuts on <b>passing gpu to vm</b><br> ==List of walkthroughs== [[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970|Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970]]" 214 wikitext text/x-wiki PlaceHolder for tuts on <b>passing gpu to vm</b><br> ==List of walkthroughs== [[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970|Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970]] a6zb767fiujoxapeijp0bp9y5uv3asa 0 64 215 2023-03-27T21:44:06Z Noob 1 Created page with "==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage..." 215 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> ==Install KVM and VirtManager to create a VM== Your $USER is the username you use to login to your account.<br> On terminal prompt you should see <code>$USER@$HOSTNAME:~$</code><br> Note the <code>$</code> at the end.<br> If terminal prompt end's with a <code>#</code> you are logged in as root.<br> You can see your user name by typing in <code>whoami</code> to the terminal and/or <code>id</code><br> <b>id</b> will also display which <b>groups</b> your $USER is in.<br> <br> Install required packages:<br> <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code><br> <br> Creating a Group and add $USER to group, this will allow us to run <b>virt-manager</b> without the need to <b>sudo</b><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter.<br> <br> For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal:<br> <code>getent group sudo</code><br> <br> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output.<br> <br> Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command:<br> <code>grep "^sudo:" /etc/group</code><br> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <br> Add your user name to the group:<br> SYNTAX: <code>sudo adduser $USER libvirtd</code><br> <code>sudo adduser ubunix libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> <br> <code>reboot</code><br> Reboot to avoid error: <pre> virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>wirsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag. Tested with 'sniper elite 2' works fine. No sound due to my monitor not having speakers. will test with usb headfones. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu 6abn3g89xjklobn5h597n1n86nexnrq 216 215 2023-03-27T21:44:27Z Noob 1 /* Virtual Machine Manager */ 216 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> ==Install KVM and VirtManager to create a VM== Your $USER is the username you use to login to your account.<br> On terminal prompt you should see <code>$USER@$HOSTNAME:~$</code><br> Note the <code>$</code> at the end.<br> If terminal prompt end's with a <code>#</code> you are logged in as root.<br> You can see your user name by typing in <code>whoami</code> to the terminal and/or <code>id</code><br> <b>id</b> will also display which <b>groups</b> your $USER is in.<br> <br> Install required packages:<br> <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code><br> <br> Creating a Group and add $USER to group, this will allow us to run <b>virt-manager</b> without the need to <b>sudo</b><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter.<br> <br> For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal:<br> <code>getent group sudo</code><br> <br> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output.<br> <br> Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command:<br> <code>grep "^sudo:" /etc/group</code><br> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <br> Add your user name to the group:<br> SYNTAX: <code>sudo adduser $USER libvirtd</code><br> <code>sudo adduser ubunix libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> <br> <code>reboot</code><br> Reboot to avoid error: <pre> virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>wirsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag. Tested with 'sniper elite 2' works fine. No sound due to my monitor not having speakers. will test with usb headfones. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu 2p6wavo0y2z9u4mw8ue8ylad8chewt6 217 216 2023-03-27T22:07:24Z Noob 1 /* Check that IOMMU is enabled */ 217 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> ==Install KVM and VirtManager to create a VM== Your $USER is the username you use to login to your account.<br> On terminal prompt you should see <code>$USER@$HOSTNAME:~$</code><br> Note the <code>$</code> at the end.<br> If terminal prompt end's with a <code>#</code> you are logged in as root.<br> You can see your user name by typing in <code>whoami</code> to the terminal and/or <code>id</code><br> <b>id</b> will also display which <b>groups</b> your $USER is in.<br> <br> Install required packages:<br> <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code><br> <br> Creating a Group and add $USER to group, this will allow us to run <b>virt-manager</b> without the need to <b>sudo</b><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter.<br> <br> For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal:<br> <code>getent group sudo</code><br> <br> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output.<br> <br> Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command:<br> <code>grep "^sudo:" /etc/group</code><br> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <br> Add your user name to the group:<br> SYNTAX: <code>sudo adduser $USER libvirtd</code><br> <code>sudo adduser ubunix libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> <br> <code>reboot</code><br> Reboot to avoid error: <pre> virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>wirsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag. Tested with 'sniper elite 2' works fine. No sound due to my monitor not having speakers. will test with usb headfones. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu f95dwj2lex3zagrq7z0ubjcgfq8xrq4 218 217 2023-03-27T22:07:37Z Noob 1 /* Find your GPU */ 218 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> ==Install KVM and VirtManager to create a VM== Your $USER is the username you use to login to your account.<br> On terminal prompt you should see <code>$USER@$HOSTNAME:~$</code><br> Note the <code>$</code> at the end.<br> If terminal prompt end's with a <code>#</code> you are logged in as root.<br> You can see your user name by typing in <code>whoami</code> to the terminal and/or <code>id</code><br> <b>id</b> will also display which <b>groups</b> your $USER is in.<br> <br> Install required packages:<br> <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code><br> <br> Creating a Group and add $USER to group, this will allow us to run <b>virt-manager</b> without the need to <b>sudo</b><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter.<br> <br> For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal:<br> <code>getent group sudo</code><br> <br> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output.<br> <br> Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command:<br> <code>grep "^sudo:" /etc/group</code><br> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <br> Add your user name to the group:<br> SYNTAX: <code>sudo adduser $USER libvirtd</code><br> <code>sudo adduser ubunix libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> <br> <code>reboot</code><br> Reboot to avoid error: <pre> virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>wirsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag. Tested with 'sniper elite 2' works fine. No sound due to my monitor not having speakers. will test with usb headfones. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu 97ux06jtjyynybi41yroo4zpomm2hu4 219 218 2023-03-28T02:45:08Z Noob 1 /* End Notes */ 219 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> ==Install KVM and VirtManager to create a VM== Your $USER is the username you use to login to your account.<br> On terminal prompt you should see <code>$USER@$HOSTNAME:~$</code><br> Note the <code>$</code> at the end.<br> If terminal prompt end's with a <code>#</code> you are logged in as root.<br> You can see your user name by typing in <code>whoami</code> to the terminal and/or <code>id</code><br> <b>id</b> will also display which <b>groups</b> your $USER is in.<br> <br> Install required packages:<br> <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code><br> <br> Creating a Group and add $USER to group, this will allow us to run <b>virt-manager</b> without the need to <b>sudo</b><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter.<br> <br> For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal:<br> <code>getent group sudo</code><br> <br> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output.<br> <br> Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command:<br> <code>grep "^sudo:" /etc/group</code><br> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <br> Add your user name to the group:<br> SYNTAX: <code>sudo adduser $USER libvirtd</code><br> <code>sudo adduser ubunix libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> <br> <code>reboot</code><br> Reboot to avoid error: <pre> virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>wirsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag. Tested with 'sniper ghost warrior' works fine. No sound due to my monitor not having speakers. will test with usb headfones. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu dn3fp2otjjfx237g8hb2bl9q8m11gzt 220 219 2023-03-28T11:58:58Z Noob 1 /* After shutting down windows edit the VM's Config file */ 220 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> ==Install KVM and VirtManager to create a VM== Your $USER is the username you use to login to your account.<br> On terminal prompt you should see <code>$USER@$HOSTNAME:~$</code><br> Note the <code>$</code> at the end.<br> If terminal prompt end's with a <code>#</code> you are logged in as root.<br> You can see your user name by typing in <code>whoami</code> to the terminal and/or <code>id</code><br> <b>id</b> will also display which <b>groups</b> your $USER is in.<br> <br> Install required packages:<br> <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code><br> <br> Creating a Group and add $USER to group, this will allow us to run <b>virt-manager</b> without the need to <b>sudo</b><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter.<br> <br> For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal:<br> <code>getent group sudo</code><br> <br> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output.<br> <br> Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command:<br> <code>grep "^sudo:" /etc/group</code><br> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <br> Add your user name to the group:<br> SYNTAX: <code>sudo adduser $USER libvirtd</code><br> <code>sudo adduser ubunix libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> <br> <code>reboot</code><br> Reboot to avoid error: <pre> virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag. Tested with 'sniper ghost warrior' works fine. No sound due to my monitor not having speakers. will test with usb headfones. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu rg18bqzbipbkg8tb102fq11qm4vdtp4 221 220 2023-03-28T13:11:42Z Noob 1 /* End Notes */ 221 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> ==Install KVM and VirtManager to create a VM== Your $USER is the username you use to login to your account.<br> On terminal prompt you should see <code>$USER@$HOSTNAME:~$</code><br> Note the <code>$</code> at the end.<br> If terminal prompt end's with a <code>#</code> you are logged in as root.<br> You can see your user name by typing in <code>whoami</code> to the terminal and/or <code>id</code><br> <b>id</b> will also display which <b>groups</b> your $USER is in.<br> <br> Install required packages:<br> <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code><br> <br> Creating a Group and add $USER to group, this will allow us to run <b>virt-manager</b> without the need to <b>sudo</b><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter.<br> <br> For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal:<br> <code>getent group sudo</code><br> <br> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output.<br> <br> Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command:<br> <code>grep "^sudo:" /etc/group</code><br> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <br> Add your user name to the group:<br> SYNTAX: <code>sudo adduser $USER libvirtd</code><br> <code>sudo adduser ubunix libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> <br> <code>reboot</code><br> Reboot to avoid error: <pre> virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag. Tested with 'sniper ghost warrior' works fine. No sound due to my monitor not having speakers. will test with usb headfones. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu 6w22j8why20d4rnlsq474vnww3qfsqa 222 221 2023-03-28T13:12:25Z Noob 1 /* End Notes */ 222 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> ==Install KVM and VirtManager to create a VM== Your $USER is the username you use to login to your account.<br> On terminal prompt you should see <code>$USER@$HOSTNAME:~$</code><br> Note the <code>$</code> at the end.<br> If terminal prompt end's with a <code>#</code> you are logged in as root.<br> You can see your user name by typing in <code>whoami</code> to the terminal and/or <code>id</code><br> <b>id</b> will also display which <b>groups</b> your $USER is in.<br> <br> Install required packages:<br> <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code><br> <br> Creating a Group and add $USER to group, this will allow us to run <b>virt-manager</b> without the need to <b>sudo</b><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter.<br> <br> For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal:<br> <code>getent group sudo</code><br> <br> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output.<br> <br> Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command:<br> <code>grep "^sudo:" /etc/group</code><br> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <br> Add your user name to the group:<br> SYNTAX: <code>sudo adduser $USER libvirtd</code><br> <code>sudo adduser ubunix libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> <br> <code>reboot</code><br> Reboot to avoid error: <pre> virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu fw1lauhxrjdx2d87taelgj74x8069v5 223 222 2023-03-28T13:13:19Z Noob 1 /* Update initramfs */ 223 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> ==Install KVM and VirtManager to create a VM== Your $USER is the username you use to login to your account.<br> On terminal prompt you should see <code>$USER@$HOSTNAME:~$</code><br> Note the <code>$</code> at the end.<br> If terminal prompt end's with a <code>#</code> you are logged in as root.<br> You can see your user name by typing in <code>whoami</code> to the terminal and/or <code>id</code><br> <b>id</b> will also display which <b>groups</b> your $USER is in.<br> <br> Install required packages:<br> <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code><br> <br> Creating a Group and add $USER to group, this will allow us to run <b>virt-manager</b> without the need to <b>sudo</b><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter.<br> <br> For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal:<br> <code>getent group sudo</code><br> <br> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output.<br> <br> Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command:<br> <code>grep "^sudo:" /etc/group</code><br> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <br> Add your user name to the group:<br> SYNTAX: <code>sudo adduser $USER libvirtd</code><br> <code>sudo adduser ubunix libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> <br> <code>reboot</code><br> Reboot to avoid error: <pre> virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu 6eoxz7bu8vduxi2s59n63vujle0ywze 224 223 2023-03-28T13:14:22Z Noob 1 /* vfio */ 224 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> ==Install KVM and VirtManager to create a VM== Your $USER is the username you use to login to your account.<br> On terminal prompt you should see <code>$USER@$HOSTNAME:~$</code><br> Note the <code>$</code> at the end.<br> If terminal prompt end's with a <code>#</code> you are logged in as root.<br> You can see your user name by typing in <code>whoami</code> to the terminal and/or <code>id</code><br> <b>id</b> will also display which <b>groups</b> your $USER is in.<br> <br> Install required packages:<br> <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code><br> <br> Creating a Group and add $USER to group, this will allow us to run <b>virt-manager</b> without the need to <b>sudo</b><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter.<br> <br> For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal:<br> <code>getent group sudo</code><br> <br> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output.<br> <br> Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command:<br> <code>grep "^sudo:" /etc/group</code><br> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <br> Add your user name to the group:<br> SYNTAX: <code>sudo adduser $USER libvirtd</code><br> <code>sudo adduser ubunix libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> <br> <code>reboot</code><br> Reboot to avoid error: <pre> virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu tg318fl5yswr246w3giuj7424w2bar6 228 224 2023-03-29T00:43:19Z Noob 1 /* Install KVM and VirtManager to create a VM */ 228 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu f1xmeiyrfju7ampebzrmb5qi3bh909c 236 228 2023-03-29T22:16:15Z Noob 1 /* Grub */ 236 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== {{#evu:https://www.youtube.com/watch?v=wB4gvSgYmfY |alignment=inline }}<br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu rdeqghdc1lxp5ny5fokisryjqkw68n9 237 236 2023-03-29T22:20:33Z Noob 1 /* Check that IOMMU is enabled */ 237 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== {{#evu:https://www.youtube.com/watch?v=wB4gvSgYmfY |alignment=inline }}<br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== {{#evu:https://www.youtube.com/watch?v=SM7v-XQfvh4 |alignment=inline }}<br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu qz3nxsdlcu489e4v77hx7jzlebrkxpy 238 237 2023-03-29T22:23:19Z Noob 1 /* Installing KVM and VirtManager to Create a VM */ 238 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== {{#evu:https://www.youtube.com/watch?v=wB4gvSgYmfY |alignment=inline }}<br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== {{#evu:https://www.youtube.com/watch?v=SM7v-XQfvh4 |alignment=inline }}<br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == {{#evu:https://www.youtube.com/watch?v=GKHIlUP2XSc |alignment=inline }} To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu 7jf1i6xcqx0s3jj5btssm4tn7blqozt 239 238 2023-03-29T22:26:12Z Noob 1 /* Virtual Machine Manager */ 239 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== {{#evu:https://www.youtube.com/watch?v=wB4gvSgYmfY |alignment=inline }}<br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== {{#evu:https://www.youtube.com/watch?v=SM7v-XQfvh4 |alignment=inline }}<br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == {{#evu:https://www.youtube.com/watch?v=GKHIlUP2XSc |alignment=inline }} To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== {{#evu:https://www.youtube.com/watch?v=jhoI6MIdHrc |alignment=inline }}<br> Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu b6zm36yvoe08l1ddk8f0s6ro1xamyuz 240 239 2023-03-29T22:44:31Z Noob 1 /* Install Windows 10 and update */ 240 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== {{#evu:https://www.youtube.com/watch?v=wB4gvSgYmfY |alignment=inline }}<br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== {{#evu:https://www.youtube.com/watch?v=SM7v-XQfvh4 |alignment=inline }}<br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == {{#evu:https://www.youtube.com/watch?v=GKHIlUP2XSc |alignment=inline }} To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== {{#evu:https://www.youtube.com/watch?v=jhoI6MIdHrc |alignment=inline }}<br> Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== {{#evu:https://www.youtube.com/watch?v=07sTymJaWvw |alignment=inline }} Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu sd342v1hbewdwd0f41o4nhvzodzw6wi 241 240 2023-03-29T22:47:36Z Noob 1 /* After shutting down windows edit the VM's Config file */ 241 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== {{#evu:https://www.youtube.com/watch?v=wB4gvSgYmfY |alignment=inline }}<br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== {{#evu:https://www.youtube.com/watch?v=SM7v-XQfvh4 |alignment=inline }}<br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == {{#evu:https://www.youtube.com/watch?v=GKHIlUP2XSc |alignment=inline }} To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== {{#evu:https://www.youtube.com/watch?v=jhoI6MIdHrc |alignment=inline }}<br> Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> =====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==== Install Windows 10 and update ==== {{#evu:https://www.youtube.com/watch?v=07sTymJaWvw |alignment=inline }} Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== {{#evu:https://www.youtube.com/watch?v=CCKbp-n6xRo |alignment=inline }} To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu hc46ibryrp70r7iltl3a4zl7c2ro11r 242 241 2023-03-29T22:47:56Z Noob 1 /* Notes */ 242 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== {{#evu:https://www.youtube.com/watch?v=wB4gvSgYmfY |alignment=inline }}<br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== {{#evu:https://www.youtube.com/watch?v=SM7v-XQfvh4 |alignment=inline }}<br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == {{#evu:https://www.youtube.com/watch?v=GKHIlUP2XSc |alignment=inline }} To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== {{#evu:https://www.youtube.com/watch?v=jhoI6MIdHrc |alignment=inline }}<br> Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> ==== Install Windows 10 and update ==== {{#evu:https://www.youtube.com/watch?v=07sTymJaWvw |alignment=inline }} Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== {{#evu:https://www.youtube.com/watch?v=CCKbp-n6xRo |alignment=inline }} To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu r3w5o8femqfck8hdyztwiw7isd8t54y 243 242 2023-03-29T22:50:02Z Noob 1 /* Full Config file - before and after */ 243 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== {{#evu:https://www.youtube.com/watch?v=wB4gvSgYmfY |alignment=inline }}<br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== {{#evu:https://www.youtube.com/watch?v=SM7v-XQfvh4 |alignment=inline }}<br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == {{#evu:https://www.youtube.com/watch?v=GKHIlUP2XSc |alignment=inline }} To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== {{#evu:https://www.youtube.com/watch?v=jhoI6MIdHrc |alignment=inline }}<br> Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> ==== Install Windows 10 and update ==== {{#evu:https://www.youtube.com/watch?v=07sTymJaWvw |alignment=inline }} Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== {{#evu:https://www.youtube.com/watch?v=CCKbp-n6xRo |alignment=inline }} To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo>=====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> =====Notes - Mouse and Keyboard Redirect===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> {{#evu:https://www.youtube.com/watch?v=RjavWiqj_VM |alignment=inline }} To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu 6swpneng0qji2woyf0svvcbktegbbm1 389 243 2023-05-04T17:58:53Z AwesomO 5 /* Grub */ 389 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <youtube>wB4gvSgYmfY</youtube> <br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== {{#evu:https://www.youtube.com/watch?v=SM7v-XQfvh4 |alignment=inline }}<br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == {{#evu:https://www.youtube.com/watch?v=GKHIlUP2XSc |alignment=inline }} To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== {{#evu:https://www.youtube.com/watch?v=jhoI6MIdHrc |alignment=inline }}<br> Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> ==== Install Windows 10 and update ==== {{#evu:https://www.youtube.com/watch?v=07sTymJaWvw |alignment=inline }} Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== {{#evu:https://www.youtube.com/watch?v=CCKbp-n6xRo |alignment=inline }} To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo>=====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> =====Notes - Mouse and Keyboard Redirect===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> {{#evu:https://www.youtube.com/watch?v=RjavWiqj_VM |alignment=inline }} To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu tgi05cfgbob4bol4xgrsojn1opg2dw9 390 389 2023-05-04T17:59:49Z AwesomO 5 /* Check that IOMMU is enabled */ 390 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <youtube>wB4gvSgYmfY</youtube> <br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <youtube>SM7v-XQfvh4</youtube> <br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == {{#evu:https://www.youtube.com/watch?v=GKHIlUP2XSc |alignment=inline }} To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== {{#evu:https://www.youtube.com/watch?v=jhoI6MIdHrc |alignment=inline }}<br> Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> ==== Install Windows 10 and update ==== {{#evu:https://www.youtube.com/watch?v=07sTymJaWvw |alignment=inline }} Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== {{#evu:https://www.youtube.com/watch?v=CCKbp-n6xRo |alignment=inline }} To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo>=====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> =====Notes - Mouse and Keyboard Redirect===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> {{#evu:https://www.youtube.com/watch?v=RjavWiqj_VM |alignment=inline }} To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu d92qcyakzv3zssindtt7hvh43d6f0xs 391 390 2023-05-04T18:00:26Z AwesomO 5 /* Installing KVM and VirtManager to Create a VM */ 391 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <youtube>wB4gvSgYmfY</youtube> <br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <youtube>SM7v-XQfvh4</youtube> <br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == <youtube>GKHIlUP2XSc</youtube> To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== {{#evu:https://www.youtube.com/watch?v=jhoI6MIdHrc |alignment=inline }}<br> Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> ==== Install Windows 10 and update ==== {{#evu:https://www.youtube.com/watch?v=07sTymJaWvw |alignment=inline }} Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== {{#evu:https://www.youtube.com/watch?v=CCKbp-n6xRo |alignment=inline }} To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo>=====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> =====Notes - Mouse and Keyboard Redirect===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> {{#evu:https://www.youtube.com/watch?v=RjavWiqj_VM |alignment=inline }} To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu pjamea35lgtzp7x7wj2trvd8injwehv 392 391 2023-05-04T18:01:00Z AwesomO 5 /* Virtual Machine Manager */ 392 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <youtube>wB4gvSgYmfY</youtube> <br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <youtube>SM7v-XQfvh4</youtube> <br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == <youtube>GKHIlUP2XSc</youtube> To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== <youtube>jhoI6MIdHrc</youtube> <br> Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> ==== Install Windows 10 and update ==== {{#evu:https://www.youtube.com/watch?v=07sTymJaWvw |alignment=inline }} Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== {{#evu:https://www.youtube.com/watch?v=CCKbp-n6xRo |alignment=inline }} To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo>=====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> =====Notes - Mouse and Keyboard Redirect===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> {{#evu:https://www.youtube.com/watch?v=RjavWiqj_VM |alignment=inline }} To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu 5mfo68vb6zllfeulsxsz0wrkzol928r 393 392 2023-05-04T18:01:34Z AwesomO 5 /* Install Windows 10 and update */ 393 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <youtube>wB4gvSgYmfY</youtube> <br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <youtube>SM7v-XQfvh4</youtube> <br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == <youtube>GKHIlUP2XSc</youtube> To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== <youtube>jhoI6MIdHrc</youtube> <br> Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> ==== Install Windows 10 and update ==== <youtube>07sTymJaWvw</youtube> Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== {{#evu:https://www.youtube.com/watch?v=CCKbp-n6xRo |alignment=inline }} To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo>=====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> =====Notes - Mouse and Keyboard Redirect===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> {{#evu:https://www.youtube.com/watch?v=RjavWiqj_VM |alignment=inline }} To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu 2h4028v7s19ocjxwo8raey2uf0vmerp 394 393 2023-05-04T18:01:48Z AwesomO 5 /* Install Windows 10 and update */ 394 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <youtube>wB4gvSgYmfY</youtube> <br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <youtube>SM7v-XQfvh4</youtube> <br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == <youtube>GKHIlUP2XSc</youtube> To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== <youtube>jhoI6MIdHrc</youtube> <br> Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> ==== Install Windows 10 and update ==== <youtube>07sTymJaWvw</youtube> Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== {{#evu:https://www.youtube.com/watch?v=CCKbp-n6xRo |alignment=inline }} To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo>=====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> =====Notes - Mouse and Keyboard Redirect===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> {{#evu:https://www.youtube.com/watch?v=RjavWiqj_VM |alignment=inline }} To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu qzaxdiz1bzmgu6ivjpt3ii1u554j7nn 395 394 2023-05-04T18:02:25Z AwesomO 5 /* After shutting down windows edit the VM's Config file */ 395 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <youtube>wB4gvSgYmfY</youtube> <br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <youtube>SM7v-XQfvh4</youtube> <br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == <youtube>GKHIlUP2XSc</youtube> To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== <youtube>jhoI6MIdHrc</youtube> <br> Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> ==== Install Windows 10 and update ==== <youtube>07sTymJaWvw</youtube> Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== <youtube>CCKbp-n6xRo</youtube> To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo>=====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> =====Notes - Mouse and Keyboard Redirect===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> {{#evu:https://www.youtube.com/watch?v=RjavWiqj_VM |alignment=inline }} To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu b7ebrv9rr7ybqmizdxzo53p1p1p1gpq 396 395 2023-05-04T18:03:05Z AwesomO 5 /* Notes - Mouse and Keyboard Redirect */ 396 wikitext text/x-wiki ==Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X== Hardware:<br> * Thinkpad t470 - 256GB HD, 8GB RAM * razer core x * GTX 970 GT * Ubuntu Desktop 22.04 installed. Thunderbolt 3 - detected as USB3.0 (5000M). But works :)<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lsusb -t</code> OutPut: <div class="mw-collapsible-content"> <pre> /: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M |__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M |__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M |__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M |__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M |__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M |__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo lshw | grep -A10 -i usb</code> OutPut: <div class="mw-collapsible-content"> <pre> capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-pci description: Host bridge product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers vendor: Intel Corporation physical id: 100 bus info: pci@0000:00:00.0 version: 08 width: 32 bits clock: 33MHz configuration: driver=skl_uncore -- *-usb description: USB controller product: Sunrise Point-LP USB 3.0 xHCI Controller vendor: Intel Corporation physical id: 14 bus info: pci@0000:00:14.0 version: 21 width: 64 bits clock: 33MHz capabilities: pm msi xhci bus_master cap_list configuration: driver=xhci_hcd latency=0 resources: irq:127 memory:ec220000-ec22ffff *-usbhost:0 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 0 bus info: usb@1 logical name: usb1 version: 5.19 capabilities: usb-2.00 configuration: driver=hub slots=12 speed=480Mbit/s *-usb:0 description: Bluetooth wireless interface product: Bluetooth wireless interface vendor: Intel Corp. physical id: 7 bus info: usb@1:7 version: 0.01 capabilities: bluetooth usb-2.00 configuration: driver=btusb maxpower=100mA speed=12Mbit/s *-usb:1 description: Video product: Integrated Camera: Integrated C vendor: SunplusIT Inc physical id: 8 bus info: usb@1:8 logical name: input8 logical name: /dev/input/event6 version: 0.10 capabilities: usb-2.00 usb configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s *-usb:2 UNCLAIMED description: Generic USB device vendor: Validity Sensors, Inc. physical id: 9 bus info: usb@1:9 version: 1.64 serial: ff1e8c196451 capabilities: usb-2.00 configuration: maxpower=100mA speed=12Mbit/s *-usbhost:1 product: xHCI Host Controller vendor: Linux 5.19.0-35-generic xhci-hcd physical id: 1 bus info: usb@2 logical name: usb2 version: 5.19 capabilities: usb-3.00 configuration: driver=hub slots=6 speed=5000Mbit/s *-usb description: Mass storage device product: USB3.0-CRW vendor: Generic physical id: 3 bus info: usb@2:3 logical name: scsi0 version: 2.04 serial: 20120501030900000 capabilities: usb-3.00 scsi emulated scsi-host configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s *-disk description: SCSI Disk product: SD/MMC vendor: Generic- physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 1.00 serial: 2012090114345300 capabilities: removable </pre> </div> </div> ===Windows 10 ISO=== Download a Windows 10 ISO for the Virtual Machine<br> https://www.microsoft.com/en-us/software-download/windows10ISO ===VT-d - bios=== Check VT-d enabled on bios <br> When you press the power button, press and hold <b>F1</b> to enter into bios mode.<br> Security > Virtualization<br> Intel (R) Virtualization Technology [ENABLE]<br> Inter (R) VT-d Feature [ENABLE]<br> ====Check==== <code>cat /proc/cpuinfo | grep --color vmx</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Explained: <div class="mw-collapsible-content"> The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features. The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep". The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx". The "--color" option is used to highlight the search pattern in the output, making it easier to identify. So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /proc/cpuinfo | grep --color vmx</code> Returned Output: <div class="mw-collapsible-content"> <pre> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml </pre> </div> </div> ===Grub=== <youtube>wB4gvSgYmfY</youtube> <br> <code>sudo $EDITOR /etc/default/grub</code><br> Insert the option to <b>GRUB_CMDLINE_LINUX_DEFAULT=""</b> <code>intel_iommu=on kvm.ignore_msrs=1</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Before <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After <div class="mw-collapsible-content"> <pre> # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>intel_iommu=on kvm.ignore_msrs=1</code> <div class="mw-collapsible-content"> <pre> intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean: intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access. kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads. </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Info the <code>/etc/defaults</code> directory <div class="mw-collapsible-content"> <pre> In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options. </pre> </div> </div> ====Update Grub==== <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code><br> Reboot so kernel boot parameters can be applied.<br> <code>reboot</code> <div class="toccolours mw-collapsible mw-collapsed"> Info: <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> <div class="mw-collapsible-content"> * <code>grub-mkconfig</code> : This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information. * <code>-o /boot/grub/grub.cfg</code> : This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems. </div> </div> ===Check that IOMMU is enabled=== <youtube>SM7v-XQfvh4</youtube> <br> <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Return Output: Before editing Grub <div class="mw-collapsible-content"> <pre> [ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After editing Grub <div class="mw-collapsible-content"> <pre> [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O </pre> </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>sudo dmesg | grep -i -e DMAR -e IOMMU</code> <div class="mw-collapsible-content"> * <code>dmesg</code> : This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel. * <code>|</code> : This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep. * <code>grep</code> : This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU". * <code>-i</code> : This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case. * <code>-e</code> : This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU". * DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system. * IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices. </div> </div> ===Find your GPU=== <code>lspci -nnk</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Info <code>lspci -nnk</code> <div class="mw-collapsible-content"> <code>lspci</code> is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information: * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device. * -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device. When you run the <code>lspci -nnk</code> command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use. </div> </div> <br> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut Before plugging in 'Razer Core X' <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>lspci -nnk</code> OutPut After plugging in Razer Core X <div class="mw-collapsible-content"> <pre> 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme </pre> </div> </div> <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel </pre> ===vfio.conf=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>vfio.conf</b> <div class="mw-collapsible-content"> <b>vfio.conf</b> is a configuration file used by the VFIO driver in Linux. <br> The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.<br> <br> The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.<br> <br> The contents of vfio.conf can vary depending on the specific use case, but some common configurations include: * Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example: <pre> options vfio-pci ids=10de:13c2,10de:0fbb </pre><br> <br> This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.<br> This configuration assigns two NVIDIA GPUs to VFIO and blacklists the <b>nouveau</b> and <b>nvidiafb</b> kernel drivers so that they don't claim the GPUs. <pre> options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb </pre> <br> * Additional options: The <b>vfio.conf</b> file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:<br> This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts. <pre> options vfio_iommu_type1 allow_unsafe_interrupts=1 </pre> <br> Overall, <b>vfio.conf</b> provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines. <br> </div> </div> Create a new file called <code>vfio.conf</code> in the <b>/etc/modprobe.d/</b> directory.<br> <div class="toccolours mw-collapsible mw-collapsed"> The <code>/etc/modprobe.d/</code> directory explanation: <div class="mw-collapsible-content"> The <b>/etc/modprobe.d/</b> directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.<br> <br> Each configuration file in <b>/etc/modprobe.d/</b> specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.<br> <br> The name of each configuration file in the <b>/etc/modprobe.d/</b> directory must end with the <b>.conf</b> extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.<br> <br> Here are some examples of how you might use the <b>/etc/modprobe.d/</b> directory:<br> * Blacklisting modules: You can use the <b>/etc/modprobe.d/</b> directory to prevent certain kernel modules from loading. For example, you can create a file called <b>/etc/modprobe.d/blacklist-nouveau.conf</b> with the following contents to prevent the <b>nouveau</b> driver (used for NVIDIA graphics cards) from being loaded: <pre> blacklist nouveau </pre> <br> * Setting module options: You can also use the <b>/etc/modprobe.d/</b> directory to specify options for a particular kernel module. For example, you can create a file called <b>/etc/modprobe.d/alsa-base.conf</b> with the following contents to set the default sound card to the second card on the system: <pre> options snd_hda_intel index=1 </pre> <br> * Loading modules: You can use the <b>/etc/modprobe.d/</b> directory to load kernel modules at boot time. For example, you can create a file called <b>/etc/modprobe.d/local.conf</b> with the following contents to load the <b>acpi_call</b> module at boot time: <pre> # Load acpi_call at boot time acpi_call </pre> <br> Overall, the <b>/etc/modprobe.d/</b> directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.<br> </div> </div> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> <br> ===Update <b>initramfs</b>=== <div class="toccolours mw-collapsible mw-collapsed"> Info <b>initramfs</b>: <div class="mw-collapsible-content"> The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.<br> <br> When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.<br> <br> The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.<br> <br> The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.<br> <br> Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system. </div> </div> <code>sudo update-initramfs -u</code><br> And reboot your computer:<br> <code>reboot</code><br> <br> <b>Note:</b>[[Ubuntu_KVM_to_Windows_10_-_Thinkpad_T470_-_Razer_Core_X_-_GTX_970#Undo_Passthrough|Sound will not work on Host Ubuntu now we have blacklisted <b>snd_hda_intel</b> to return sound to laptop read <b>Undo Passthrough</b>]].<br> ===Check Kernel driver not in use=== <code>lspci -nnk</code><br> <br> OutPut: <pre> 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel </pre> == Installing KVM and VirtManager to Create a VM == <youtube>GKHIlUP2XSc</youtube> To install the required packages, run the following command: <code>sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils</code> To create a group and add your user to the group, run the following commands: <div class="toccolours mw-collapsible mw-collapsed"> <code> getent group libvirtd</code> Check if the <b>group</b> already exists: <div class="mw-collapsible-content"> To check if a group is already present on an Ubuntu system, you can use the <b>getent</b> command along with the <b>group</b> argument and specify the name of the group as a parameter. For example, to check if the <b>sudo</b> group exists on the system, you can run the following command in a terminal: <code>getent group sudo</code> If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output. Alternatively, you can use the <b>grep</b> command to search for the group name in the <b>/etc/group file</b>, which is the file that stores information about system groups on Ubuntu. For example, to search for the <b>sudo</b> group, you can run the following command: <code>grep "^sudo:" /etc/group</code> If the group exists, the command will output information about the group in the same format as the <b>getent</b> command. If the group does not exist, the command will not produce any output. </div> </div> <code>sudo addgroup libvirtd</code><br> <code>sudo adduser $USER libvirtd</code><br> <code>sudo apt-get install virt-manager</code><br> After installing the packages and adding your user to the group, reboot your system: <code>reboot</code> This will avoid the following error when trying to connect to libvirt: <pre>virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running</pre> ===Virtual Machine Manager=== <youtube>jhoI6MIdHrc</youtube> <br> Start <b>Virtual Machine Manager</b>:<br> <code>virt-manager</code><br><br> Create a new virtual machine Step 1 Local install media (ISO image or CDROM) Step 2 Choose ISO or CDROM install media: Click <b>Browse</b> and select your windows10.iso Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter <b>Microsoft Windows 10</b> in search bar. Step 3 Choose Memory and CPU settings: Memory: 4096MiB CPUs: 2 Step 4 Tick <b>Enable storage for this virtual machine</b> Tick <b>create a disk image for the virtual machine</b> 140 GiB Step 5 Name:NAME_OF_VM Tick <b>Customize configuration before install</b> ==== Config VM before booting==== OverView: <b>Hypervisor Details</b> 'Chipset' = 'Q35' 'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd' Boot Options: <b>Boot device order</b>: Untick - Enable boot menu Select/Tick SATA CDROM1 SATA Disk 1 Display Spice: <b>Spice Server</b>: Type: Spice server Listen type: Address Address: Hypervisor default Port: tick 'Auto' Click '<b>Add Hardware</b>' button at bottom left - new window '<b>Add New Virtual Hardware</b>' will pop up. Click '<b>PCI Host Device</b>' on the left hand side Select your <b>GPU</b> and <b>GPU Audio Controller</b>: '0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]' '0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller' Select and click '<b>Finish</b>' - reopen '<b>Add hardware</b>' and repeat for Audio.<br> <br> ==== Install Windows 10 and update ==== <youtube>07sTymJaWvw</youtube> Install windows 10 then update windows to get the graphics card drivers working.<br> Once done shoutdown.<br> ===After shutting down windows edit the VM's Config file=== <youtube>CCKbp-n6xRo</youtube> To find/confirm your VM's name:<br> <code>virsh list --all</code><br> <br> Syntax:<code>sudo virsh edit YOUR_VM_NAME</code><br> <code>sudo virsh edit win10</code><br> <br> Going to edit in between the <code><features> </features></code> Brackets, 17 lines down.<br> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> </pre> <pre> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> </pre> ====What these values do ==== <div class="toccolours mw-collapsible mw-collapsed"> <vendor_id state='on' value='1234567890ab'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><vendor_id></b> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal <b>value</b> using the value attribute. The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors. By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows: <pre> <cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu> </pre> In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID. It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <kvm> <hidden state='on'/> </kvm> <div class="mw-collapsible-content"> In Linux KVM, the <b><kvm></b> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <b><hidden></b> tag is a sub-tag of <b><kvm></b> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system. When the <b><hidden></b> tag is set to <b>state='on'</b>, the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware. This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly. To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows: <pre> <kvm> <hidden state='on'/> ... </kvm> </pre> It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly. As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <ioapic driver='kvm'/> <div class="mw-collapsible-content"> In Linux KVM, the <b><ioapic></b> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The <b>driver</b> attribute is used to specify the driver that should be used for the IOAPIC device, with the value <b>kvm</b> indicating that KVM's built-in IOAPIC driver should be used. The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU. To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows: <pre> <ioapic driver='kvm'/> </pre> With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine. It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality. Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine. </div> </div> ====Full Config file - before and after==== <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>before</b> any changes with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoand of course the content when expanded.<br \> <code>print "hello content"</code>ft.com/win/10"/> </libosinfo:libosinfo>=====Notes===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> </hyperv> <vmport state='off'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Full Config file <b>After</b> changes made with <b>virsh edit</b> <div class="mw-collapsible-content"> <pre> <domain type='kvm'> <name>win10</name> <uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://microsoft.com/win/10"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-6.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram> </os> <features> <acpi/> <apic/> <hyperv mode='custom'> <relaxed state='on'/> <vapic state='on'/> <spinlocks state='on' retries='8191'/> <vendor_id state='on' value='1234567890ab'/> </hyperv> <kvm> <hidden state='on'/> </kvm> <vmport state='off'/> <ioapic driver='kvm'/> </features> <cpu mode='host-passthrough' check='none' migratable='on'/> <clock offset='localtime'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> <timer name='hypervclock' present='yes'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <pm> <suspend-to-mem enabled='no'/> <suspend-to-disk enabled='no'/> </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2' discard='unmap'/> <source file='/var/lib/libvirt/images/win10.qcow2'/> <target dev='sda' bus='sata'/> <boot order='1'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/home/bunix/Downloads/Windows.iso'/> <target dev='sdb' bus='sata'/> <readonly/> <boot order='2'/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> <controller type='usb' index='0' model='qemu-xhci' ports='15'> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </controller> <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='pci' index='6' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='6' port='0x15'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/> </controller> <controller type='pci' index='7' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='7' port='0x16'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/> </controller> <controller type='pci' index='8' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='8' port='0x17'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/> </controller> <controller type='pci' index='9' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='9' port='0x18'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='10' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='10' port='0x19'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/> </controller> <controller type='pci' index='11' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='11' port='0x1a'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/> </controller> <controller type='pci' index='12' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='12' port='0x1b'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/> </controller> <controller type='pci' index='13' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='13' port='0x1c'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/> </controller> <controller type='pci' index='14' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='14' port='0x1d'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/> </controller> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='virtio-serial' index='0'> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='network'> <mac address='52:54:00:7e:3e:84'/> <source network='default'/> <model type='e1000e'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> </serial> <console type='pty'> <target type='serial' port='0'/> </console> <channel type='spicevmc'> <target type='virtio' name='com.redhat.spice.0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <graphics type='spice' autoport='yes'> <listen type='address'/> <image compression='off'/> </graphics> <sound model='ich9'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/> </sound> <audio id='1' type='spice'/> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/> </source> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </hostdev> <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/> </source> <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/> </hostdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='2'/> </redirdev> <redirdev bus='usb' type='spicevmc'> <address type='usb' bus='0' port='3'/> </redirdev> <memballoon model='virtio'> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </memballoon> </devices> </domain> </pre> </div> </div> <br> Note: Not the place to edit (use '<b>virsh</b>'), but you config file can be found here:<code>/etc/libvirt/qemu/</code> =====Notes - Mouse and Keyboard Redirect===== By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br> 1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br> Add a 'USB Redirection' which you can find in 'Add Hardware'<br> '<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br> <br> If you want to revisit the 'Add Hardware' Section later: <code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br> <br> <youtube>RjavWiqj_VM</youtube> To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM. ==Undo Passthrough== ===Grub=== <code>sudo $EDITOR /etc/default/grub</code><br> <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" </pre> Remove <code>intel_iommu=on kvm.ignore_msrs=1</code> and save changes. <pre> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" </pre> rebuild grub<br> <code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> ===vfio=== This step will restore sound to Host Ubuntu.<br> Comment out changes to <b>vfio.conf</b><br> <code>sudo $EDITOR /etc/modprobe.d/vfio.conf</code><br> <pre> blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb </pre> Comment out by placing a <code>#</code> in front of the line, save and exit. <pre> #blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb </pre> update initramfs:<br> <code>sudo update-initramfs -u</code><br> <br> ===Reboot for changes to take effect=== <code>reboot</code><br> ==End Notes== Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.<br> Tested with 'sniper ghost warrior' works fine.<br> Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers. ==References== https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu t4yelgr12476g6wnahnyaachv22q9tf 0 65 232 2023-03-29T21:45:59Z Noob 1 Created page with " ==Find wifi card name== First, make sure that your Ubuntu server has a wifi adapter installed. This is usually a small device that plugs into a USB port or is built into the computer. If you're not sure if your server has a wifi adapter, you can check the documentation or ask someone who knows more about computers. <br> <code>sudo lshw -C network</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to find wifi card: <div class="mw-collapsible-..." 232 wikitext text/x-wiki ==Find wifi card name== First, make sure that your Ubuntu server has a wifi adapter installed. This is usually a small device that plugs into a USB port or is built into the computer. If you're not sure if your server has a wifi adapter, you can check the documentation or ask someone who knows more about computers. <br> <code>sudo lshw -C network</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to find wifi card: <div class="mw-collapsible-content"> <code>ls /sys/class/net</code><br> <br> <code>iwconfig</code> requires installing <b>wireless-tools</b><br> <code>sudo apt install wireless-tools</code><br> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> OutPut from <code>sudo lshw -C network</code>: <div class="mw-collapsible-content"> <pre> *-network DISABLED description: Wireless interface product: RTL8723BE PCIe Wireless Network Adapter vendor: Realtek Semiconductor Co., Ltd. physical id: 0 bus info: pci@0000:02:00.0 logical name: wlp2s0 version: 00 serial: 40:e2:30:0e:8e:07 width: 64 bits clock: 33MHz capabilities: pm msi pciexpress bus_master cap_list ethernet physical wireless configuration: broadcast=yes driver=rtl8723be driverversion=5.15.0-69-generic firmware=N/A latency=0 link=no multicast=yes wireless=IEEE 802.11 resources: irq:17 ioport:e000(size=256) memory:d0700000-d0703fff *-network description: Ethernet interface product: RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller vendor: Realtek Semiconductor Co., Ltd. physical id: 0 bus info: pci@0000:03:00.0 logical name: enp3s0 version: 0c serial: fc:aa:14:6c:a9:33 size: 1Gbit/s capacity: 1Gbit/s width: 64 bits clock: 33MHz capabilities: pm msi pciexpress msix vpd bus_master cap_list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd 1000bt-fd autonegotiation configuration: autonegotiation=on broadcast=yes driver=r8169 driverversion=5.15.0-69-generic duplex=full firmware=rtl8168g-2_0.0.1 02/06/13 ip=192.168.0.167 latency=0 link=yes multicast=yes port=twisted pair speed=1Gbit/s resources: irq:18 ioport:d000(size=256) memory:d0604000-d0604fff memory:d0600000-d0603fff </pre> </div> </div> ===Turn on wifi adapter=== My adapter was called <b>wlp2s0</b><br> <code>sudo ip link set wlp2s0</code><br> ==Connect to wifi using network-manager nmcli== Requires <b>network-manager</b> package.<br> <code>sudo apt install network-manager</code><br> <br> Now that your wifi adapter is turned on and working, you can use the "nmcli" command to connect to a wifi network. To see a list of available networks, run the following command:<br> <code>nmcli device wifi list</code><br> ===Connect to wifi=== Once you've found the network you want to connect to, you can use the following command to connect:<br> <code>sudo nmcli device wifi connect SSID password PASSWORD</code><br> <br> Note: Replace "SSID" with the name of the network you want to connect to, and "PASSWORD" with the password for that network.<br> <br> For example, if you wanted to connect to a network called "MyWifi" with a password of "1234", you would run the following command:<br> <code>sudo nmcli device wifi connect MyWifi password 1234</code><br> <br> If the connection was successful, you should see a message saying that you are now connected to the wifi network. You can confirm that you are connected by running the following command:<br> <code>nmcli device status</code><br> This will show you information about your network connections, including whether you are connected to wifi. <br> And that's it! Those are the steps to connect an Ubuntu 22.04 server to wifi. If you have any questions or run into any problems, feel free to ask someone who knows more about computers for help. ===Disconnect from wifi=== Syntax:<code>nmcli device disconnect WIFI</code><br> <br> <code>sudo nmcli device disconnect wlp2s0</code><br> ===Turn off wifi card=== <code>sudo ip link set wlp2s0 down</code><br> 1k38f1mrxd571j3ikb0z4uhrrvgq2p2 0 66 233 2023-03-29T21:59:46Z Noob 1 Created page with "== Creating a Private-Public Network with LXD using Cloud-init == With this method, a private network provides an IP that can be used by another device on the same network, such as 192.168.0.122, while a public network provides an IP that can be used by the same device hosting the container, such as 10.0.1.122. Note that this method has not been tested on wifi. To create a "ppnet" profile for private-public networking, you will need to know the name of your network int..." 233 wikitext text/x-wiki == Creating a Private-Public Network with LXD using Cloud-init == With this method, a private network provides an IP that can be used by another device on the same network, such as 192.168.0.122, while a public network provides an IP that can be used by the same device hosting the container, such as 10.0.1.122. Note that this method has not been tested on wifi. To create a "ppnet" profile for private-public networking, you will need to know the name of your network interface. You can find this information by running the following command in a terminal:<br> <code>ip route show default</code><br> <br> This will display output similar to:<br> <code>default via 192.168.0.1 dev enp0s25 proto dhcp metric 100</code><br> <br> In this example, the network interface is "enp0s25". To create a copy of the "default" profile and rename it to "ppnet", run the following command:<br> <code>lxc profile copy default ppnet</code><br> <br> Then, view the newly created "ppnet" profile using the following command:<br> <code>lxc profile show ppnet</code><br> <br> To configure the "ppnet" profile, edit it using the following command:<br> <code>lxc profile edit ppnet</code><br> <br> This will open a text editor where you can modify the profile's configuration. Replace the existing configuration with the following: <pre> config: user.network-config: | version: 1 config: - type: physical name: eth0 subnets: - type: dhcp ipv4: true - type: physical name: eth1 subnets: - type: dhcp ipv4: true description: Default LXD profile devices: eth0: name: eth0 parent: lxdbr0 type: nic eth1: name: eth1 nictype: macvlan parent: enp0s25 type: nic root: path: / pool: default type: disk name: ppnet used_by: </pre> <br> Note that you should replace "enp0s25" with the name of your network interface, and adjust the subnets as needed. Finally, launch a new container with the "ppnet" profile using the following command:<br> <code>lxc launch ubuntu:20.04 gitea2 --profile ppnet</code><br> <br> h4b19ytm6m7twtxjstrjnnjq7v5l404 234 233 2023-03-29T22:00:48Z Noob 1 /* Creating a Private-Public Network with LXD using Cloud-init */ 234 wikitext text/x-wiki == Creating a Private-Public Network with LXD using Cloud-init == With this method, a private network provides an IP that can be used by another device on the same network, such as 192.168.0.122, while a public network provides an IP that can be used by the same device hosting the container, such as 10.0.1.122. Note that this method has not been tested on wifi. To create a "ppnet" profile for private-public networking, you will need to know the name of your network interface. You can find this information by running the following command in a terminal:<br> <code>ip route show default</code><br> <br> This will display output similar to:<br> <code>default via 192.168.0.1 dev enp0s25 proto dhcp metric 100</code><br> <br> In this example, the network interface is "enp0s25". To create a copy of the "default" profile and rename it to "ppnet", run the following command:<br> <code>lxc profile copy default ppnet</code><br> <br> Then, view the newly created "ppnet" profile using the following command:<br> <code>lxc profile show ppnet</code><br> <br> To configure the "ppnet" profile, edit it using the following command:<br> <code>lxc profile edit ppnet</code><br> <br> This will open a text editor where you can modify the profile's configuration. Replace the existing configuration with the following: <pre> config: user.network-config: | version: 1 config: - type: physical name: eth0 subnets: - type: dhcp ipv4: true - type: physical name: eth1 subnets: - type: dhcp ipv4: true description: Default LXD profile devices: eth0: name: eth0 parent: lxdbr0 type: nic eth1: name: eth1 nictype: macvlan parent: enp0s25 type: nic root: path: / pool: default type: disk name: ppnet used_by: </pre> <br> Note that you should replace "enp0s25" with the name of your network interface, and adjust the subnets as needed. Finally, launch a new container with the "ppnet" profile using the following command:<br> <code>lxc launch ubuntu:20.04 gitea2 --profile ppnet</code><br> <br> ==References== https://blog.simos.info/how-to-add-both-a-private-and-public-network-to-lxd-using-cloud-init/<br> grov9yx96zp5rj6g2j27di2kt87xqt5 235 234 2023-03-29T22:02:08Z Noob 1 /* Creating a Private-Public Network with LXD using Cloud-init */ 235 wikitext text/x-wiki == Creating a Private-Public Network with LXD using Cloud-init == With this method, a private network provides an IP that can be used by another device on the same network, such as 192.168.0.122, while a public network provides an IP that can be used by the same device hosting the container, such as 10.0.1.122. Note that this method has not been tested on wifi. To create a "ppnet" profile for private-public networking, you will need to know the name of your network interface. You can find this information by running the following command in a terminal:<br> <code>ip route show default</code><br> <br> This will display output similar to:<br> <code>default via 192.168.0.1 dev enp0s25 proto dhcp metric 100</code><br> <br> In this example, the network interface is "enp0s25". To create a copy of the "default" profile and rename it to "ppnet", run the following command:<br> <code>lxc profile copy default ppnet</code><br> <br> Then, view the newly created "ppnet" profile using the following command:<br> <code>lxc profile show ppnet</code><br> <div class="toccolours mw-collapsible mw-collapsed"> OutPut:<code>lxc profile show ppnet</code> <div class="mw-collapsible-content"> <pre> config: {} description: Default LXD profile devices: eth0: name: eth0 network: lxdbr0 type: nic root: path: / pool: default type: disk name: default used_by: [] </pre> </div> </div> <br> To configure the "ppnet" profile, edit it using the following command:<br> <code>lxc profile edit ppnet</code><br> <br> This will open a text editor where you can modify the profile's configuration. Replace the existing configuration with the following: <pre> config: user.network-config: | version: 1 config: - type: physical name: eth0 subnets: - type: dhcp ipv4: true - type: physical name: eth1 subnets: - type: dhcp ipv4: true description: Default LXD profile devices: eth0: name: eth0 parent: lxdbr0 type: nic eth1: name: eth1 nictype: macvlan parent: enp0s25 type: nic root: path: / pool: default type: disk name: ppnet used_by: </pre> <br> Note that you should replace "enp0s25" with the name of your network interface, and adjust the subnets as needed. Finally, launch a new container with the "ppnet" profile using the following command:<br> <code>lxc launch ubuntu:20.04 gitea2 --profile ppnet</code><br> <br> ==References== https://blog.simos.info/how-to-add-both-a-private-and-public-network-to-lxd-using-cloud-init/<br> qqapsh51avlextqddbprm1b1digpvdd 0 67 244 2023-03-29T23:53:14Z Noob 1 Created page with "=Command Line Editors= A command line editor is a type of software program that allows users to create and edit text files directly from a command line interface. This means that instead of using a graphical user interface, users interact with the editor through a text-based interface. Command line editors are often used by programmers and system administrators who need to work with text files in a terminal environment. They are particularly useful for tasks such as mo..." 244 wikitext text/x-wiki =Command Line Editors= A command line editor is a type of software program that allows users to create and edit text files directly from a command line interface. This means that instead of using a graphical user interface, users interact with the editor through a text-based interface. Command line editors are often used by programmers and system administrators who need to work with text files in a terminal environment. They are particularly useful for tasks such as modifying configuration files, writing scripts, and editing code. Some popular command line editors include Vi, Nano, and Emacs. Each editor has its own set of features and commands, and users often have strong preferences for which one they prefer to use. One advantage of using a command line editor is that it allows for efficient editing of text files without the need for a separate program or application. Additionally, command line editors can be used over a network connection, which can be useful for remote administration and collaboration. However, command line editors do require some familiarity with basic command line navigation and editing commands, which can be daunting for users who are not accustomed to working in a terminal environment. Nonetheless, mastering a command line editor can be a valuable skill for anyone who works with text files on a regular basis. ===VI=== <b>vi</b> is a text editor that is built into most Linux distributions. It is a command-line based editor that can be used to create and modify text files.<br> <br> <b>vi</b> has two main modes: * Command mode: This is the default mode when you open a file in "vi". In command mode, you can navigate around the file, make edits, and execute commands. You cannot enter text in this mode. * Insert mode: In insert mode, you can enter text into the file. To enter insert mode, you need to switch from command mode to insert mode. Here's how to switch between the two modes in "<b>vi</b>": * To switch from command mode to insert mode, press the "<b>i</b>" key. This will allow you to start typing text into the file. * To switch from insert mode back to command mode, press the "<b>Esc</b>" key. While in command mode, you can use various commands to navigate around the file and perform various editing tasks, such as deleting or copying text. Here are some examples of commands you can use in command mode:<br> <br> <code>h</code>: Move the cursor left<br> <code>j</code>: Move the cursor down<br> <code>k</code>: Move the cursor up<br> <code>l</code>: Move the cursor right<br> <code>dd</code>: Delete the current line<br> <code>yy</code>: Copy the current line<br> <code>p</code>: Paste the last line that was copied or deleted<br> <br> There are many more commands available in "vi". You can access a list of commands by typing <code>:help</code> in command mode.<br> <br> It's important to note that "vi" can be a bit confusing for new users, especially since it requires memorizing different commands to navigate and edit files. However, once you get the hang of it, "vi" can be a very powerful and efficient tool for editing text files.<br> <br> ===nano=== Nano is a simple, easy-to-use text editor that is available on most Linux distributions. It is designed to be user-friendly and intuitive, making it a good choice for beginners who are new to Linux. Here are some examples of how to use Nano: To open a file with Nano, type the following command in a terminal: <code>nano filename</code><br> This will open the file "filename" in the Nano editor. To enter text in Nano, simply start typing. Text will appear at the cursor location. To save changes to a file, press the <b>Ctrl</b> and <b>O</b> keys together. This will bring up the save prompt. Type in the name of the file you want to save and press "Enter". To exit Nano, press the <b>Ctrl</b> and <b>X</b> keys together. If there are unsaved changes, Nano will prompt you to save them before exiting. To copy text in Nano, use the <b>Alt</b> and <b>6</b> keys together to set a mark at the beginning of the text you want to copy, then move the cursor to the end of the text you want to copy. Press the <b>Ctrl</b> and <b>K</b> keys together to cut the text to the clipboard. Move the cursor to the location where you want to paste the text, and press the <b>Ctrl</b> and <b>U</b> keys together to paste the text. To search for text in Nano, press the <b>Ctrl</b> and <b>W</b> keys together. This will bring up the search prompt. Type in the text you want to search for and press "Enter". Nano will search the file for the text and highlight the first occurrence. To navigate through a file in Nano, use the arrow keys to move the cursor up, down, left, or right. Use the <b>Page Up</b> and <b>Page Down</b> keys to move the cursor up or down one page at a time. Nano is a great option for users who prefer a simple, easy-to-use text editor that doesn't require memorizing complicated commands. ===Emacs=== Emacs is a text editor that is popular among programmers and developers. It is a powerful, customizable editor that is available on most operating systems, including Linux, macOS, and Windows. Here are some basic commands that you can use to get started with Emacs: To open a file with Emacs, type the following command in a terminal:<br> <code>emacs filename</code><br> This will open the file "filename" in the Emacs editor. To enter text in Emacs, simply start typing. Text will appear at the cursor location. To save changes to a file, press the <b>Ctrl</b> and <b>X</b> keys together, followed by the <b>Ctrl</b> and <b>S</b> keys. This will save the changes to the file. To exit Emacs, press the <b>Ctrl</b> and <b>X</b> keys together, followed by the <b>Ctrl</b> and <b>C</b> keys. If there are unsaved changes, Emacs will prompt you to save them before exiting. To copy text in Emacs, use the <b>Alt</b> and <b>W</b> keys together to mark the beginning of the text you want to copy, then move the cursor to the end of the text you want to copy. Press the <b>Alt</b> and <b>W</b> keys together to copy the text to the clipboard. Move the cursor to the location where you want to paste the text, and press the <b>Ctrl</b> and <b>Y</b> keys together to paste the text. To search for text in Emacs, press the <b>Ctrl</b> and <b>S</b> keys together. This will bring up the search prompt. Type in the text you want to search for and press "Enter". Emacs will search the file for the text and highlight the first occurrence. To navigate through a file in Emacs, use the arrow keys to move the cursor up, down, left, or right. Use the <b>PgUp</b> and <b>PgDn</b> keys to move the cursor up or down one page at a time. Emacs also has a wide range of features and customization options, making it a powerful tool for developers. Some popular features include syntax highlighting, code completion, and version control integration. To learn more about Emacs and its advanced features, you can check out the official documentation and online tutorials. ==Set $EDITOR== In Linux and other Unix-like operating systems, the EDITOR environment variable is used to specify the default text editor that should be used when opening and editing files from the command line. The set EDITOR=nano command is used to set the EDITOR environment variable to the nano text editor. This means that any command or program that requires a text editor to be opened, such as git commit, will now use nano as the default editor instead of the previously set default. The nano editor is a simple, easy-to-use text editor that is designed to be user-friendly and intuitive, making it a good choice for beginners who are new to Linux. Setting the EDITOR environment variable to nano can be useful for users who prefer to use nano as their default text editor, or for users who are not familiar with other text editors like vi or emacs. To make the EDITOR environment variable persist across terminal sessions, you can add the set EDITOR=nano command to your shell startup file, such as .bashrc or .zshrc, depending on which shell you are using. To see if <b>EDITOR</b> as already be assigned:<br> <code>echo $EDITOR</code><br> <br> To set environment variable:<br> <code>set EDITOR=nano</code><br> <br> To unset use:<br> <code>unset EDITOR</code><br> atlpykwxvzcshvg1rtfcwu0hycnmgml 288 244 2023-04-05T18:11:57Z Noob 1 /* Command Line Editors */ 288 wikitext text/x-wiki ==Command Line Editors== A command line editor is a type of software program that allows users to create and edit text files directly from a command line interface. This means that instead of using a graphical user interface, users interact with the editor through a text-based interface. Command line editors are often used by programmers and system administrators who need to work with text files in a terminal environment. They are particularly useful for tasks such as modifying configuration files, writing scripts, and editing code. Some popular command line editors include Vi, Nano, and Emacs. Each editor has its own set of features and commands, and users often have strong preferences for which one they prefer to use. One advantage of using a command line editor is that it allows for efficient editing of text files without the need for a separate program or application. Additionally, command line editors can be used over a network connection, which can be useful for remote administration and collaboration. However, command line editors do require some familiarity with basic command line navigation and editing commands, which can be daunting for users who are not accustomed to working in a terminal environment. Nonetheless, mastering a command line editor can be a valuable skill for anyone who works with text files on a regular basis. ===VI=== <b>vi</b> is a text editor that is built into most Linux distributions. It is a command-line based editor that can be used to create and modify text files.<br> <br> <b>vi</b> has two main modes: * Command mode: This is the default mode when you open a file in "vi". In command mode, you can navigate around the file, make edits, and execute commands. You cannot enter text in this mode. * Insert mode: In insert mode, you can enter text into the file. To enter insert mode, you need to switch from command mode to insert mode. Here's how to switch between the two modes in "<b>vi</b>": * To switch from command mode to insert mode, press the "<b>i</b>" key. This will allow you to start typing text into the file. * To switch from insert mode back to command mode, press the "<b>Esc</b>" key. While in command mode, you can use various commands to navigate around the file and perform various editing tasks, such as deleting or copying text. Here are some examples of commands you can use in command mode:<br> <br> <code>h</code>: Move the cursor left<br> <code>j</code>: Move the cursor down<br> <code>k</code>: Move the cursor up<br> <code>l</code>: Move the cursor right<br> <code>dd</code>: Delete the current line<br> <code>yy</code>: Copy the current line<br> <code>p</code>: Paste the last line that was copied or deleted<br> <br> There are many more commands available in "vi". You can access a list of commands by typing <code>:help</code> in command mode.<br> <br> It's important to note that "vi" can be a bit confusing for new users, especially since it requires memorizing different commands to navigate and edit files. However, once you get the hang of it, "vi" can be a very powerful and efficient tool for editing text files.<br> <br> ===nano=== Nano is a simple, easy-to-use text editor that is available on most Linux distributions. It is designed to be user-friendly and intuitive, making it a good choice for beginners who are new to Linux. Here are some examples of how to use Nano: To open a file with Nano, type the following command in a terminal: <code>nano filename</code><br> This will open the file "filename" in the Nano editor. To enter text in Nano, simply start typing. Text will appear at the cursor location. To save changes to a file, press the <b>Ctrl</b> and <b>O</b> keys together. This will bring up the save prompt. Type in the name of the file you want to save and press "Enter". To exit Nano, press the <b>Ctrl</b> and <b>X</b> keys together. If there are unsaved changes, Nano will prompt you to save them before exiting. To copy text in Nano, use the <b>Alt</b> and <b>6</b> keys together to set a mark at the beginning of the text you want to copy, then move the cursor to the end of the text you want to copy. Press the <b>Ctrl</b> and <b>K</b> keys together to cut the text to the clipboard. Move the cursor to the location where you want to paste the text, and press the <b>Ctrl</b> and <b>U</b> keys together to paste the text. To search for text in Nano, press the <b>Ctrl</b> and <b>W</b> keys together. This will bring up the search prompt. Type in the text you want to search for and press "Enter". Nano will search the file for the text and highlight the first occurrence. To navigate through a file in Nano, use the arrow keys to move the cursor up, down, left, or right. Use the <b>Page Up</b> and <b>Page Down</b> keys to move the cursor up or down one page at a time. Nano is a great option for users who prefer a simple, easy-to-use text editor that doesn't require memorizing complicated commands. ===Emacs=== Emacs is a text editor that is popular among programmers and developers. It is a powerful, customizable editor that is available on most operating systems, including Linux, macOS, and Windows. Here are some basic commands that you can use to get started with Emacs: To open a file with Emacs, type the following command in a terminal:<br> <code>emacs filename</code><br> This will open the file "filename" in the Emacs editor. To enter text in Emacs, simply start typing. Text will appear at the cursor location. To save changes to a file, press the <b>Ctrl</b> and <b>X</b> keys together, followed by the <b>Ctrl</b> and <b>S</b> keys. This will save the changes to the file. To exit Emacs, press the <b>Ctrl</b> and <b>X</b> keys together, followed by the <b>Ctrl</b> and <b>C</b> keys. If there are unsaved changes, Emacs will prompt you to save them before exiting. To copy text in Emacs, use the <b>Alt</b> and <b>W</b> keys together to mark the beginning of the text you want to copy, then move the cursor to the end of the text you want to copy. Press the <b>Alt</b> and <b>W</b> keys together to copy the text to the clipboard. Move the cursor to the location where you want to paste the text, and press the <b>Ctrl</b> and <b>Y</b> keys together to paste the text. To search for text in Emacs, press the <b>Ctrl</b> and <b>S</b> keys together. This will bring up the search prompt. Type in the text you want to search for and press "Enter". Emacs will search the file for the text and highlight the first occurrence. To navigate through a file in Emacs, use the arrow keys to move the cursor up, down, left, or right. Use the <b>PgUp</b> and <b>PgDn</b> keys to move the cursor up or down one page at a time. Emacs also has a wide range of features and customization options, making it a powerful tool for developers. Some popular features include syntax highlighting, code completion, and version control integration. To learn more about Emacs and its advanced features, you can check out the official documentation and online tutorials. ==Set $EDITOR== In Linux and other Unix-like operating systems, the EDITOR environment variable is used to specify the default text editor that should be used when opening and editing files from the command line. The set EDITOR=nano command is used to set the EDITOR environment variable to the nano text editor. This means that any command or program that requires a text editor to be opened, such as git commit, will now use nano as the default editor instead of the previously set default. The nano editor is a simple, easy-to-use text editor that is designed to be user-friendly and intuitive, making it a good choice for beginners who are new to Linux. Setting the EDITOR environment variable to nano can be useful for users who prefer to use nano as their default text editor, or for users who are not familiar with other text editors like vi or emacs. To make the EDITOR environment variable persist across terminal sessions, you can add the set EDITOR=nano command to your shell startup file, such as .bashrc or .zshrc, depending on which shell you are using. To see if <b>EDITOR</b> as already be assigned:<br> <code>echo $EDITOR</code><br> <br> To set environment variable:<br> <code>set EDITOR=nano</code><br> <br> To unset use:<br> <code>unset EDITOR</code><br> jv19mg1qwsehbrs825201usm8m1npjk 416 288 2023-05-11T18:48:32Z Noob 1 Noob moved page [[Command Line Editors]] to [[Ubuntu 22.04 Command Line Editors]] without leaving a redirect: Cleaning up wiki titles 288 wikitext text/x-wiki ==Command Line Editors== A command line editor is a type of software program that allows users to create and edit text files directly from a command line interface. This means that instead of using a graphical user interface, users interact with the editor through a text-based interface. Command line editors are often used by programmers and system administrators who need to work with text files in a terminal environment. They are particularly useful for tasks such as modifying configuration files, writing scripts, and editing code. Some popular command line editors include Vi, Nano, and Emacs. Each editor has its own set of features and commands, and users often have strong preferences for which one they prefer to use. One advantage of using a command line editor is that it allows for efficient editing of text files without the need for a separate program or application. Additionally, command line editors can be used over a network connection, which can be useful for remote administration and collaboration. However, command line editors do require some familiarity with basic command line navigation and editing commands, which can be daunting for users who are not accustomed to working in a terminal environment. Nonetheless, mastering a command line editor can be a valuable skill for anyone who works with text files on a regular basis. ===VI=== <b>vi</b> is a text editor that is built into most Linux distributions. It is a command-line based editor that can be used to create and modify text files.<br> <br> <b>vi</b> has two main modes: * Command mode: This is the default mode when you open a file in "vi". In command mode, you can navigate around the file, make edits, and execute commands. You cannot enter text in this mode. * Insert mode: In insert mode, you can enter text into the file. To enter insert mode, you need to switch from command mode to insert mode. Here's how to switch between the two modes in "<b>vi</b>": * To switch from command mode to insert mode, press the "<b>i</b>" key. This will allow you to start typing text into the file. * To switch from insert mode back to command mode, press the "<b>Esc</b>" key. While in command mode, you can use various commands to navigate around the file and perform various editing tasks, such as deleting or copying text. Here are some examples of commands you can use in command mode:<br> <br> <code>h</code>: Move the cursor left<br> <code>j</code>: Move the cursor down<br> <code>k</code>: Move the cursor up<br> <code>l</code>: Move the cursor right<br> <code>dd</code>: Delete the current line<br> <code>yy</code>: Copy the current line<br> <code>p</code>: Paste the last line that was copied or deleted<br> <br> There are many more commands available in "vi". You can access a list of commands by typing <code>:help</code> in command mode.<br> <br> It's important to note that "vi" can be a bit confusing for new users, especially since it requires memorizing different commands to navigate and edit files. However, once you get the hang of it, "vi" can be a very powerful and efficient tool for editing text files.<br> <br> ===nano=== Nano is a simple, easy-to-use text editor that is available on most Linux distributions. It is designed to be user-friendly and intuitive, making it a good choice for beginners who are new to Linux. Here are some examples of how to use Nano: To open a file with Nano, type the following command in a terminal: <code>nano filename</code><br> This will open the file "filename" in the Nano editor. To enter text in Nano, simply start typing. Text will appear at the cursor location. To save changes to a file, press the <b>Ctrl</b> and <b>O</b> keys together. This will bring up the save prompt. Type in the name of the file you want to save and press "Enter". To exit Nano, press the <b>Ctrl</b> and <b>X</b> keys together. If there are unsaved changes, Nano will prompt you to save them before exiting. To copy text in Nano, use the <b>Alt</b> and <b>6</b> keys together to set a mark at the beginning of the text you want to copy, then move the cursor to the end of the text you want to copy. Press the <b>Ctrl</b> and <b>K</b> keys together to cut the text to the clipboard. Move the cursor to the location where you want to paste the text, and press the <b>Ctrl</b> and <b>U</b> keys together to paste the text. To search for text in Nano, press the <b>Ctrl</b> and <b>W</b> keys together. This will bring up the search prompt. Type in the text you want to search for and press "Enter". Nano will search the file for the text and highlight the first occurrence. To navigate through a file in Nano, use the arrow keys to move the cursor up, down, left, or right. Use the <b>Page Up</b> and <b>Page Down</b> keys to move the cursor up or down one page at a time. Nano is a great option for users who prefer a simple, easy-to-use text editor that doesn't require memorizing complicated commands. ===Emacs=== Emacs is a text editor that is popular among programmers and developers. It is a powerful, customizable editor that is available on most operating systems, including Linux, macOS, and Windows. Here are some basic commands that you can use to get started with Emacs: To open a file with Emacs, type the following command in a terminal:<br> <code>emacs filename</code><br> This will open the file "filename" in the Emacs editor. To enter text in Emacs, simply start typing. Text will appear at the cursor location. To save changes to a file, press the <b>Ctrl</b> and <b>X</b> keys together, followed by the <b>Ctrl</b> and <b>S</b> keys. This will save the changes to the file. To exit Emacs, press the <b>Ctrl</b> and <b>X</b> keys together, followed by the <b>Ctrl</b> and <b>C</b> keys. If there are unsaved changes, Emacs will prompt you to save them before exiting. To copy text in Emacs, use the <b>Alt</b> and <b>W</b> keys together to mark the beginning of the text you want to copy, then move the cursor to the end of the text you want to copy. Press the <b>Alt</b> and <b>W</b> keys together to copy the text to the clipboard. Move the cursor to the location where you want to paste the text, and press the <b>Ctrl</b> and <b>Y</b> keys together to paste the text. To search for text in Emacs, press the <b>Ctrl</b> and <b>S</b> keys together. This will bring up the search prompt. Type in the text you want to search for and press "Enter". Emacs will search the file for the text and highlight the first occurrence. To navigate through a file in Emacs, use the arrow keys to move the cursor up, down, left, or right. Use the <b>PgUp</b> and <b>PgDn</b> keys to move the cursor up or down one page at a time. Emacs also has a wide range of features and customization options, making it a powerful tool for developers. Some popular features include syntax highlighting, code completion, and version control integration. To learn more about Emacs and its advanced features, you can check out the official documentation and online tutorials. ==Set $EDITOR== In Linux and other Unix-like operating systems, the EDITOR environment variable is used to specify the default text editor that should be used when opening and editing files from the command line. The set EDITOR=nano command is used to set the EDITOR environment variable to the nano text editor. This means that any command or program that requires a text editor to be opened, such as git commit, will now use nano as the default editor instead of the previously set default. The nano editor is a simple, easy-to-use text editor that is designed to be user-friendly and intuitive, making it a good choice for beginners who are new to Linux. Setting the EDITOR environment variable to nano can be useful for users who prefer to use nano as their default text editor, or for users who are not familiar with other text editors like vi or emacs. To make the EDITOR environment variable persist across terminal sessions, you can add the set EDITOR=nano command to your shell startup file, such as .bashrc or .zshrc, depending on which shell you are using. To see if <b>EDITOR</b> as already be assigned:<br> <code>echo $EDITOR</code><br> <br> To set environment variable:<br> <code>set EDITOR=nano</code><br> <br> To unset use:<br> <code>unset EDITOR</code><br> jv19mg1qwsehbrs825201usm8m1npjk 0 68 245 2023-03-29T23:57:24Z Noob 1 Created page with " =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services..." 245 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> = CompleteNoobs = '''Welcome to CompleteNoobs!''' We are a community of computer science enthusiasts who believe in making knowledge free, open, and reproducible. Whether you are a hobbyist, sysadmin, teacher, student, or simply interested in computer science, CompleteNoobs is a place to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips that are created or released under a Libre license that allows for the following freedoms: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. <b>CC BY-NC-SA</b> licensed content can be hosted on the non-commercial fork at https://www.completenoobz.com To get started, request an account on the wiki and message user CompleteNoobs on Reddit. Please note that we are currently not allowing direct signups due to bots. == We all start as Noobs == Whether you're just starting out or you're an experienced professional, we all start as noobs. This wiki is a safe space for us to learn, experiment, and grow together. == Getting Started == [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] == Notes == The main landing page is the <b>Main_Index</b> Page. * [[Main_Index | Main Index Page]] * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] == Data-Heavy Content == To keep the XML light, data-heavy content such as pictures, audio, and video can be linked with IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] We encourage users to fork this project and download and keep a copy on their desktop and/or server. == Licenses == [[LICENCE_HEADERS|Please place a license on top of each page as long as the license falls in line with free to Copy, Modify, Distribute.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} bokaki84ttip69k9ukp6287180na1mb 0 69 246 2023-04-02T20:21:28Z Noob 1 Created page with "==Info== My mediawiki is installed in path <b>/var/www/html/noobs</b> and i want to remove the <b>index.php</b> from the URL ==Apache2 config== This apache2 config file is from a localwiki:<br> Note the Path of <b>DocumentRoot</b><br> Inside the Directory angle brackets, note path and make sure:<br> :* <b>Options Indexes FollowSymLinks</b><br> :* <b>AllowOverride All</b><br> make sure they are included: <pre> <VirtualHost *:80> DocumentRoot /var/www/html/noobs..." 246 wikitext text/x-wiki ==Info== My mediawiki is installed in path <b>/var/www/html/noobs</b> and i want to remove the <b>index.php</b> from the URL ==Apache2 config== This apache2 config file is from a localwiki:<br> Note the Path of <b>DocumentRoot</b><br> Inside the Directory angle brackets, note path and make sure:<br> :* <b>Options Indexes FollowSymLinks</b><br> :* <b>AllowOverride All</b><br> make sure they are included: <pre> <VirtualHost *:80> DocumentRoot /var/www/html/noobs <Directory /var/www/html/noobs> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> </VirtualHost> </pre> <b>DocumentRoot /var/www/html/noobs</b>: This line sets the document root directory for the virtual host. The document root is the top-level directory that contains your web content (HTML, CSS, JavaScript, etc.). In this case, the document root is set to <b>/var/www/html/noobs</b>. <b><Directory /var/www/html/noobs></b>: This line begins a configuration block for the <b>/var/www/html/noobs</b> directory. The settings within this block apply to the specified directory and its subdirectories. <b>Options Indexes FollowSymLinks</b>: This line sets two options for the directory: :* Indexes: If a requested directory does not have an index file (e.g., index.html or index.php), the server will generate a directory listing for the browser. :* FollowSymLinks: The server will follow symbolic links in this directory, allowing it to serve files linked from other locations. <b>AllowOverride All</b>: This line allows the use of .htaccess files in the /var/www/html/noobs directory and its subdirectories. .htaccess files provide a way to modify the configuration on a per-directory basis, overriding the settings specified in the main Apache configuration files. The All value means that all types of overrides are allowed. <b>Require all granted</b>: This line controls access to the /var/www/html/noobs directory. In this case, it allows access to everyone, meaning there are no access restrictions for this directory. <b></Directory></b>: This line closes the <Directory> configuration block. ==.htaccess file== <code>/var/www/html/noobs/.htaccess</code> <pre> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </pre> This .htaccess file contains a set of mod_rewrite rules for URL rewriting. Let's go through each line and explain its purpose: :* <b>RewriteEngine</b> On: This line enables the URL rewriting engine (mod_rewrite) for this directory. :* <b>RewriteBase /</b>: This line sets the base URL for per-directory rewrites. In this case, the base URL is set to /, which means that all rewritten URLs will be relative to the root directory. :* <b>RewriteRule ^index\.php$ - [L]</b>: This line is a rewrite rule that matches any request starting with index.php. The - in the rule means "do nothing" (i.e., don't rewrite the URL). The [L] flag tells the rewrite engine that this is the last rule to be processed if the current request matches this rule. In other words, if a request is for index.php, it won't be processed by any further rewrite rules. :* <b>RewriteCond %{REQUEST_FILENAME} !-f</b>: This line is a rewrite condition that checks if the requested file (%{REQUEST_FILENAME}) does not exist (!-f). This condition must be met for the subsequent rewrite rule to be executed. :* <b>RewriteCond %{REQUEST_FILENAME} !-d</b>: This line is another rewrite condition that checks if the requested file is not a directory (!-d). ==LocalSettings.php== <code>/var/www/html/noobs/LocalSettings.php</code> <pre> # rewriteURL $wgScriptPath = ""; $wgArticlePath = "/$1"; $wgUsePathInfo = true; </pre> These lines in the <b>LocalSettings.php</b> file of MediaWiki configure the URL structure and path settings for your wiki. Let's go through each line and explain its purpose: :* <b>$wgScriptPath = "";</b>: This line sets the base URL path for accessing MediaWiki's PHP scripts. In this case, the path is set to an empty string, which means the scripts are located in the root directory of the webserver (e.g., http://example.com/index.php). If your MediaWiki installation is in a subdirectory, you would set this value to the subdirectory's path (e.g., $wgScriptPath = "/my-wiki" for http://example.com/my-wiki/index.php). :* <b>$wgArticlePath = "/$1";</b>: This line sets the URL structure for article pages. The $1 placeholder is replaced by the article's title. In this case, the article path is set to /$1, which means article URLs will look like http://example.com/Article_Title. If you want to include a subdirectory in the article path, you can set this value accordingly (e.g., $wgArticlePath = "/wiki/$1" for http://example.com/wiki/Article_Title). :* <b>$wgUsePathInfo = true;</b>: This line enables or disables the use of "pretty" URLs with path info. When set to true, MediaWiki uses path info to create clean, readable URLs (e.g., http://example.com/Article_Title). If set to false, MediaWiki uses query strings for URLs (e.g., `http://example.com/index.php ==Enable Apache2 rewrite module== Make sure the apache2 rewrite module is enabled with:<br> <code>a2enmod rewrite</code> Restart apache2 for changes to take effect:<br> <code>systemctl restart apache2</code> aikdpu6zimia0w969zwsk46yx9j75uj 359 246 2023-04-23T22:54:59Z AwesomO 5 /* Info */ 359 wikitext text/x-wiki ==Info== My mediawiki is installed in path <b>/var/www/html/noobs</b> and i want to remove the <b>index.php</b> from the URL '''NOTE:''' [[Host_Your_Own_Mediawiki_Online_Ubuntu_22.04#Remove_index.php_from_URL|This method worked]] The method on this page was to go completenoobs.com/Main_Page - completenoobs.com/noobs/Main_Page maybe better. ==Apache2 config== This apache2 config file is from a localwiki:<br> Note the Path of <b>DocumentRoot</b><br> Inside the Directory angle brackets, note path and make sure:<br> :* <b>Options Indexes FollowSymLinks</b><br> :* <b>AllowOverride All</b><br> make sure they are included: <pre> <VirtualHost *:80> DocumentRoot /var/www/html/noobs <Directory /var/www/html/noobs> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> </VirtualHost> </pre> <b>DocumentRoot /var/www/html/noobs</b>: This line sets the document root directory for the virtual host. The document root is the top-level directory that contains your web content (HTML, CSS, JavaScript, etc.). In this case, the document root is set to <b>/var/www/html/noobs</b>. <b><Directory /var/www/html/noobs></b>: This line begins a configuration block for the <b>/var/www/html/noobs</b> directory. The settings within this block apply to the specified directory and its subdirectories. <b>Options Indexes FollowSymLinks</b>: This line sets two options for the directory: :* Indexes: If a requested directory does not have an index file (e.g., index.html or index.php), the server will generate a directory listing for the browser. :* FollowSymLinks: The server will follow symbolic links in this directory, allowing it to serve files linked from other locations. <b>AllowOverride All</b>: This line allows the use of .htaccess files in the /var/www/html/noobs directory and its subdirectories. .htaccess files provide a way to modify the configuration on a per-directory basis, overriding the settings specified in the main Apache configuration files. The All value means that all types of overrides are allowed. <b>Require all granted</b>: This line controls access to the /var/www/html/noobs directory. In this case, it allows access to everyone, meaning there are no access restrictions for this directory. <b></Directory></b>: This line closes the <Directory> configuration block. ==.htaccess file== <code>/var/www/html/noobs/.htaccess</code> <pre> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </pre> This .htaccess file contains a set of mod_rewrite rules for URL rewriting. Let's go through each line and explain its purpose: :* <b>RewriteEngine</b> On: This line enables the URL rewriting engine (mod_rewrite) for this directory. :* <b>RewriteBase /</b>: This line sets the base URL for per-directory rewrites. In this case, the base URL is set to /, which means that all rewritten URLs will be relative to the root directory. :* <b>RewriteRule ^index\.php$ - [L]</b>: This line is a rewrite rule that matches any request starting with index.php. The - in the rule means "do nothing" (i.e., don't rewrite the URL). The [L] flag tells the rewrite engine that this is the last rule to be processed if the current request matches this rule. In other words, if a request is for index.php, it won't be processed by any further rewrite rules. :* <b>RewriteCond %{REQUEST_FILENAME} !-f</b>: This line is a rewrite condition that checks if the requested file (%{REQUEST_FILENAME}) does not exist (!-f). This condition must be met for the subsequent rewrite rule to be executed. :* <b>RewriteCond %{REQUEST_FILENAME} !-d</b>: This line is another rewrite condition that checks if the requested file is not a directory (!-d). ==LocalSettings.php== <code>/var/www/html/noobs/LocalSettings.php</code> <pre> # rewriteURL $wgScriptPath = ""; $wgArticlePath = "/$1"; $wgUsePathInfo = true; </pre> These lines in the <b>LocalSettings.php</b> file of MediaWiki configure the URL structure and path settings for your wiki. Let's go through each line and explain its purpose: :* <b>$wgScriptPath = "";</b>: This line sets the base URL path for accessing MediaWiki's PHP scripts. In this case, the path is set to an empty string, which means the scripts are located in the root directory of the webserver (e.g., http://example.com/index.php). If your MediaWiki installation is in a subdirectory, you would set this value to the subdirectory's path (e.g., $wgScriptPath = "/my-wiki" for http://example.com/my-wiki/index.php). :* <b>$wgArticlePath = "/$1";</b>: This line sets the URL structure for article pages. The $1 placeholder is replaced by the article's title. In this case, the article path is set to /$1, which means article URLs will look like http://example.com/Article_Title. If you want to include a subdirectory in the article path, you can set this value accordingly (e.g., $wgArticlePath = "/wiki/$1" for http://example.com/wiki/Article_Title). :* <b>$wgUsePathInfo = true;</b>: This line enables or disables the use of "pretty" URLs with path info. When set to true, MediaWiki uses path info to create clean, readable URLs (e.g., http://example.com/Article_Title). If set to false, MediaWiki uses query strings for URLs (e.g., `http://example.com/index.php ==Enable Apache2 rewrite module== Make sure the apache2 rewrite module is enabled with:<br> <code>a2enmod rewrite</code> Restart apache2 for changes to take effect:<br> <code>systemctl restart apache2</code> adc7yhbe60ic5rs9v69rsl2krlfvn4f 360 359 2023-04-23T22:55:47Z AwesomO 5 /* Info */ 360 wikitext text/x-wiki ==Info== My mediawiki is installed in path <b>/var/www/html/noobs</b> and i want to remove the <b>index.php</b> from the URL '''NOTE:''' [[Host_Your_Own_Mediawiki_Online_Ubuntu_22.04#Remove_index.php_from_URL|This method worked]] The method on this page was to go completenoobs.com/Main_Page - completenoobs.com/noobs/Main_Page maybe better. There was a bug on this page - do not use: use the link to working method in link above! ==Apache2 config== This apache2 config file is from a localwiki:<br> Note the Path of <b>DocumentRoot</b><br> Inside the Directory angle brackets, note path and make sure:<br> :* <b>Options Indexes FollowSymLinks</b><br> :* <b>AllowOverride All</b><br> make sure they are included: <pre> <VirtualHost *:80> DocumentRoot /var/www/html/noobs <Directory /var/www/html/noobs> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> </VirtualHost> </pre> <b>DocumentRoot /var/www/html/noobs</b>: This line sets the document root directory for the virtual host. The document root is the top-level directory that contains your web content (HTML, CSS, JavaScript, etc.). In this case, the document root is set to <b>/var/www/html/noobs</b>. <b><Directory /var/www/html/noobs></b>: This line begins a configuration block for the <b>/var/www/html/noobs</b> directory. The settings within this block apply to the specified directory and its subdirectories. <b>Options Indexes FollowSymLinks</b>: This line sets two options for the directory: :* Indexes: If a requested directory does not have an index file (e.g., index.html or index.php), the server will generate a directory listing for the browser. :* FollowSymLinks: The server will follow symbolic links in this directory, allowing it to serve files linked from other locations. <b>AllowOverride All</b>: This line allows the use of .htaccess files in the /var/www/html/noobs directory and its subdirectories. .htaccess files provide a way to modify the configuration on a per-directory basis, overriding the settings specified in the main Apache configuration files. The All value means that all types of overrides are allowed. <b>Require all granted</b>: This line controls access to the /var/www/html/noobs directory. In this case, it allows access to everyone, meaning there are no access restrictions for this directory. <b></Directory></b>: This line closes the <Directory> configuration block. ==.htaccess file== <code>/var/www/html/noobs/.htaccess</code> <pre> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </pre> This .htaccess file contains a set of mod_rewrite rules for URL rewriting. Let's go through each line and explain its purpose: :* <b>RewriteEngine</b> On: This line enables the URL rewriting engine (mod_rewrite) for this directory. :* <b>RewriteBase /</b>: This line sets the base URL for per-directory rewrites. In this case, the base URL is set to /, which means that all rewritten URLs will be relative to the root directory. :* <b>RewriteRule ^index\.php$ - [L]</b>: This line is a rewrite rule that matches any request starting with index.php. The - in the rule means "do nothing" (i.e., don't rewrite the URL). The [L] flag tells the rewrite engine that this is the last rule to be processed if the current request matches this rule. In other words, if a request is for index.php, it won't be processed by any further rewrite rules. :* <b>RewriteCond %{REQUEST_FILENAME} !-f</b>: This line is a rewrite condition that checks if the requested file (%{REQUEST_FILENAME}) does not exist (!-f). This condition must be met for the subsequent rewrite rule to be executed. :* <b>RewriteCond %{REQUEST_FILENAME} !-d</b>: This line is another rewrite condition that checks if the requested file is not a directory (!-d). ==LocalSettings.php== <code>/var/www/html/noobs/LocalSettings.php</code> <pre> # rewriteURL $wgScriptPath = ""; $wgArticlePath = "/$1"; $wgUsePathInfo = true; </pre> These lines in the <b>LocalSettings.php</b> file of MediaWiki configure the URL structure and path settings for your wiki. Let's go through each line and explain its purpose: :* <b>$wgScriptPath = "";</b>: This line sets the base URL path for accessing MediaWiki's PHP scripts. In this case, the path is set to an empty string, which means the scripts are located in the root directory of the webserver (e.g., http://example.com/index.php). If your MediaWiki installation is in a subdirectory, you would set this value to the subdirectory's path (e.g., $wgScriptPath = "/my-wiki" for http://example.com/my-wiki/index.php). :* <b>$wgArticlePath = "/$1";</b>: This line sets the URL structure for article pages. The $1 placeholder is replaced by the article's title. In this case, the article path is set to /$1, which means article URLs will look like http://example.com/Article_Title. If you want to include a subdirectory in the article path, you can set this value accordingly (e.g., $wgArticlePath = "/wiki/$1" for http://example.com/wiki/Article_Title). :* <b>$wgUsePathInfo = true;</b>: This line enables or disables the use of "pretty" URLs with path info. When set to true, MediaWiki uses path info to create clean, readable URLs (e.g., http://example.com/Article_Title). If set to false, MediaWiki uses query strings for URLs (e.g., `http://example.com/index.php ==Enable Apache2 rewrite module== Make sure the apache2 rewrite module is enabled with:<br> <code>a2enmod rewrite</code> Restart apache2 for changes to take effect:<br> <code>systemctl restart apache2</code> mq8anmkwejmddk97py0xtccshgh55f8 0 70 252 2023-04-02T20:59:57Z Noob 1 Created page with " Windows product key is a 25 character code used to activate Windows. ==Find your Product Key== In search bar type <code>cmd</code> Right click <b>Command Prompt</b> and <b>Run as administrator</b><br> In the command prompt enter:<br> <code>wmic path softwarelicensingservice get OA3xOriginalProductKey</code><br> Should return your 25 character product key: <pre> OA3xOriginalProductKey YXXXX-KXXXX-3XXXX-CXXXX-NXXXX </pre>" 252 wikitext text/x-wiki Windows product key is a 25 character code used to activate Windows. ==Find your Product Key== In search bar type <code>cmd</code> Right click <b>Command Prompt</b> and <b>Run as administrator</b><br> In the command prompt enter:<br> <code>wmic path softwarelicensingservice get OA3xOriginalProductKey</code><br> Should return your 25 character product key: <pre> OA3xOriginalProductKey YXXXX-KXXXX-3XXXX-CXXXX-NXXXX </pre> 7erume2wbg4049sszzax4x1xlsauxtk 0 71 253 2023-04-02T21:00:53Z Noob 1 Created page with " ==Using Recovery - built in== To reset your Windows 10 PC, go to Start > Settings > Update & Security > Recovery > Reset this PC > Get Started.<br> ==Create Windows 10 installation media== [[Find_You_Windows_10_Product_Key|It may be wish to backup your Windows 10 Product Key before a Nuke and Pave]] Go to https://www.microsoft.com/en-gb/software-download/windows10<br> Under <b>Create Windows 10 installation media</b><br> And Click <b>Download tool now</b> will down..." 253 wikitext text/x-wiki ==Using Recovery - built in== To reset your Windows 10 PC, go to Start > Settings > Update & Security > Recovery > Reset this PC > Get Started.<br> ==Create Windows 10 installation media== [[Find_You_Windows_10_Product_Key|It may be wish to backup your Windows 10 Product Key before a Nuke and Pave]] Go to https://www.microsoft.com/en-gb/software-download/windows10<br> Under <b>Create Windows 10 installation media</b><br> And Click <b>Download tool now</b> will download <b>MediaCreationTool22H2</b><br> <br> This tool will allow you to download the Windows10 ISO and/or create a bootable Windows10 installation USB (at least 8GB usb required). lwxcc63kydzro9o3ecyspo0hwcaa3ue 254 253 2023-04-02T21:01:17Z Noob 1 /* Create Windows 10 installation media */ 254 wikitext text/x-wiki ==Using Recovery - built in== To reset your Windows 10 PC, go to Start > Settings > Update & Security > Recovery > Reset this PC > Get Started.<br> ==Create Windows 10 installation media== [[Windows_10_Product_Key|It may be wish to backup your Windows 10 Product Key before a Nuke and Pave]] Go to https://www.microsoft.com/en-gb/software-download/windows10<br> Under <b>Create Windows 10 installation media</b><br> And Click <b>Download tool now</b> will download <b>MediaCreationTool22H2</b><br> <br> This tool will allow you to download the Windows10 ISO and/or create a bootable Windows10 installation USB (at least 8GB usb required). njort26ze8iztwkpe5ka7bsv7c8jqpo 255 254 2023-04-02T21:01:33Z Noob 1 /* Create Windows 10 installation media */ 255 wikitext text/x-wiki ==Using Recovery - built in== To reset your Windows 10 PC, go to Start > Settings > Update & Security > Recovery > Reset this PC > Get Started.<br> ==Create Windows 10 installation media== [[Windows_10_Product_Key|It may be wise to backup your Windows 10 Product Key before a Nuke and Pave]] Go to https://www.microsoft.com/en-gb/software-download/windows10<br> Under <b>Create Windows 10 installation media</b><br> And Click <b>Download tool now</b> will download <b>MediaCreationTool22H2</b><br> <br> This tool will allow you to download the Windows10 ISO and/or create a bootable Windows10 installation USB (at least 8GB usb required). nilmom09ks042kxsl9160m6x52ocytg 256 255 2023-04-02T21:01:58Z Noob 1 /* Create Windows 10 installation media */ 256 wikitext text/x-wiki ==Using Recovery - built in== To reset your Windows 10 PC, go to Start > Settings > Update & Security > Recovery > Reset this PC > Get Started.<br> ==Create Windows 10 installation media== [[Windows_10_Product_Key|It may be wise to <b>backup your Windows 10 Product Key</b> before a Nuke and Pave]] Go to https://www.microsoft.com/en-gb/software-download/windows10<br> Under <b>Create Windows 10 installation media</b><br> And Click <b>Download tool now</b> will download <b>MediaCreationTool22H2</b><br> <br> This tool will allow you to download the Windows10 ISO and/or create a bootable Windows10 installation USB (at least 8GB usb required). 9135d2zejyw6zcvt752r95it254b74j 0 73 258 2023-04-02T21:20:10Z Noob 1 Created page with "==Spin up a Server == Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $5 a month, 1 cpu, 1024MB ram, 25GB ssd, 1000GB Bandwidth.<br \> I have been given the IP:<b>192.248.155.201</b> <br \> ===DNS=== make a <b>A RECORD</b> for subdomain server IP address<br> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |xml |192.248.155.201 |auto |- |} ==Enable Basic FireWall== <code>ufw allow 22/tcp</code><br> <code>ufw allow 44..." 258 wikitext text/x-wiki ==Spin up a Server == Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $5 a month, 1 cpu, 1024MB ram, 25GB ssd, 1000GB Bandwidth.<br \> I have been given the IP:<b>192.248.155.201</b> <br \> ===DNS=== make a <b>A RECORD</b> for subdomain server IP address<br> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |xml |192.248.155.201 |auto |- |} ==Enable Basic FireWall== <code>ufw allow 22/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw enable</code><br \> ==Auto update Setup for server== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> And change the lines:<br \> <pre> // "${distro_id}:${distro_codename}-updates"; </pre> To: <pre> "${distro_id}:${distro_codename}-updates"; </pre> <br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; </pre> ==Install NGINX== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> ===LetsEncrypt=== <code>snap install certbot --classic</code><br> <code> certbot --nginx -d xml.completenoobs.com</code><br> You should now be able to view the <b>Welcome to nginx!</b> page with <b>https</b><br> ===Setup NGINX=== The nginx default site should look like this:<br> <code>cat /etc/nginx/sites-available/default</code><br> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> CertBot did the work for us :) Good Bot.<br> We just need to add one line <code>autoindex on;</code>in the <b>location { }</b> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> /etc/nginx/sites-available/default</code> After appending <code>autoindex on;</code>: <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ==Hosting XML files for easy Downloading== we are going to delete the default index page and create another.<br> <code>rm /var/www/html/index.nginx-debian.html</code><br> <code>$EDITOR /var/www/html/index.html</code><br> Insert:<br> <pre> <!DOCTYPE html> <html> <head> <title>CompleteNoobs-XML_Dumps</title> </head> <body> <h1> <a href="xmlDumps/">Click here for are latest XML Dumps</a>.</p> </h1> </body> </html> </pre> <br> Create a Directory to place are dumps<br> <code>mkdir /var/www/html/xmlDumps</code><br> This is the directory we will place are dumps for sharing and easy downloads.<br> <code>chown -R www-data:www-data /var/www/html/xmlDumps</code><br> <code>systemctl restart nginx</code><br> now create a test file with some content and test.<br> <code>$EDITOR /var/www/html/xmlDumps/test.txt</code><br> Check you can see/read on web browser.<br> This is the directory where we will send are mediawiki dumps.<br> ==Transfer Files to Sharing Directory== ===scp=== Check [[Basic_SCP_Examples|Basic_SCP_Examples]] for more examples:<br> To send direct from MediaWiki server (Example file 'xmlDump-03-03-2023')<br> Will be prompted to enter password:<br> <code>scp /path/to/xmlDump-03-03-2023 root@xml.completenoobs.com:/var/www/html/xmlDumps/</code><br> ===sshfs=== Can be useful if you are transferring a large number of files from your computer to server and want to use the GUI file explorer.<br> <br> NOTE:replace $USER with your user account (Example: mine is 'ubunix' so i will replace '$USER' with 'ubunix') <br> Install sshfs on your computer<br> <code>sudo apt install sshfs</code><br> Create a Directory you are going to mount remote server directory to:<br> <code>mkdir /home/$USER/ServerMount</code><br> <br> <code>sudo sshfs -o allow_other,default_permissions root@xml.completenoobs.com:/var/www/html/xmlDumps/ /home/$USER/ServerMount/</code><br> To umount use:<br> <code>sudo umount /home/$USER/ServerMount</code><br> ==Require Username and Password to view website/files (Optional - Placed here for educational reasons)== <code>apt install apache2-utils</code><br> In your <code>/etc/nginx/sites-available/default</code><br> Append the lines(see before and after files to see where):<br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: Before <div class="mw-collapsible-content"> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: After <div class="mw-collapsible-content"> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </div> </div> ===Create a login Username and Password to view your website=== Add user; change <b>user1</b> to username of your choice; you will be prompted for password.<br \> <code>htpasswd -c /etc/nginx/.htpasswd user1</code><br \> The <b>-c</b> flag is only needed the first time to create the file <b>/etc/nginx/.htpasswd</b><br \> Add second user; the same method is used to add has many users has you want.<br \> <code>htpasswd /etc/nginx/.htpasswd user2</code> <br \> To update or change passwd for user, repeat command with username of account you wish to change; enter new password.<br \> <code>htpasswd /etc/nginx/.htpasswd user1</code><br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> And try site. ===Fail2Ban to Block IP's Which Enter Incorrect Username and/or Password=== Install Fail2Ban:<br> <code>apt install fail2ban</code><br> <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code><br> <code>$EDITOR /etc/fail2ban/jail.local</code><br> Note: Can append to the very bottom of the page.<br> <pre> # Reject Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s [nginx-cup] #the name in brackets above is what you use for status # fail2ban-client status nginx-cup enabled = true filter = nginx-correct-up port = http,https logpath = /var/log/nginx/error.log findtime = 3m bantime = 3m maxretry = 3 #ignoreip = <your-ipaddress> #Note: Can find your ipaddress using `curl ifconfig.me` or visit `whatismyip.com` </pre> <br \> <code>$EDITOR /etc/fail2ban/filter.d/nginx-correct-up.conf</code><br \> <pre> [Definition] failregex = client:\s<HOST> ignoreregex = </pre> ===Check Fail2Ban for errors=== <code>fail2ban-client -d</code><br \> ===restart nginx and fail2ban so updated setting can take effect=== <code>systemctl restart fail2ban.service</code><br \> <code>systemctl restart nginx.service</code><br \> And test. ===Remove need for username and password=== Comment out (or delete) the following lines from your nginx config file:<br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Can comment out lines by placing a '#' in front.<br> <pre> #auth_basic "Hello Please Login"; #auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> nixy756owmjqo3zk363rxa65mgedfpq 278 258 2023-04-02T21:58:26Z Noob 1 /* scp */ 278 wikitext text/x-wiki ==Spin up a Server == Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $5 a month, 1 cpu, 1024MB ram, 25GB ssd, 1000GB Bandwidth.<br \> I have been given the IP:<b>192.248.155.201</b> <br \> ===DNS=== make a <b>A RECORD</b> for subdomain server IP address<br> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |xml |192.248.155.201 |auto |- |} ==Enable Basic FireWall== <code>ufw allow 22/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw enable</code><br \> ==Auto update Setup for server== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> And change the lines:<br \> <pre> // "${distro_id}:${distro_codename}-updates"; </pre> To: <pre> "${distro_id}:${distro_codename}-updates"; </pre> <br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; </pre> ==Install NGINX== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> ===LetsEncrypt=== <code>snap install certbot --classic</code><br> <code> certbot --nginx -d xml.completenoobs.com</code><br> You should now be able to view the <b>Welcome to nginx!</b> page with <b>https</b><br> ===Setup NGINX=== The nginx default site should look like this:<br> <code>cat /etc/nginx/sites-available/default</code><br> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> CertBot did the work for us :) Good Bot.<br> We just need to add one line <code>autoindex on;</code>in the <b>location { }</b> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> /etc/nginx/sites-available/default</code> After appending <code>autoindex on;</code>: <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ==Hosting XML files for easy Downloading== we are going to delete the default index page and create another.<br> <code>rm /var/www/html/index.nginx-debian.html</code><br> <code>$EDITOR /var/www/html/index.html</code><br> Insert:<br> <pre> <!DOCTYPE html> <html> <head> <title>CompleteNoobs-XML_Dumps</title> </head> <body> <h1> <a href="xmlDumps/">Click here for are latest XML Dumps</a>.</p> </h1> </body> </html> </pre> <br> Create a Directory to place are dumps<br> <code>mkdir /var/www/html/xmlDumps</code><br> This is the directory we will place are dumps for sharing and easy downloads.<br> <code>chown -R www-data:www-data /var/www/html/xmlDumps</code><br> <code>systemctl restart nginx</code><br> now create a test file with some content and test.<br> <code>$EDITOR /var/www/html/xmlDumps/test.txt</code><br> Check you can see/read on web browser.<br> This is the directory where we will send are mediawiki dumps.<br> ==Transfer Files to Sharing Directory== ===scp=== Check [[SCP_Examples|Basic_SCP_Examples]] for more examples:<br> To send direct from MediaWiki server (Example file 'xmlDump-03-03-2023')<br> Will be prompted to enter password:<br> <code>scp /path/to/xmlDump-03-03-2023 root@xml.completenoobs.com:/var/www/html/xmlDumps/</code><br> ===sshfs=== Can be useful if you are transferring a large number of files from your computer to server and want to use the GUI file explorer.<br> <br> NOTE:replace $USER with your user account (Example: mine is 'ubunix' so i will replace '$USER' with 'ubunix') <br> Install sshfs on your computer<br> <code>sudo apt install sshfs</code><br> Create a Directory you are going to mount remote server directory to:<br> <code>mkdir /home/$USER/ServerMount</code><br> <br> <code>sudo sshfs -o allow_other,default_permissions root@xml.completenoobs.com:/var/www/html/xmlDumps/ /home/$USER/ServerMount/</code><br> To umount use:<br> <code>sudo umount /home/$USER/ServerMount</code><br> ==Require Username and Password to view website/files (Optional - Placed here for educational reasons)== <code>apt install apache2-utils</code><br> In your <code>/etc/nginx/sites-available/default</code><br> Append the lines(see before and after files to see where):<br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: Before <div class="mw-collapsible-content"> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: After <div class="mw-collapsible-content"> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </div> </div> ===Create a login Username and Password to view your website=== Add user; change <b>user1</b> to username of your choice; you will be prompted for password.<br \> <code>htpasswd -c /etc/nginx/.htpasswd user1</code><br \> The <b>-c</b> flag is only needed the first time to create the file <b>/etc/nginx/.htpasswd</b><br \> Add second user; the same method is used to add has many users has you want.<br \> <code>htpasswd /etc/nginx/.htpasswd user2</code> <br \> To update or change passwd for user, repeat command with username of account you wish to change; enter new password.<br \> <code>htpasswd /etc/nginx/.htpasswd user1</code><br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> And try site. ===Fail2Ban to Block IP's Which Enter Incorrect Username and/or Password=== Install Fail2Ban:<br> <code>apt install fail2ban</code><br> <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code><br> <code>$EDITOR /etc/fail2ban/jail.local</code><br> Note: Can append to the very bottom of the page.<br> <pre> # Reject Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s [nginx-cup] #the name in brackets above is what you use for status # fail2ban-client status nginx-cup enabled = true filter = nginx-correct-up port = http,https logpath = /var/log/nginx/error.log findtime = 3m bantime = 3m maxretry = 3 #ignoreip = <your-ipaddress> #Note: Can find your ipaddress using `curl ifconfig.me` or visit `whatismyip.com` </pre> <br \> <code>$EDITOR /etc/fail2ban/filter.d/nginx-correct-up.conf</code><br \> <pre> [Definition] failregex = client:\s<HOST> ignoreregex = </pre> ===Check Fail2Ban for errors=== <code>fail2ban-client -d</code><br \> ===restart nginx and fail2ban so updated setting can take effect=== <code>systemctl restart fail2ban.service</code><br \> <code>systemctl restart nginx.service</code><br \> And test. ===Remove need for username and password=== Comment out (or delete) the following lines from your nginx config file:<br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Can comment out lines by placing a '#' in front.<br> <pre> #auth_basic "Hello Please Login"; #auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> rycilnzap4hapcm76g6e2t5zejt466p 280 278 2023-04-05T10:35:06Z Noob 1 280 wikitext text/x-wiki ==With DNS - cert by LetsEncrypt== [[Nginx_file_server#No_DNS_using_IP_and_SelfSigned_Certs|No DNS Using IP and Self Signed Certs for https]] ===Spin up a Server === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $5 a month, 1 cpu, 1024MB ram, 25GB ssd, 1000GB Bandwidth.<br \> I have been given the IP:<b>192.248.155.201</b> <br \> ===DNS=== make a <b>A RECORD</b> for subdomain server IP address<br> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |xml |192.248.155.201 |auto |- |} ===Enable Basic FireWall=== <code>ufw allow 22/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw enable</code><br \> ===Enable Auto Updates=== [[Ubuntu_unattended-upgrades#Quick_Start_-_Up_and_running_auto_updates|Setup Basic Auto Updates for your Server so you don't have to keep logging into server to update]] ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> <div class="toccolours mw-collapsible mw-collapsed"> Default NGINX Before Certbot - Placed here just for notes:<br> <code>cat /etc/nginx/sites-available/default</code> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> </div> </div> ===LetsEncrypt=== <code>snap install certbot --classic</code><br> <code> certbot --nginx -d xml.completenoobs.com</code><br> You should now be able to view the <b>Welcome to nginx!</b> page with <b>https</b><br> ===Setup NGINX=== CertBot did the work for us :) Good Bot.<br> The nginx default site should look like this:<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /etc/nginx/sites-available/default</code><br> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> We just need to add one line <code>autoindex on;</code>in the <b>location { }</b> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> /etc/nginx/sites-available/default</code> After appending <code>autoindex on;</code>: <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Same File with Comments removed for easier read: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ====More Info==== <div class="toccolours mw-collapsible mw-collapsed"> <b>autoindex on;</b> directive: <div class="mw-collapsible-content"> The <b>autoindex on;</b> directive in an Nginx configuration file enables directory listing for the specified location. In other words, if a user requests a URL that corresponds to a directory (rather than a specific file), and '''autoindex on;''' is specified for that location in the Nginx configuration file, then Nginx will generate a directory listing page that shows the contents of that directory. This can be useful for making files available for download or for providing an easy way to browse the contents of a directory. However, it can also be a security risk if sensitive files are inadvertently made available for download or if a user gains access to a directory listing page that they should not be able to access. To mitigate this risk, it's important to ensure that the '''autoindex on;''' directive is only used when necessary and is not enabled for sensitive directories or files. It's also a good idea to customize the appearance of the directory listing page to make it clear what files are available and to restrict access to the directory listing page using Nginx authentication or other security measures. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Nginx Config File: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; ######^^^ These two lines specify that the server block is listening on port 80 (the default HTTP port) for IPv4 and IPv6 connections. The default_server parameter indicates that this block will be used as the default server block for any incoming connections that do not match any other server blocks. ################################################# root /var/www/html; ######^^ This line sets the root directory for the server block. This is the directory where Nginx will look for files to serve in response to incoming requests. ########################################## # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; ##########^^ This line specifies the order in which Nginx should look for index files in the root directory when serving requests. In this case, Nginx will first look for index.html, then index.htm, and then index.nginx-debian.html. ########################################################## server_name _; #######^^ This line specifies the server name for the block. The underscore _ indicates a catch-all server name, meaning that this block will handle any requests that do not match a server name defined in another server block. ####################################################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; ###############^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. ###################################################### } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot ######^^ This block specifies the server configuration for requests that match the server name xml.completenoobs.com. The root directive specifies the root directory for this server block, and the index directive specifies the order in which Nginx should look for index files when serving requests. The server_name directive specifies the name of the server that this block handles. ###################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } ###########^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. The autoindex directive enables directory listing for this location. ############################## listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } ##################^^ These lines specify the SSL configuration for the server block, including the SSL certificates and keys, the SSL protocol settings, and the SSL Diffie-Hellman parameters. The listen directive specifies that the server block should listen for HTTPS connections on port 443, and the ssl parameter indicates that SSL/TLS should be used for these connections. The remaining lines specify the SSL certificates and keys, as well as the SSL options and Diffie-Hellman parameters managed by Certbot. ######################### server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot ########^^ This block specifies that if the incoming request matches the server name xml.completenoobs.com, Nginx should return a 301 HTTP status code (Moved Permanently) and redirect the request to HTTPS. ####################### listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } ##########^^ These lines specify the server configuration for requests that match the server name xml.completenoobs.com on port 80 (the default HTTP port). The listen directives specify that the server block should listen for HTTP connections on both IPv4 and IPv6. The server_name directive specifies the name of the server that this block handles. The return 404 directive specifies that Nginx should return a 404 HTTP status code for all requests that match this server block. Note that this server block is likely intended to be used in conjunction with another server block that handles HTTPS requests for xml.completenoobs.com, since the HTTP requests will be redirected to HTTPS by the if directive in this block. ############################ </pre> </div> </div> ==Hosting XML files for easy Downloading== we are going to delete the default index page and create another.<br> <code>rm /var/www/html/index.nginx-debian.html</code><br> <code>$EDITOR /var/www/html/index.html</code><br> Insert:<br> <pre> <!DOCTYPE html> <html> <head> <title>CompleteNoobs-XML_Dumps</title> </head> <body> <h1> <a href="xmlDumps/">Click here for are latest XML Dumps</a>.</p> </h1> </body> </html> </pre> <br> Create a Directory to place are dumps<br> <code>mkdir /var/www/html/xmlDumps</code><br> This is the directory we will place are dumps for sharing and easy downloads.<br> <code>chown -R www-data:www-data /var/www/html/xmlDumps</code><br> <code>systemctl restart nginx</code><br> now create a test file with some content and test.<br> <code>$EDITOR /var/www/html/xmlDumps/test.txt</code><br> Check you can see/read on web browser.<br> This is the directory where we will send are mediawiki dumps.<br> ==Transfer Files to Sharing Directory== ===scp=== Check [[SCP_Examples|SCP_Examples]] for more examples:<br> To send direct from MediaWiki server (Example file 'xmlDump-03-03-2023')<br> Will be prompted to enter password:<br> <code>scp /path/to/xmlDump-03-03-2023 root@xml.completenoobs.com:/var/www/html/xmlDumps/</code><br> ===sshfs=== Can be useful if you are transferring a large number of files from your computer to server and want to use the GUI file explorer.<br> <br> NOTE:replace $USER with your user account (Example: mine is 'ubunix' so i will replace '$USER' with 'ubunix') <br> Install sshfs on your computer<br> <code>sudo apt install sshfs</code><br> Create a Directory you are going to mount remote server directory to:<br> <code>mkdir /home/$USER/ServerMount</code><br> <br> <code>sudo sshfs -o allow_other,default_permissions root@xml.completenoobs.com:/var/www/html/xmlDumps/ /home/$USER/ServerMount/</code><br> To umount use:<br> <code>sudo umount /home/$USER/ServerMount</code><br> ==Require Username and Password to view website/files (Optional - Placed here for educational reasons)== <code>apt install apache2-utils</code><br> In your <code>/etc/nginx/sites-available/default</code><br> Append the lines(see before and after files to see where):<br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: Before <div class="mw-collapsible-content"> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: After <div class="mw-collapsible-content"> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </div> </div> ===Create a login Username and Password to view your website=== Add user; change <b>user1</b> to username of your choice; you will be prompted for password.<br \> <code>htpasswd -c /etc/nginx/.htpasswd user1</code><br \> The <b>-c</b> flag is only needed the first time to create the file <b>/etc/nginx/.htpasswd</b><br \> Add second user; the same method is used to add has many users has you want.<br \> <code>htpasswd /etc/nginx/.htpasswd user2</code> <br \> To update or change passwd for user, repeat command with username of account you wish to change; enter new password.<br \> <code>htpasswd /etc/nginx/.htpasswd user1</code><br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> And try site. ===Fail2Ban to Block IP's Which Enter Incorrect Username and/or Password=== Install Fail2Ban:<br> <code>apt install fail2ban</code><br> <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code><br> <code>$EDITOR /etc/fail2ban/jail.local</code><br> Note: Can append to the very bottom of the page.<br> <pre> # Reject Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s [nginx-cup] #the name in brackets above is what you use for status # fail2ban-client status nginx-cup enabled = true filter = nginx-correct-up port = http,https logpath = /var/log/nginx/error.log findtime = 3m bantime = 3m maxretry = 3 #ignoreip = <your-ipaddress> #Note: Can find your ipaddress using `curl ifconfig.me` or visit `whatismyip.com` </pre> <br \> <code>$EDITOR /etc/fail2ban/filter.d/nginx-correct-up.conf</code><br \> <pre> [Definition] failregex = client:\s<HOST> ignoreregex = </pre> ===Check Fail2Ban for errors=== <code>fail2ban-client -d</code><br \> ===restart nginx and fail2ban so updated setting can take effect=== <code>systemctl restart fail2ban.service</code><br \> <code>systemctl restart nginx.service</code><br \> And test. ===Remove need for username and password=== Comment out (or delete) the following lines from your nginx config file:<br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Can comment out lines by placing a '#' in front.<br> <pre> #auth_basic "Hello Please Login"; #auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> ==No DNS using IP and SelfSigned Certs== ===Update system=== <code>apt update && apt upgrade -y</code><br \> ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> ===Create keys for encrypted https connection=== Note: If you are just building a quick website to test this out you can use <b>Blank</b> (just press enter) for all fields and it will still work.<br \> <code>openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> quick explanation: <div class="mw-collapsible-content"> :* '''openssl''': This command invokes the OpenSSL tool, which is a software library that provides a variety of cryptographic functions and utilities. :* '''req''': This is a subcommand of OpenSSL that is used for creating and managing X.509 certificate signing requests (CSRs) and self-signed certificates. :* -'''x509''': This option specifies that the output should be a self-signed X.509 certificate rather than a CSR. :* '''-nodes''': This option specifies that the private key should not be encrypted with a password, allowing for automatic startup of services that use SSL/TLS. :* -days 365: This option specifies the number of days that the certificate will be valid for before it expires. :* '''-newkey rsa:4096''': This option generates a new RSA private key with a key length of 4096 bits, which provides a higher level of security than shorter key lengths. :* '''-keyout /etc/ssl/private/nginx-selfsigned.key''': This option specifies the path and filename of the private key file that will be generated by OpenSSL. :* '''-out /etc/ssl/certs/nginx-selfsigned.crt''': This option specifies the path and filename of the self-signed certificate file that will be generated by OpenSSL. Overall, this command generates a self-signed SSL/TLS certificate and private key that can be used to secure an Nginx web server. The certificate and key are saved to the specified locations for use in the Nginx server configuration. It's important to note that while self-signed certificates can provide some level of encryption for your web traffic, they do not provide any form of authentication or verification of identity, and should not be used in production environments where security is a top priority. </div> </div> /etc/ssl/private/nginx-selfsigned.key<br> /etc/ssl/certs/nginx-selfsigned.crt ===Create diffhelman=== <code>openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048</code><br \> You can upgrade from 2048 to 4096 but it might take a while.<br \> <code>$EDITOR /etc/nginx/snippets/ssl-params.conf</code><br> Nginx configuration directives related to SSL/TLS: <pre> ssl_protocols TLSv1.2; #This directive specifies the SSL/TLS protocols that the server will use for secure connections. In this case, only TLS version 1.2 is allowed. ssl_prefer_server_ciphers on; #This directive tells the server to prefer the ciphers specified by the server over those requested by the client. ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL !LOW !DSS !MD5 !RC4 !EXP !PSK !SRP !CAMELLIA !SEED'; #This directive specifies the SSL/TLS ciphers that the server will use for secure connections. These ciphers prioritize the use of elliptic curve cryptography (ECDHE) for key exchange and advanced encryption algorithms such as AES256 and CHACHA20-POLY1305 for encryption. ssl_ecdh_curve secp384r1; #This directive specifies the elliptic curve Diffie-Hellman (ECDH) curve that the server will use for key exchange. In this case, the secp384r1 curve is used. ssl_session_cache shared:SSL:10m; ssl_session_tickets off; #These directives configure SSL session caching, which can improve performance by allowing the server to reuse SSL session parameters for multiple connections. The ssl_session_cache directive specifies the type of session cache to use, and the ssl_session_tickets directive specifies whether session tickets should be used. # need to turn ssl_stapling off for selfsigned or will get errors in /var/log/nginx/error.log ssl_stapling off; ssl_stapling_verify off; #These directives configure OCSP stapling, which can improve security by allowing the server to provide proof of the SSL/TLS certificate's validity without requiring the client to contact the certificate authority. The ssl_stapling directive specifies whether stapling should be used, and the ssl_stapling_verify directive specifies whether the server should verify the OCSP response from the certificate authority. resolver 8.8.8.8 80.80.80.80 valid=300s; resolver_timeout 5s; #These directives configure DNS resolution for OCSP stapling. The resolver directive specifies the DNS servers to use for resolving OCSP requests, and the valid parameter specifies the duration for which DNS responses will be cached. The resolver_timeout directive specifies the timeout value for DNS resolution. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; #These directives add security-related HTTP headers to responses sent by the server. The Strict-Transport-Security header specifies that SSL/TLS should always be used for connections to the server, and the X-Frame-Options and X-Content-Type-Options headers help protect against clickjacking and MIME sniffing attacks, respectively. ssl_dhparam /etc/ssl/certs/dhparam.pem; #This directive specifies the location of the Diffie-Hellman parameters file used for SSL/TLS key exchange. The ssl_dhparam directive is used to specify the path to the file that contains the Diffie-Hellman parameters. ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; # self-signed certificate file ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; # private key file </pre> ====Nginx==== <code>$EDITOR /etc/nginx/sites-available/default</code><br \> <b>MAKE SURE TO CHANGE IP 12.34.56.78 to YOUR servers Public IP address</b><br \> <pre> server { listen 80 default_server; listen [::]:80 default_server; server_name 12.34.56.78; ## change ip to match your server ip return 302 https://$server_name$request_uri; } server { # SSL configuration # listen 443 ssl default_server; listen [::]:443 ssl default_server; include snippets/ssl-params.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } } </pre> ====Restart Nginx==== <code> systemctl restart nginx</code><br \> ====Allow Nginx pass firewall==== <code>ufw allow 80/tcp</code><br \> <code>ufw allow 443/tcp</code><br \> ====Create a Directory to share store files==== <code>mkdir /var/www/html/files</code><br \> ====Create an html file==== <code>$EDITOR /var/www/html/index.html</code><br \> <pre> <!DOCTYPE html> <html> <head> <title>Files For Download</title> </head> <body> <a href="files">Click here for are latest files</a>.</p> </body> </html> </pre> ====Transfer_Files_to_Sharing_Directory==== [[Nginx_file_server#Transfer_Files_to_Sharing_Directory|Same as with using certbot]]<br><br> [[Nginx_file_server#Require_Username_and_Password_to_view_website/files_(Optional_-_Placed_here_for_educational_reasons)|Require Username and Passwd to view files]] 3h8bxx3f2vcc24vx52y65qb4gvtdinn 281 280 2023-04-05T10:36:03Z Noob 1 /* With DNS - cert by LetsEncrypt */ 281 wikitext text/x-wiki ==With DNS - cert by LetsEncrypt== [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04#No_DNS_using_IP_and_SelfSigned_Certs|No DNS Using IP and Self Signed Certs for https]] ===Spin up a Server === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $5 a month, 1 cpu, 1024MB ram, 25GB ssd, 1000GB Bandwidth.<br \> I have been given the IP:<b>192.248.155.201</b> <br \> ===DNS=== make a <b>A RECORD</b> for subdomain server IP address<br> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |xml |192.248.155.201 |auto |- |} ===Enable Basic FireWall=== <code>ufw allow 22/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw enable</code><br \> ===Enable Auto Updates=== [[Ubuntu_unattended-upgrades#Quick_Start_-_Up_and_running_auto_updates|Setup Basic Auto Updates for your Server so you don't have to keep logging into server to update]] ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> <div class="toccolours mw-collapsible mw-collapsed"> Default NGINX Before Certbot - Placed here just for notes:<br> <code>cat /etc/nginx/sites-available/default</code> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> </div> </div> ===LetsEncrypt=== <code>snap install certbot --classic</code><br> <code> certbot --nginx -d xml.completenoobs.com</code><br> You should now be able to view the <b>Welcome to nginx!</b> page with <b>https</b><br> ===Setup NGINX=== CertBot did the work for us :) Good Bot.<br> The nginx default site should look like this:<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /etc/nginx/sites-available/default</code><br> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> We just need to add one line <code>autoindex on;</code>in the <b>location { }</b> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> /etc/nginx/sites-available/default</code> After appending <code>autoindex on;</code>: <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Same File with Comments removed for easier read: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ====More Info==== <div class="toccolours mw-collapsible mw-collapsed"> <b>autoindex on;</b> directive: <div class="mw-collapsible-content"> The <b>autoindex on;</b> directive in an Nginx configuration file enables directory listing for the specified location. In other words, if a user requests a URL that corresponds to a directory (rather than a specific file), and '''autoindex on;''' is specified for that location in the Nginx configuration file, then Nginx will generate a directory listing page that shows the contents of that directory. This can be useful for making files available for download or for providing an easy way to browse the contents of a directory. However, it can also be a security risk if sensitive files are inadvertently made available for download or if a user gains access to a directory listing page that they should not be able to access. To mitigate this risk, it's important to ensure that the '''autoindex on;''' directive is only used when necessary and is not enabled for sensitive directories or files. It's also a good idea to customize the appearance of the directory listing page to make it clear what files are available and to restrict access to the directory listing page using Nginx authentication or other security measures. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Nginx Config File: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; ######^^^ These two lines specify that the server block is listening on port 80 (the default HTTP port) for IPv4 and IPv6 connections. The default_server parameter indicates that this block will be used as the default server block for any incoming connections that do not match any other server blocks. ################################################# root /var/www/html; ######^^ This line sets the root directory for the server block. This is the directory where Nginx will look for files to serve in response to incoming requests. ########################################## # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; ##########^^ This line specifies the order in which Nginx should look for index files in the root directory when serving requests. In this case, Nginx will first look for index.html, then index.htm, and then index.nginx-debian.html. ########################################################## server_name _; #######^^ This line specifies the server name for the block. The underscore _ indicates a catch-all server name, meaning that this block will handle any requests that do not match a server name defined in another server block. ####################################################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; ###############^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. ###################################################### } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot ######^^ This block specifies the server configuration for requests that match the server name xml.completenoobs.com. The root directive specifies the root directory for this server block, and the index directive specifies the order in which Nginx should look for index files when serving requests. The server_name directive specifies the name of the server that this block handles. ###################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } ###########^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. The autoindex directive enables directory listing for this location. ############################## listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } ##################^^ These lines specify the SSL configuration for the server block, including the SSL certificates and keys, the SSL protocol settings, and the SSL Diffie-Hellman parameters. The listen directive specifies that the server block should listen for HTTPS connections on port 443, and the ssl parameter indicates that SSL/TLS should be used for these connections. The remaining lines specify the SSL certificates and keys, as well as the SSL options and Diffie-Hellman parameters managed by Certbot. ######################### server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot ########^^ This block specifies that if the incoming request matches the server name xml.completenoobs.com, Nginx should return a 301 HTTP status code (Moved Permanently) and redirect the request to HTTPS. ####################### listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } ##########^^ These lines specify the server configuration for requests that match the server name xml.completenoobs.com on port 80 (the default HTTP port). The listen directives specify that the server block should listen for HTTP connections on both IPv4 and IPv6. The server_name directive specifies the name of the server that this block handles. The return 404 directive specifies that Nginx should return a 404 HTTP status code for all requests that match this server block. Note that this server block is likely intended to be used in conjunction with another server block that handles HTTPS requests for xml.completenoobs.com, since the HTTP requests will be redirected to HTTPS by the if directive in this block. ############################ </pre> </div> </div> ==Hosting XML files for easy Downloading== we are going to delete the default index page and create another.<br> <code>rm /var/www/html/index.nginx-debian.html</code><br> <code>$EDITOR /var/www/html/index.html</code><br> Insert:<br> <pre> <!DOCTYPE html> <html> <head> <title>CompleteNoobs-XML_Dumps</title> </head> <body> <h1> <a href="xmlDumps/">Click here for are latest XML Dumps</a>.</p> </h1> </body> </html> </pre> <br> Create a Directory to place are dumps<br> <code>mkdir /var/www/html/xmlDumps</code><br> This is the directory we will place are dumps for sharing and easy downloads.<br> <code>chown -R www-data:www-data /var/www/html/xmlDumps</code><br> <code>systemctl restart nginx</code><br> now create a test file with some content and test.<br> <code>$EDITOR /var/www/html/xmlDumps/test.txt</code><br> Check you can see/read on web browser.<br> This is the directory where we will send are mediawiki dumps.<br> ==Transfer Files to Sharing Directory== ===scp=== Check [[SCP_Examples|SCP_Examples]] for more examples:<br> To send direct from MediaWiki server (Example file 'xmlDump-03-03-2023')<br> Will be prompted to enter password:<br> <code>scp /path/to/xmlDump-03-03-2023 root@xml.completenoobs.com:/var/www/html/xmlDumps/</code><br> ===sshfs=== Can be useful if you are transferring a large number of files from your computer to server and want to use the GUI file explorer.<br> <br> NOTE:replace $USER with your user account (Example: mine is 'ubunix' so i will replace '$USER' with 'ubunix') <br> Install sshfs on your computer<br> <code>sudo apt install sshfs</code><br> Create a Directory you are going to mount remote server directory to:<br> <code>mkdir /home/$USER/ServerMount</code><br> <br> <code>sudo sshfs -o allow_other,default_permissions root@xml.completenoobs.com:/var/www/html/xmlDumps/ /home/$USER/ServerMount/</code><br> To umount use:<br> <code>sudo umount /home/$USER/ServerMount</code><br> ==Require Username and Password to view website/files (Optional - Placed here for educational reasons)== <code>apt install apache2-utils</code><br> In your <code>/etc/nginx/sites-available/default</code><br> Append the lines(see before and after files to see where):<br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: Before <div class="mw-collapsible-content"> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: After <div class="mw-collapsible-content"> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </div> </div> ===Create a login Username and Password to view your website=== Add user; change <b>user1</b> to username of your choice; you will be prompted for password.<br \> <code>htpasswd -c /etc/nginx/.htpasswd user1</code><br \> The <b>-c</b> flag is only needed the first time to create the file <b>/etc/nginx/.htpasswd</b><br \> Add second user; the same method is used to add has many users has you want.<br \> <code>htpasswd /etc/nginx/.htpasswd user2</code> <br \> To update or change passwd for user, repeat command with username of account you wish to change; enter new password.<br \> <code>htpasswd /etc/nginx/.htpasswd user1</code><br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> And try site. ===Fail2Ban to Block IP's Which Enter Incorrect Username and/or Password=== Install Fail2Ban:<br> <code>apt install fail2ban</code><br> <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code><br> <code>$EDITOR /etc/fail2ban/jail.local</code><br> Note: Can append to the very bottom of the page.<br> <pre> # Reject Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s [nginx-cup] #the name in brackets above is what you use for status # fail2ban-client status nginx-cup enabled = true filter = nginx-correct-up port = http,https logpath = /var/log/nginx/error.log findtime = 3m bantime = 3m maxretry = 3 #ignoreip = <your-ipaddress> #Note: Can find your ipaddress using `curl ifconfig.me` or visit `whatismyip.com` </pre> <br \> <code>$EDITOR /etc/fail2ban/filter.d/nginx-correct-up.conf</code><br \> <pre> [Definition] failregex = client:\s<HOST> ignoreregex = </pre> ===Check Fail2Ban for errors=== <code>fail2ban-client -d</code><br \> ===restart nginx and fail2ban so updated setting can take effect=== <code>systemctl restart fail2ban.service</code><br \> <code>systemctl restart nginx.service</code><br \> And test. ===Remove need for username and password=== Comment out (or delete) the following lines from your nginx config file:<br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Can comment out lines by placing a '#' in front.<br> <pre> #auth_basic "Hello Please Login"; #auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> ==No DNS using IP and SelfSigned Certs== ===Update system=== <code>apt update && apt upgrade -y</code><br \> ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> ===Create keys for encrypted https connection=== Note: If you are just building a quick website to test this out you can use <b>Blank</b> (just press enter) for all fields and it will still work.<br \> <code>openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> quick explanation: <div class="mw-collapsible-content"> :* '''openssl''': This command invokes the OpenSSL tool, which is a software library that provides a variety of cryptographic functions and utilities. :* '''req''': This is a subcommand of OpenSSL that is used for creating and managing X.509 certificate signing requests (CSRs) and self-signed certificates. :* -'''x509''': This option specifies that the output should be a self-signed X.509 certificate rather than a CSR. :* '''-nodes''': This option specifies that the private key should not be encrypted with a password, allowing for automatic startup of services that use SSL/TLS. :* -days 365: This option specifies the number of days that the certificate will be valid for before it expires. :* '''-newkey rsa:4096''': This option generates a new RSA private key with a key length of 4096 bits, which provides a higher level of security than shorter key lengths. :* '''-keyout /etc/ssl/private/nginx-selfsigned.key''': This option specifies the path and filename of the private key file that will be generated by OpenSSL. :* '''-out /etc/ssl/certs/nginx-selfsigned.crt''': This option specifies the path and filename of the self-signed certificate file that will be generated by OpenSSL. Overall, this command generates a self-signed SSL/TLS certificate and private key that can be used to secure an Nginx web server. The certificate and key are saved to the specified locations for use in the Nginx server configuration. It's important to note that while self-signed certificates can provide some level of encryption for your web traffic, they do not provide any form of authentication or verification of identity, and should not be used in production environments where security is a top priority. </div> </div> /etc/ssl/private/nginx-selfsigned.key<br> /etc/ssl/certs/nginx-selfsigned.crt ===Create diffhelman=== <code>openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048</code><br \> You can upgrade from 2048 to 4096 but it might take a while.<br \> <code>$EDITOR /etc/nginx/snippets/ssl-params.conf</code><br> Nginx configuration directives related to SSL/TLS: <pre> ssl_protocols TLSv1.2; #This directive specifies the SSL/TLS protocols that the server will use for secure connections. In this case, only TLS version 1.2 is allowed. ssl_prefer_server_ciphers on; #This directive tells the server to prefer the ciphers specified by the server over those requested by the client. ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL !LOW !DSS !MD5 !RC4 !EXP !PSK !SRP !CAMELLIA !SEED'; #This directive specifies the SSL/TLS ciphers that the server will use for secure connections. These ciphers prioritize the use of elliptic curve cryptography (ECDHE) for key exchange and advanced encryption algorithms such as AES256 and CHACHA20-POLY1305 for encryption. ssl_ecdh_curve secp384r1; #This directive specifies the elliptic curve Diffie-Hellman (ECDH) curve that the server will use for key exchange. In this case, the secp384r1 curve is used. ssl_session_cache shared:SSL:10m; ssl_session_tickets off; #These directives configure SSL session caching, which can improve performance by allowing the server to reuse SSL session parameters for multiple connections. The ssl_session_cache directive specifies the type of session cache to use, and the ssl_session_tickets directive specifies whether session tickets should be used. # need to turn ssl_stapling off for selfsigned or will get errors in /var/log/nginx/error.log ssl_stapling off; ssl_stapling_verify off; #These directives configure OCSP stapling, which can improve security by allowing the server to provide proof of the SSL/TLS certificate's validity without requiring the client to contact the certificate authority. The ssl_stapling directive specifies whether stapling should be used, and the ssl_stapling_verify directive specifies whether the server should verify the OCSP response from the certificate authority. resolver 8.8.8.8 80.80.80.80 valid=300s; resolver_timeout 5s; #These directives configure DNS resolution for OCSP stapling. The resolver directive specifies the DNS servers to use for resolving OCSP requests, and the valid parameter specifies the duration for which DNS responses will be cached. The resolver_timeout directive specifies the timeout value for DNS resolution. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; #These directives add security-related HTTP headers to responses sent by the server. The Strict-Transport-Security header specifies that SSL/TLS should always be used for connections to the server, and the X-Frame-Options and X-Content-Type-Options headers help protect against clickjacking and MIME sniffing attacks, respectively. ssl_dhparam /etc/ssl/certs/dhparam.pem; #This directive specifies the location of the Diffie-Hellman parameters file used for SSL/TLS key exchange. The ssl_dhparam directive is used to specify the path to the file that contains the Diffie-Hellman parameters. ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; # self-signed certificate file ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; # private key file </pre> ====Nginx==== <code>$EDITOR /etc/nginx/sites-available/default</code><br \> <b>MAKE SURE TO CHANGE IP 12.34.56.78 to YOUR servers Public IP address</b><br \> <pre> server { listen 80 default_server; listen [::]:80 default_server; server_name 12.34.56.78; ## change ip to match your server ip return 302 https://$server_name$request_uri; } server { # SSL configuration # listen 443 ssl default_server; listen [::]:443 ssl default_server; include snippets/ssl-params.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } } </pre> ====Restart Nginx==== <code> systemctl restart nginx</code><br \> ====Allow Nginx pass firewall==== <code>ufw allow 80/tcp</code><br \> <code>ufw allow 443/tcp</code><br \> ====Create a Directory to share store files==== <code>mkdir /var/www/html/files</code><br \> ====Create an html file==== <code>$EDITOR /var/www/html/index.html</code><br \> <pre> <!DOCTYPE html> <html> <head> <title>Files For Download</title> </head> <body> <a href="files">Click here for are latest files</a>.</p> </body> </html> </pre> ====Transfer_Files_to_Sharing_Directory==== [[Nginx_file_server#Transfer_Files_to_Sharing_Directory|Same as with using certbot]]<br><br> [[Nginx_file_server#Require_Username_and_Password_to_view_website/files_(Optional_-_Placed_here_for_educational_reasons)|Require Username and Passwd to view files]] a8zs4cjqbwzwjig9z2nb2xn678rnfdj 282 281 2023-04-05T11:22:41Z Noob 1 /* Require Username and Password to view website/files (Optional - Placed here for educational reasons) */ 282 wikitext text/x-wiki ==With DNS - cert by LetsEncrypt== [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04#No_DNS_using_IP_and_SelfSigned_Certs|No DNS Using IP and Self Signed Certs for https]] ===Spin up a Server === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $5 a month, 1 cpu, 1024MB ram, 25GB ssd, 1000GB Bandwidth.<br \> I have been given the IP:<b>192.248.155.201</b> <br \> ===DNS=== make a <b>A RECORD</b> for subdomain server IP address<br> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |xml |192.248.155.201 |auto |- |} ===Enable Basic FireWall=== <code>ufw allow 22/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw enable</code><br \> ===Enable Auto Updates=== [[Ubuntu_unattended-upgrades#Quick_Start_-_Up_and_running_auto_updates|Setup Basic Auto Updates for your Server so you don't have to keep logging into server to update]] ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> <div class="toccolours mw-collapsible mw-collapsed"> Default NGINX Before Certbot - Placed here just for notes:<br> <code>cat /etc/nginx/sites-available/default</code> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> </div> </div> ===LetsEncrypt=== <code>snap install certbot --classic</code><br> <code> certbot --nginx -d xml.completenoobs.com</code><br> You should now be able to view the <b>Welcome to nginx!</b> page with <b>https</b><br> ===Setup NGINX=== CertBot did the work for us :) Good Bot.<br> The nginx default site should look like this:<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /etc/nginx/sites-available/default</code><br> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> We just need to add one line <code>autoindex on;</code>in the <b>location { }</b> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> /etc/nginx/sites-available/default</code> After appending <code>autoindex on;</code>: <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Same File with Comments removed for easier read: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ====More Info==== <div class="toccolours mw-collapsible mw-collapsed"> <b>autoindex on;</b> directive: <div class="mw-collapsible-content"> The <b>autoindex on;</b> directive in an Nginx configuration file enables directory listing for the specified location. In other words, if a user requests a URL that corresponds to a directory (rather than a specific file), and '''autoindex on;''' is specified for that location in the Nginx configuration file, then Nginx will generate a directory listing page that shows the contents of that directory. This can be useful for making files available for download or for providing an easy way to browse the contents of a directory. However, it can also be a security risk if sensitive files are inadvertently made available for download or if a user gains access to a directory listing page that they should not be able to access. To mitigate this risk, it's important to ensure that the '''autoindex on;''' directive is only used when necessary and is not enabled for sensitive directories or files. It's also a good idea to customize the appearance of the directory listing page to make it clear what files are available and to restrict access to the directory listing page using Nginx authentication or other security measures. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Nginx Config File: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; ######^^^ These two lines specify that the server block is listening on port 80 (the default HTTP port) for IPv4 and IPv6 connections. The default_server parameter indicates that this block will be used as the default server block for any incoming connections that do not match any other server blocks. ################################################# root /var/www/html; ######^^ This line sets the root directory for the server block. This is the directory where Nginx will look for files to serve in response to incoming requests. ########################################## # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; ##########^^ This line specifies the order in which Nginx should look for index files in the root directory when serving requests. In this case, Nginx will first look for index.html, then index.htm, and then index.nginx-debian.html. ########################################################## server_name _; #######^^ This line specifies the server name for the block. The underscore _ indicates a catch-all server name, meaning that this block will handle any requests that do not match a server name defined in another server block. ####################################################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; ###############^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. ###################################################### } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot ######^^ This block specifies the server configuration for requests that match the server name xml.completenoobs.com. The root directive specifies the root directory for this server block, and the index directive specifies the order in which Nginx should look for index files when serving requests. The server_name directive specifies the name of the server that this block handles. ###################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } ###########^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. The autoindex directive enables directory listing for this location. ############################## listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } ##################^^ These lines specify the SSL configuration for the server block, including the SSL certificates and keys, the SSL protocol settings, and the SSL Diffie-Hellman parameters. The listen directive specifies that the server block should listen for HTTPS connections on port 443, and the ssl parameter indicates that SSL/TLS should be used for these connections. The remaining lines specify the SSL certificates and keys, as well as the SSL options and Diffie-Hellman parameters managed by Certbot. ######################### server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot ########^^ This block specifies that if the incoming request matches the server name xml.completenoobs.com, Nginx should return a 301 HTTP status code (Moved Permanently) and redirect the request to HTTPS. ####################### listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } ##########^^ These lines specify the server configuration for requests that match the server name xml.completenoobs.com on port 80 (the default HTTP port). The listen directives specify that the server block should listen for HTTP connections on both IPv4 and IPv6. The server_name directive specifies the name of the server that this block handles. The return 404 directive specifies that Nginx should return a 404 HTTP status code for all requests that match this server block. Note that this server block is likely intended to be used in conjunction with another server block that handles HTTPS requests for xml.completenoobs.com, since the HTTP requests will be redirected to HTTPS by the if directive in this block. ############################ </pre> </div> </div> ==Hosting XML files for easy Downloading== we are going to delete the default index page and create another.<br> <code>rm /var/www/html/index.nginx-debian.html</code><br> <code>$EDITOR /var/www/html/index.html</code><br> Insert:<br> <pre> <!DOCTYPE html> <html> <head> <title>CompleteNoobs-XML_Dumps</title> </head> <body> <h1> <a href="xmlDumps/">Click here for are latest XML Dumps</a>.</p> </h1> </body> </html> </pre> <br> Create a Directory to place are dumps<br> <code>mkdir /var/www/html/xmlDumps</code><br> This is the directory we will place are dumps for sharing and easy downloads.<br> <code>chown -R www-data:www-data /var/www/html/xmlDumps</code><br> <code>systemctl restart nginx</code><br> now create a test file with some content and test.<br> <code>$EDITOR /var/www/html/xmlDumps/test.txt</code><br> Check you can see/read on web browser.<br> This is the directory where we will send are mediawiki dumps.<br> ==Transfer Files to Sharing Directory== ===scp=== Check [[SCP_Examples|SCP_Examples]] for more examples:<br> To send direct from MediaWiki server (Example file 'xmlDump-03-03-2023')<br> Will be prompted to enter password:<br> <code>scp /path/to/xmlDump-03-03-2023 root@xml.completenoobs.com:/var/www/html/xmlDumps/</code><br> ===sshfs=== Can be useful if you are transferring a large number of files from your computer to server and want to use the GUI file explorer.<br> <br> NOTE:replace $USER with your user account (Example: mine is 'ubunix' so i will replace '$USER' with 'ubunix') <br> Install sshfs on your computer<br> <code>sudo apt install sshfs</code><br> Create a Directory you are going to mount remote server directory to:<br> <code>mkdir /home/$USER/ServerMount</code><br> <br> <code>sudo sshfs -o allow_other,default_permissions root@xml.completenoobs.com:/var/www/html/xmlDumps/ /home/$USER/ServerMount/</code><br> To umount use:<br> <code>sudo umount /home/$USER/ServerMount</code><br> ==Require Username and Password to view website/files (Optional - Placed here for educational reasons)== <code>apt install apache2-utils</code><br> In your <code>/etc/nginx/sites-available/default</code><br> Append the lines(see before and after files to see where):<br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: Before <div class="mw-collapsible-content"> <pre> server { listen 80 default_server; listen [::]:80 default_server; server_name 144.202.6.108; return 302 https://$server_name$request_uri; } server { # SSL configuration # listen 443 ssl default_server; listen [::]:443 ssl default_server; include snippets/ssl-params.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: After <div class="mw-collapsible-content"> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </div> </div> ===Create a login Username and Password to view your website=== Add user; change <b>user1</b> to username of your choice; you will be prompted for password.<br \> <code>htpasswd -c /etc/nginx/.htpasswd user1</code><br \> The <b>-c</b> flag is only needed the first time to create the file <b>/etc/nginx/.htpasswd</b><br \> Add second user; the same method is used to add has many users has you want.<br \> <code>htpasswd /etc/nginx/.htpasswd user2</code> <br \> To update or change passwd for user, repeat command with username of account you wish to change; enter new password.<br \> <code>htpasswd /etc/nginx/.htpasswd user1</code><br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> And try site. ===Fail2Ban to Block IP's Which Enter Incorrect Username and/or Password=== Install Fail2Ban:<br> <code>apt install fail2ban</code><br> <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code><br> <code>$EDITOR /etc/fail2ban/jail.local</code><br> Note: Can append to the very bottom of the page.<br> <pre> # Reject Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s [nginx-cup] #the name in brackets above is what you use for status # fail2ban-client status nginx-cup enabled = true filter = nginx-correct-up port = http,https logpath = /var/log/nginx/error.log findtime = 3m bantime = 3m maxretry = 3 #ignoreip = <your-ipaddress> #Note: Can find your ipaddress using `curl ifconfig.me` or visit `whatismyip.com` </pre> <br \> <code>$EDITOR /etc/fail2ban/filter.d/nginx-correct-up.conf</code><br \> <pre> [Definition] failregex = client:\s<HOST> ignoreregex = </pre> ===Check Fail2Ban for errors=== <code>fail2ban-client -d</code><br \> ===restart nginx and fail2ban so updated setting can take effect=== <code>systemctl restart fail2ban.service</code><br \> <code>systemctl restart nginx.service</code><br \> And test. ===Remove need for username and password=== Comment out (or delete) the following lines from your nginx config file:<br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Can comment out lines by placing a '#' in front.<br> <pre> #auth_basic "Hello Please Login"; #auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> ==No DNS using IP and SelfSigned Certs== ===Update system=== <code>apt update && apt upgrade -y</code><br \> ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> ===Create keys for encrypted https connection=== Note: If you are just building a quick website to test this out you can use <b>Blank</b> (just press enter) for all fields and it will still work.<br \> <code>openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> quick explanation: <div class="mw-collapsible-content"> :* '''openssl''': This command invokes the OpenSSL tool, which is a software library that provides a variety of cryptographic functions and utilities. :* '''req''': This is a subcommand of OpenSSL that is used for creating and managing X.509 certificate signing requests (CSRs) and self-signed certificates. :* -'''x509''': This option specifies that the output should be a self-signed X.509 certificate rather than a CSR. :* '''-nodes''': This option specifies that the private key should not be encrypted with a password, allowing for automatic startup of services that use SSL/TLS. :* -days 365: This option specifies the number of days that the certificate will be valid for before it expires. :* '''-newkey rsa:4096''': This option generates a new RSA private key with a key length of 4096 bits, which provides a higher level of security than shorter key lengths. :* '''-keyout /etc/ssl/private/nginx-selfsigned.key''': This option specifies the path and filename of the private key file that will be generated by OpenSSL. :* '''-out /etc/ssl/certs/nginx-selfsigned.crt''': This option specifies the path and filename of the self-signed certificate file that will be generated by OpenSSL. Overall, this command generates a self-signed SSL/TLS certificate and private key that can be used to secure an Nginx web server. The certificate and key are saved to the specified locations for use in the Nginx server configuration. It's important to note that while self-signed certificates can provide some level of encryption for your web traffic, they do not provide any form of authentication or verification of identity, and should not be used in production environments where security is a top priority. </div> </div> /etc/ssl/private/nginx-selfsigned.key<br> /etc/ssl/certs/nginx-selfsigned.crt ===Create diffhelman=== <code>openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048</code><br \> You can upgrade from 2048 to 4096 but it might take a while.<br \> <code>$EDITOR /etc/nginx/snippets/ssl-params.conf</code><br> Nginx configuration directives related to SSL/TLS: <pre> ssl_protocols TLSv1.2; #This directive specifies the SSL/TLS protocols that the server will use for secure connections. In this case, only TLS version 1.2 is allowed. ssl_prefer_server_ciphers on; #This directive tells the server to prefer the ciphers specified by the server over those requested by the client. ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL !LOW !DSS !MD5 !RC4 !EXP !PSK !SRP !CAMELLIA !SEED'; #This directive specifies the SSL/TLS ciphers that the server will use for secure connections. These ciphers prioritize the use of elliptic curve cryptography (ECDHE) for key exchange and advanced encryption algorithms such as AES256 and CHACHA20-POLY1305 for encryption. ssl_ecdh_curve secp384r1; #This directive specifies the elliptic curve Diffie-Hellman (ECDH) curve that the server will use for key exchange. In this case, the secp384r1 curve is used. ssl_session_cache shared:SSL:10m; ssl_session_tickets off; #These directives configure SSL session caching, which can improve performance by allowing the server to reuse SSL session parameters for multiple connections. The ssl_session_cache directive specifies the type of session cache to use, and the ssl_session_tickets directive specifies whether session tickets should be used. # need to turn ssl_stapling off for selfsigned or will get errors in /var/log/nginx/error.log ssl_stapling off; ssl_stapling_verify off; #These directives configure OCSP stapling, which can improve security by allowing the server to provide proof of the SSL/TLS certificate's validity without requiring the client to contact the certificate authority. The ssl_stapling directive specifies whether stapling should be used, and the ssl_stapling_verify directive specifies whether the server should verify the OCSP response from the certificate authority. resolver 8.8.8.8 80.80.80.80 valid=300s; resolver_timeout 5s; #These directives configure DNS resolution for OCSP stapling. The resolver directive specifies the DNS servers to use for resolving OCSP requests, and the valid parameter specifies the duration for which DNS responses will be cached. The resolver_timeout directive specifies the timeout value for DNS resolution. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; #These directives add security-related HTTP headers to responses sent by the server. The Strict-Transport-Security header specifies that SSL/TLS should always be used for connections to the server, and the X-Frame-Options and X-Content-Type-Options headers help protect against clickjacking and MIME sniffing attacks, respectively. ssl_dhparam /etc/ssl/certs/dhparam.pem; #This directive specifies the location of the Diffie-Hellman parameters file used for SSL/TLS key exchange. The ssl_dhparam directive is used to specify the path to the file that contains the Diffie-Hellman parameters. ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; # self-signed certificate file ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; # private key file </pre> ====Nginx==== <code>$EDITOR /etc/nginx/sites-available/default</code><br \> <b>MAKE SURE TO CHANGE IP 12.34.56.78 to YOUR servers Public IP address</b><br \> <pre> server { listen 80 default_server; listen [::]:80 default_server; server_name 12.34.56.78; ## change ip to match your server ip return 302 https://$server_name$request_uri; } server { # SSL configuration # listen 443 ssl default_server; listen [::]:443 ssl default_server; include snippets/ssl-params.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } } </pre> ====Restart Nginx==== <code> systemctl restart nginx</code><br \> ====Allow Nginx pass firewall==== <code>ufw allow 80/tcp</code><br \> <code>ufw allow 443/tcp</code><br \> ====Create a Directory to share store files==== <code>mkdir /var/www/html/files</code><br \> ====Create an html file==== <code>$EDITOR /var/www/html/index.html</code><br \> <pre> <!DOCTYPE html> <html> <head> <title>Files For Download</title> </head> <body> <a href="files">Click here for are latest files</a>.</p> </body> </html> </pre> ====Transfer_Files_to_Sharing_Directory==== [[Nginx_file_server#Transfer_Files_to_Sharing_Directory|Same as with using certbot]]<br><br> [[Nginx_file_server#Require_Username_and_Password_to_view_website/files_(Optional_-_Placed_here_for_educational_reasons)|Require Username and Passwd to view files]] rp2n1xvbq7mgykq26fqr31olma5m6d6 283 282 2023-04-05T11:26:36Z Noob 1 Undo revision 282 by [[Special:Contributions/Noob|Noob]] ([[User talk:Noob|talk]]) 283 wikitext text/x-wiki ==With DNS - cert by LetsEncrypt== [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04#No_DNS_using_IP_and_SelfSigned_Certs|No DNS Using IP and Self Signed Certs for https]] ===Spin up a Server === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $5 a month, 1 cpu, 1024MB ram, 25GB ssd, 1000GB Bandwidth.<br \> I have been given the IP:<b>192.248.155.201</b> <br \> ===DNS=== make a <b>A RECORD</b> for subdomain server IP address<br> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |xml |192.248.155.201 |auto |- |} ===Enable Basic FireWall=== <code>ufw allow 22/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw enable</code><br \> ===Enable Auto Updates=== [[Ubuntu_unattended-upgrades#Quick_Start_-_Up_and_running_auto_updates|Setup Basic Auto Updates for your Server so you don't have to keep logging into server to update]] ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> <div class="toccolours mw-collapsible mw-collapsed"> Default NGINX Before Certbot - Placed here just for notes:<br> <code>cat /etc/nginx/sites-available/default</code> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> </div> </div> ===LetsEncrypt=== <code>snap install certbot --classic</code><br> <code> certbot --nginx -d xml.completenoobs.com</code><br> You should now be able to view the <b>Welcome to nginx!</b> page with <b>https</b><br> ===Setup NGINX=== CertBot did the work for us :) Good Bot.<br> The nginx default site should look like this:<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /etc/nginx/sites-available/default</code><br> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> We just need to add one line <code>autoindex on;</code>in the <b>location { }</b> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> /etc/nginx/sites-available/default</code> After appending <code>autoindex on;</code>: <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Same File with Comments removed for easier read: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ====More Info==== <div class="toccolours mw-collapsible mw-collapsed"> <b>autoindex on;</b> directive: <div class="mw-collapsible-content"> The <b>autoindex on;</b> directive in an Nginx configuration file enables directory listing for the specified location. In other words, if a user requests a URL that corresponds to a directory (rather than a specific file), and '''autoindex on;''' is specified for that location in the Nginx configuration file, then Nginx will generate a directory listing page that shows the contents of that directory. This can be useful for making files available for download or for providing an easy way to browse the contents of a directory. However, it can also be a security risk if sensitive files are inadvertently made available for download or if a user gains access to a directory listing page that they should not be able to access. To mitigate this risk, it's important to ensure that the '''autoindex on;''' directive is only used when necessary and is not enabled for sensitive directories or files. It's also a good idea to customize the appearance of the directory listing page to make it clear what files are available and to restrict access to the directory listing page using Nginx authentication or other security measures. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Nginx Config File: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; ######^^^ These two lines specify that the server block is listening on port 80 (the default HTTP port) for IPv4 and IPv6 connections. The default_server parameter indicates that this block will be used as the default server block for any incoming connections that do not match any other server blocks. ################################################# root /var/www/html; ######^^ This line sets the root directory for the server block. This is the directory where Nginx will look for files to serve in response to incoming requests. ########################################## # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; ##########^^ This line specifies the order in which Nginx should look for index files in the root directory when serving requests. In this case, Nginx will first look for index.html, then index.htm, and then index.nginx-debian.html. ########################################################## server_name _; #######^^ This line specifies the server name for the block. The underscore _ indicates a catch-all server name, meaning that this block will handle any requests that do not match a server name defined in another server block. ####################################################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; ###############^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. ###################################################### } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot ######^^ This block specifies the server configuration for requests that match the server name xml.completenoobs.com. The root directive specifies the root directory for this server block, and the index directive specifies the order in which Nginx should look for index files when serving requests. The server_name directive specifies the name of the server that this block handles. ###################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } ###########^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. The autoindex directive enables directory listing for this location. ############################## listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } ##################^^ These lines specify the SSL configuration for the server block, including the SSL certificates and keys, the SSL protocol settings, and the SSL Diffie-Hellman parameters. The listen directive specifies that the server block should listen for HTTPS connections on port 443, and the ssl parameter indicates that SSL/TLS should be used for these connections. The remaining lines specify the SSL certificates and keys, as well as the SSL options and Diffie-Hellman parameters managed by Certbot. ######################### server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot ########^^ This block specifies that if the incoming request matches the server name xml.completenoobs.com, Nginx should return a 301 HTTP status code (Moved Permanently) and redirect the request to HTTPS. ####################### listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } ##########^^ These lines specify the server configuration for requests that match the server name xml.completenoobs.com on port 80 (the default HTTP port). The listen directives specify that the server block should listen for HTTP connections on both IPv4 and IPv6. The server_name directive specifies the name of the server that this block handles. The return 404 directive specifies that Nginx should return a 404 HTTP status code for all requests that match this server block. Note that this server block is likely intended to be used in conjunction with another server block that handles HTTPS requests for xml.completenoobs.com, since the HTTP requests will be redirected to HTTPS by the if directive in this block. ############################ </pre> </div> </div> ==Hosting XML files for easy Downloading== we are going to delete the default index page and create another.<br> <code>rm /var/www/html/index.nginx-debian.html</code><br> <code>$EDITOR /var/www/html/index.html</code><br> Insert:<br> <pre> <!DOCTYPE html> <html> <head> <title>CompleteNoobs-XML_Dumps</title> </head> <body> <h1> <a href="xmlDumps/">Click here for are latest XML Dumps</a>.</p> </h1> </body> </html> </pre> <br> Create a Directory to place are dumps<br> <code>mkdir /var/www/html/xmlDumps</code><br> This is the directory we will place are dumps for sharing and easy downloads.<br> <code>chown -R www-data:www-data /var/www/html/xmlDumps</code><br> <code>systemctl restart nginx</code><br> now create a test file with some content and test.<br> <code>$EDITOR /var/www/html/xmlDumps/test.txt</code><br> Check you can see/read on web browser.<br> This is the directory where we will send are mediawiki dumps.<br> ==Transfer Files to Sharing Directory== ===scp=== Check [[SCP_Examples|SCP_Examples]] for more examples:<br> To send direct from MediaWiki server (Example file 'xmlDump-03-03-2023')<br> Will be prompted to enter password:<br> <code>scp /path/to/xmlDump-03-03-2023 root@xml.completenoobs.com:/var/www/html/xmlDumps/</code><br> ===sshfs=== Can be useful if you are transferring a large number of files from your computer to server and want to use the GUI file explorer.<br> <br> NOTE:replace $USER with your user account (Example: mine is 'ubunix' so i will replace '$USER' with 'ubunix') <br> Install sshfs on your computer<br> <code>sudo apt install sshfs</code><br> Create a Directory you are going to mount remote server directory to:<br> <code>mkdir /home/$USER/ServerMount</code><br> <br> <code>sudo sshfs -o allow_other,default_permissions root@xml.completenoobs.com:/var/www/html/xmlDumps/ /home/$USER/ServerMount/</code><br> To umount use:<br> <code>sudo umount /home/$USER/ServerMount</code><br> ==Require Username and Password to view website/files (Optional - Placed here for educational reasons)== <code>apt install apache2-utils</code><br> In your <code>/etc/nginx/sites-available/default</code><br> Append the lines(see before and after files to see where):<br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: Before <div class="mw-collapsible-content"> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: After <div class="mw-collapsible-content"> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </div> </div> ===Create a login Username and Password to view your website=== Add user; change <b>user1</b> to username of your choice; you will be prompted for password.<br \> <code>htpasswd -c /etc/nginx/.htpasswd user1</code><br \> The <b>-c</b> flag is only needed the first time to create the file <b>/etc/nginx/.htpasswd</b><br \> Add second user; the same method is used to add has many users has you want.<br \> <code>htpasswd /etc/nginx/.htpasswd user2</code> <br \> To update or change passwd for user, repeat command with username of account you wish to change; enter new password.<br \> <code>htpasswd /etc/nginx/.htpasswd user1</code><br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> And try site. ===Fail2Ban to Block IP's Which Enter Incorrect Username and/or Password=== Install Fail2Ban:<br> <code>apt install fail2ban</code><br> <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code><br> <code>$EDITOR /etc/fail2ban/jail.local</code><br> Note: Can append to the very bottom of the page.<br> <pre> # Reject Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s [nginx-cup] #the name in brackets above is what you use for status # fail2ban-client status nginx-cup enabled = true filter = nginx-correct-up port = http,https logpath = /var/log/nginx/error.log findtime = 3m bantime = 3m maxretry = 3 #ignoreip = <your-ipaddress> #Note: Can find your ipaddress using `curl ifconfig.me` or visit `whatismyip.com` </pre> <br \> <code>$EDITOR /etc/fail2ban/filter.d/nginx-correct-up.conf</code><br \> <pre> [Definition] failregex = client:\s<HOST> ignoreregex = </pre> ===Check Fail2Ban for errors=== <code>fail2ban-client -d</code><br \> ===restart nginx and fail2ban so updated setting can take effect=== <code>systemctl restart fail2ban.service</code><br \> <code>systemctl restart nginx.service</code><br \> And test. ===Remove need for username and password=== Comment out (or delete) the following lines from your nginx config file:<br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Can comment out lines by placing a '#' in front.<br> <pre> #auth_basic "Hello Please Login"; #auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> ==No DNS using IP and SelfSigned Certs== ===Update system=== <code>apt update && apt upgrade -y</code><br \> ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> ===Create keys for encrypted https connection=== Note: If you are just building a quick website to test this out you can use <b>Blank</b> (just press enter) for all fields and it will still work.<br \> <code>openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> quick explanation: <div class="mw-collapsible-content"> :* '''openssl''': This command invokes the OpenSSL tool, which is a software library that provides a variety of cryptographic functions and utilities. :* '''req''': This is a subcommand of OpenSSL that is used for creating and managing X.509 certificate signing requests (CSRs) and self-signed certificates. :* -'''x509''': This option specifies that the output should be a self-signed X.509 certificate rather than a CSR. :* '''-nodes''': This option specifies that the private key should not be encrypted with a password, allowing for automatic startup of services that use SSL/TLS. :* -days 365: This option specifies the number of days that the certificate will be valid for before it expires. :* '''-newkey rsa:4096''': This option generates a new RSA private key with a key length of 4096 bits, which provides a higher level of security than shorter key lengths. :* '''-keyout /etc/ssl/private/nginx-selfsigned.key''': This option specifies the path and filename of the private key file that will be generated by OpenSSL. :* '''-out /etc/ssl/certs/nginx-selfsigned.crt''': This option specifies the path and filename of the self-signed certificate file that will be generated by OpenSSL. Overall, this command generates a self-signed SSL/TLS certificate and private key that can be used to secure an Nginx web server. The certificate and key are saved to the specified locations for use in the Nginx server configuration. It's important to note that while self-signed certificates can provide some level of encryption for your web traffic, they do not provide any form of authentication or verification of identity, and should not be used in production environments where security is a top priority. </div> </div> /etc/ssl/private/nginx-selfsigned.key<br> /etc/ssl/certs/nginx-selfsigned.crt ===Create diffhelman=== <code>openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048</code><br \> You can upgrade from 2048 to 4096 but it might take a while.<br \> <code>$EDITOR /etc/nginx/snippets/ssl-params.conf</code><br> Nginx configuration directives related to SSL/TLS: <pre> ssl_protocols TLSv1.2; #This directive specifies the SSL/TLS protocols that the server will use for secure connections. In this case, only TLS version 1.2 is allowed. ssl_prefer_server_ciphers on; #This directive tells the server to prefer the ciphers specified by the server over those requested by the client. ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL !LOW !DSS !MD5 !RC4 !EXP !PSK !SRP !CAMELLIA !SEED'; #This directive specifies the SSL/TLS ciphers that the server will use for secure connections. These ciphers prioritize the use of elliptic curve cryptography (ECDHE) for key exchange and advanced encryption algorithms such as AES256 and CHACHA20-POLY1305 for encryption. ssl_ecdh_curve secp384r1; #This directive specifies the elliptic curve Diffie-Hellman (ECDH) curve that the server will use for key exchange. In this case, the secp384r1 curve is used. ssl_session_cache shared:SSL:10m; ssl_session_tickets off; #These directives configure SSL session caching, which can improve performance by allowing the server to reuse SSL session parameters for multiple connections. The ssl_session_cache directive specifies the type of session cache to use, and the ssl_session_tickets directive specifies whether session tickets should be used. # need to turn ssl_stapling off for selfsigned or will get errors in /var/log/nginx/error.log ssl_stapling off; ssl_stapling_verify off; #These directives configure OCSP stapling, which can improve security by allowing the server to provide proof of the SSL/TLS certificate's validity without requiring the client to contact the certificate authority. The ssl_stapling directive specifies whether stapling should be used, and the ssl_stapling_verify directive specifies whether the server should verify the OCSP response from the certificate authority. resolver 8.8.8.8 80.80.80.80 valid=300s; resolver_timeout 5s; #These directives configure DNS resolution for OCSP stapling. The resolver directive specifies the DNS servers to use for resolving OCSP requests, and the valid parameter specifies the duration for which DNS responses will be cached. The resolver_timeout directive specifies the timeout value for DNS resolution. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; #These directives add security-related HTTP headers to responses sent by the server. The Strict-Transport-Security header specifies that SSL/TLS should always be used for connections to the server, and the X-Frame-Options and X-Content-Type-Options headers help protect against clickjacking and MIME sniffing attacks, respectively. ssl_dhparam /etc/ssl/certs/dhparam.pem; #This directive specifies the location of the Diffie-Hellman parameters file used for SSL/TLS key exchange. The ssl_dhparam directive is used to specify the path to the file that contains the Diffie-Hellman parameters. ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; # self-signed certificate file ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; # private key file </pre> ====Nginx==== <code>$EDITOR /etc/nginx/sites-available/default</code><br \> <b>MAKE SURE TO CHANGE IP 12.34.56.78 to YOUR servers Public IP address</b><br \> <pre> server { listen 80 default_server; listen [::]:80 default_server; server_name 12.34.56.78; ## change ip to match your server ip return 302 https://$server_name$request_uri; } server { # SSL configuration # listen 443 ssl default_server; listen [::]:443 ssl default_server; include snippets/ssl-params.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } } </pre> ====Restart Nginx==== <code> systemctl restart nginx</code><br \> ====Allow Nginx pass firewall==== <code>ufw allow 80/tcp</code><br \> <code>ufw allow 443/tcp</code><br \> ====Create a Directory to share store files==== <code>mkdir /var/www/html/files</code><br \> ====Create an html file==== <code>$EDITOR /var/www/html/index.html</code><br \> <pre> <!DOCTYPE html> <html> <head> <title>Files For Download</title> </head> <body> <a href="files">Click here for are latest files</a>.</p> </body> </html> </pre> ====Transfer_Files_to_Sharing_Directory==== [[Nginx_file_server#Transfer_Files_to_Sharing_Directory|Same as with using certbot]]<br><br> [[Nginx_file_server#Require_Username_and_Password_to_view_website/files_(Optional_-_Placed_here_for_educational_reasons)|Require Username and Passwd to view files]] a8zs4cjqbwzwjig9z2nb2xn678rnfdj 284 283 2023-04-05T11:27:34Z Noob 1 /* Require Username and Password to view website/files (Optional - Placed here for educational reasons) */ 284 wikitext text/x-wiki ==With DNS - cert by LetsEncrypt== [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04#No_DNS_using_IP_and_SelfSigned_Certs|No DNS Using IP and Self Signed Certs for https]] ===Spin up a Server === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $5 a month, 1 cpu, 1024MB ram, 25GB ssd, 1000GB Bandwidth.<br \> I have been given the IP:<b>192.248.155.201</b> <br \> ===DNS=== make a <b>A RECORD</b> for subdomain server IP address<br> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |xml |192.248.155.201 |auto |- |} ===Enable Basic FireWall=== <code>ufw allow 22/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw enable</code><br \> ===Enable Auto Updates=== [[Ubuntu_unattended-upgrades#Quick_Start_-_Up_and_running_auto_updates|Setup Basic Auto Updates for your Server so you don't have to keep logging into server to update]] ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> <div class="toccolours mw-collapsible mw-collapsed"> Default NGINX Before Certbot - Placed here just for notes:<br> <code>cat /etc/nginx/sites-available/default</code> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> </div> </div> ===LetsEncrypt=== <code>snap install certbot --classic</code><br> <code> certbot --nginx -d xml.completenoobs.com</code><br> You should now be able to view the <b>Welcome to nginx!</b> page with <b>https</b><br> ===Setup NGINX=== CertBot did the work for us :) Good Bot.<br> The nginx default site should look like this:<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /etc/nginx/sites-available/default</code><br> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> We just need to add one line <code>autoindex on;</code>in the <b>location { }</b> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> /etc/nginx/sites-available/default</code> After appending <code>autoindex on;</code>: <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Same File with Comments removed for easier read: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ====More Info==== <div class="toccolours mw-collapsible mw-collapsed"> <b>autoindex on;</b> directive: <div class="mw-collapsible-content"> The <b>autoindex on;</b> directive in an Nginx configuration file enables directory listing for the specified location. In other words, if a user requests a URL that corresponds to a directory (rather than a specific file), and '''autoindex on;''' is specified for that location in the Nginx configuration file, then Nginx will generate a directory listing page that shows the contents of that directory. This can be useful for making files available for download or for providing an easy way to browse the contents of a directory. However, it can also be a security risk if sensitive files are inadvertently made available for download or if a user gains access to a directory listing page that they should not be able to access. To mitigate this risk, it's important to ensure that the '''autoindex on;''' directive is only used when necessary and is not enabled for sensitive directories or files. It's also a good idea to customize the appearance of the directory listing page to make it clear what files are available and to restrict access to the directory listing page using Nginx authentication or other security measures. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Nginx Config File: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; ######^^^ These two lines specify that the server block is listening on port 80 (the default HTTP port) for IPv4 and IPv6 connections. The default_server parameter indicates that this block will be used as the default server block for any incoming connections that do not match any other server blocks. ################################################# root /var/www/html; ######^^ This line sets the root directory for the server block. This is the directory where Nginx will look for files to serve in response to incoming requests. ########################################## # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; ##########^^ This line specifies the order in which Nginx should look for index files in the root directory when serving requests. In this case, Nginx will first look for index.html, then index.htm, and then index.nginx-debian.html. ########################################################## server_name _; #######^^ This line specifies the server name for the block. The underscore _ indicates a catch-all server name, meaning that this block will handle any requests that do not match a server name defined in another server block. ####################################################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; ###############^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. ###################################################### } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot ######^^ This block specifies the server configuration for requests that match the server name xml.completenoobs.com. The root directive specifies the root directory for this server block, and the index directive specifies the order in which Nginx should look for index files when serving requests. The server_name directive specifies the name of the server that this block handles. ###################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } ###########^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. The autoindex directive enables directory listing for this location. ############################## listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } ##################^^ These lines specify the SSL configuration for the server block, including the SSL certificates and keys, the SSL protocol settings, and the SSL Diffie-Hellman parameters. The listen directive specifies that the server block should listen for HTTPS connections on port 443, and the ssl parameter indicates that SSL/TLS should be used for these connections. The remaining lines specify the SSL certificates and keys, as well as the SSL options and Diffie-Hellman parameters managed by Certbot. ######################### server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot ########^^ This block specifies that if the incoming request matches the server name xml.completenoobs.com, Nginx should return a 301 HTTP status code (Moved Permanently) and redirect the request to HTTPS. ####################### listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } ##########^^ These lines specify the server configuration for requests that match the server name xml.completenoobs.com on port 80 (the default HTTP port). The listen directives specify that the server block should listen for HTTP connections on both IPv4 and IPv6. The server_name directive specifies the name of the server that this block handles. The return 404 directive specifies that Nginx should return a 404 HTTP status code for all requests that match this server block. Note that this server block is likely intended to be used in conjunction with another server block that handles HTTPS requests for xml.completenoobs.com, since the HTTP requests will be redirected to HTTPS by the if directive in this block. ############################ </pre> </div> </div> ==Hosting XML files for easy Downloading== we are going to delete the default index page and create another.<br> <code>rm /var/www/html/index.nginx-debian.html</code><br> <code>$EDITOR /var/www/html/index.html</code><br> Insert:<br> <pre> <!DOCTYPE html> <html> <head> <title>CompleteNoobs-XML_Dumps</title> </head> <body> <h1> <a href="xmlDumps/">Click here for are latest XML Dumps</a>.</p> </h1> </body> </html> </pre> <br> Create a Directory to place are dumps<br> <code>mkdir /var/www/html/xmlDumps</code><br> This is the directory we will place are dumps for sharing and easy downloads.<br> <code>chown -R www-data:www-data /var/www/html/xmlDumps</code><br> <code>systemctl restart nginx</code><br> now create a test file with some content and test.<br> <code>$EDITOR /var/www/html/xmlDumps/test.txt</code><br> Check you can see/read on web browser.<br> This is the directory where we will send are mediawiki dumps.<br> ==Transfer Files to Sharing Directory== ===scp=== Check [[SCP_Examples|SCP_Examples]] for more examples:<br> To send direct from MediaWiki server (Example file 'xmlDump-03-03-2023')<br> Will be prompted to enter password:<br> <code>scp /path/to/xmlDump-03-03-2023 root@xml.completenoobs.com:/var/www/html/xmlDumps/</code><br> ===sshfs=== Can be useful if you are transferring a large number of files from your computer to server and want to use the GUI file explorer.<br> <br> NOTE:replace $USER with your user account (Example: mine is 'ubunix' so i will replace '$USER' with 'ubunix') <br> Install sshfs on your computer<br> <code>sudo apt install sshfs</code><br> Create a Directory you are going to mount remote server directory to:<br> <code>mkdir /home/$USER/ServerMount</code><br> <br> <code>sudo sshfs -o allow_other,default_permissions root@xml.completenoobs.com:/var/www/html/xmlDumps/ /home/$USER/ServerMount/</code><br> To umount use:<br> <code>sudo umount /home/$USER/ServerMount</code><br> ==Require Username and Password to view website/files (Optional - Placed here for educational reasons)== <code>apt install apache2-utils</code><br> In your <code>/etc/nginx/sites-available/default</code><br> Append the lines(see before and after files to see where):<br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: Before <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: After <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ===Create a login Username and Password to view your website=== Add user; change <b>user1</b> to username of your choice; you will be prompted for password.<br \> <code>htpasswd -c /etc/nginx/.htpasswd user1</code><br \> The <b>-c</b> flag is only needed the first time to create the file <b>/etc/nginx/.htpasswd</b><br \> Add second user; the same method is used to add has many users has you want.<br \> <code>htpasswd /etc/nginx/.htpasswd user2</code> <br \> To update or change passwd for user, repeat command with username of account you wish to change; enter new password.<br \> <code>htpasswd /etc/nginx/.htpasswd user1</code><br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> And try site. ===Fail2Ban to Block IP's Which Enter Incorrect Username and/or Password=== Install Fail2Ban:<br> <code>apt install fail2ban</code><br> <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code><br> <code>$EDITOR /etc/fail2ban/jail.local</code><br> Note: Can append to the very bottom of the page.<br> <pre> # Reject Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s [nginx-cup] #the name in brackets above is what you use for status # fail2ban-client status nginx-cup enabled = true filter = nginx-correct-up port = http,https logpath = /var/log/nginx/error.log findtime = 3m bantime = 3m maxretry = 3 #ignoreip = <your-ipaddress> #Note: Can find your ipaddress using `curl ifconfig.me` or visit `whatismyip.com` </pre> <br \> <code>$EDITOR /etc/fail2ban/filter.d/nginx-correct-up.conf</code><br \> <pre> [Definition] failregex = client:\s<HOST> ignoreregex = </pre> ===Check Fail2Ban for errors=== <code>fail2ban-client -d</code><br \> ===restart nginx and fail2ban so updated setting can take effect=== <code>systemctl restart fail2ban.service</code><br \> <code>systemctl restart nginx.service</code><br \> And test. ===Remove need for username and password=== Comment out (or delete) the following lines from your nginx config file:<br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Can comment out lines by placing a '#' in front.<br> <pre> #auth_basic "Hello Please Login"; #auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> ==No DNS using IP and SelfSigned Certs== ===Update system=== <code>apt update && apt upgrade -y</code><br \> ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> ===Create keys for encrypted https connection=== Note: If you are just building a quick website to test this out you can use <b>Blank</b> (just press enter) for all fields and it will still work.<br \> <code>openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> quick explanation: <div class="mw-collapsible-content"> :* '''openssl''': This command invokes the OpenSSL tool, which is a software library that provides a variety of cryptographic functions and utilities. :* '''req''': This is a subcommand of OpenSSL that is used for creating and managing X.509 certificate signing requests (CSRs) and self-signed certificates. :* -'''x509''': This option specifies that the output should be a self-signed X.509 certificate rather than a CSR. :* '''-nodes''': This option specifies that the private key should not be encrypted with a password, allowing for automatic startup of services that use SSL/TLS. :* -days 365: This option specifies the number of days that the certificate will be valid for before it expires. :* '''-newkey rsa:4096''': This option generates a new RSA private key with a key length of 4096 bits, which provides a higher level of security than shorter key lengths. :* '''-keyout /etc/ssl/private/nginx-selfsigned.key''': This option specifies the path and filename of the private key file that will be generated by OpenSSL. :* '''-out /etc/ssl/certs/nginx-selfsigned.crt''': This option specifies the path and filename of the self-signed certificate file that will be generated by OpenSSL. Overall, this command generates a self-signed SSL/TLS certificate and private key that can be used to secure an Nginx web server. The certificate and key are saved to the specified locations for use in the Nginx server configuration. It's important to note that while self-signed certificates can provide some level of encryption for your web traffic, they do not provide any form of authentication or verification of identity, and should not be used in production environments where security is a top priority. </div> </div> /etc/ssl/private/nginx-selfsigned.key<br> /etc/ssl/certs/nginx-selfsigned.crt ===Create diffhelman=== <code>openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048</code><br \> You can upgrade from 2048 to 4096 but it might take a while.<br \> <code>$EDITOR /etc/nginx/snippets/ssl-params.conf</code><br> Nginx configuration directives related to SSL/TLS: <pre> ssl_protocols TLSv1.2; #This directive specifies the SSL/TLS protocols that the server will use for secure connections. In this case, only TLS version 1.2 is allowed. ssl_prefer_server_ciphers on; #This directive tells the server to prefer the ciphers specified by the server over those requested by the client. ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL !LOW !DSS !MD5 !RC4 !EXP !PSK !SRP !CAMELLIA !SEED'; #This directive specifies the SSL/TLS ciphers that the server will use for secure connections. These ciphers prioritize the use of elliptic curve cryptography (ECDHE) for key exchange and advanced encryption algorithms such as AES256 and CHACHA20-POLY1305 for encryption. ssl_ecdh_curve secp384r1; #This directive specifies the elliptic curve Diffie-Hellman (ECDH) curve that the server will use for key exchange. In this case, the secp384r1 curve is used. ssl_session_cache shared:SSL:10m; ssl_session_tickets off; #These directives configure SSL session caching, which can improve performance by allowing the server to reuse SSL session parameters for multiple connections. The ssl_session_cache directive specifies the type of session cache to use, and the ssl_session_tickets directive specifies whether session tickets should be used. # need to turn ssl_stapling off for selfsigned or will get errors in /var/log/nginx/error.log ssl_stapling off; ssl_stapling_verify off; #These directives configure OCSP stapling, which can improve security by allowing the server to provide proof of the SSL/TLS certificate's validity without requiring the client to contact the certificate authority. The ssl_stapling directive specifies whether stapling should be used, and the ssl_stapling_verify directive specifies whether the server should verify the OCSP response from the certificate authority. resolver 8.8.8.8 80.80.80.80 valid=300s; resolver_timeout 5s; #These directives configure DNS resolution for OCSP stapling. The resolver directive specifies the DNS servers to use for resolving OCSP requests, and the valid parameter specifies the duration for which DNS responses will be cached. The resolver_timeout directive specifies the timeout value for DNS resolution. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; #These directives add security-related HTTP headers to responses sent by the server. The Strict-Transport-Security header specifies that SSL/TLS should always be used for connections to the server, and the X-Frame-Options and X-Content-Type-Options headers help protect against clickjacking and MIME sniffing attacks, respectively. ssl_dhparam /etc/ssl/certs/dhparam.pem; #This directive specifies the location of the Diffie-Hellman parameters file used for SSL/TLS key exchange. The ssl_dhparam directive is used to specify the path to the file that contains the Diffie-Hellman parameters. ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; # self-signed certificate file ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; # private key file </pre> ====Nginx==== <code>$EDITOR /etc/nginx/sites-available/default</code><br \> <b>MAKE SURE TO CHANGE IP 12.34.56.78 to YOUR servers Public IP address</b><br \> <pre> server { listen 80 default_server; listen [::]:80 default_server; server_name 12.34.56.78; ## change ip to match your server ip return 302 https://$server_name$request_uri; } server { # SSL configuration # listen 443 ssl default_server; listen [::]:443 ssl default_server; include snippets/ssl-params.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } } </pre> ====Restart Nginx==== <code> systemctl restart nginx</code><br \> ====Allow Nginx pass firewall==== <code>ufw allow 80/tcp</code><br \> <code>ufw allow 443/tcp</code><br \> ====Create a Directory to share store files==== <code>mkdir /var/www/html/files</code><br \> ====Create an html file==== <code>$EDITOR /var/www/html/index.html</code><br \> <pre> <!DOCTYPE html> <html> <head> <title>Files For Download</title> </head> <body> <a href="files">Click here for are latest files</a>.</p> </body> </html> </pre> ====Transfer_Files_to_Sharing_Directory==== [[Nginx_file_server#Transfer_Files_to_Sharing_Directory|Same as with using certbot]]<br><br> [[Nginx_file_server#Require_Username_and_Password_to_view_website/files_(Optional_-_Placed_here_for_educational_reasons)|Require Username and Passwd to view files]] drcl5so8x20z71331b9b8k0pahqnuqt 287 284 2023-04-05T18:07:21Z Noob 1 /* sshfs */ 287 wikitext text/x-wiki ==With DNS - cert by LetsEncrypt== [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04#No_DNS_using_IP_and_SelfSigned_Certs|No DNS Using IP and Self Signed Certs for https]] ===Spin up a Server === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $5 a month, 1 cpu, 1024MB ram, 25GB ssd, 1000GB Bandwidth.<br \> I have been given the IP:<b>192.248.155.201</b> <br \> ===DNS=== make a <b>A RECORD</b> for subdomain server IP address<br> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |xml |192.248.155.201 |auto |- |} ===Enable Basic FireWall=== <code>ufw allow 22/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw enable</code><br \> ===Enable Auto Updates=== [[Ubuntu_unattended-upgrades#Quick_Start_-_Up_and_running_auto_updates|Setup Basic Auto Updates for your Server so you don't have to keep logging into server to update]] ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> <div class="toccolours mw-collapsible mw-collapsed"> Default NGINX Before Certbot - Placed here just for notes:<br> <code>cat /etc/nginx/sites-available/default</code> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> </div> </div> ===LetsEncrypt=== <code>snap install certbot --classic</code><br> <code> certbot --nginx -d xml.completenoobs.com</code><br> You should now be able to view the <b>Welcome to nginx!</b> page with <b>https</b><br> ===Setup NGINX=== CertBot did the work for us :) Good Bot.<br> The nginx default site should look like this:<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /etc/nginx/sites-available/default</code><br> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> We just need to add one line <code>autoindex on;</code>in the <b>location { }</b> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> /etc/nginx/sites-available/default</code> After appending <code>autoindex on;</code>: <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Same File with Comments removed for easier read: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ====More Info==== <div class="toccolours mw-collapsible mw-collapsed"> <b>autoindex on;</b> directive: <div class="mw-collapsible-content"> The <b>autoindex on;</b> directive in an Nginx configuration file enables directory listing for the specified location. In other words, if a user requests a URL that corresponds to a directory (rather than a specific file), and '''autoindex on;''' is specified for that location in the Nginx configuration file, then Nginx will generate a directory listing page that shows the contents of that directory. This can be useful for making files available for download or for providing an easy way to browse the contents of a directory. However, it can also be a security risk if sensitive files are inadvertently made available for download or if a user gains access to a directory listing page that they should not be able to access. To mitigate this risk, it's important to ensure that the '''autoindex on;''' directive is only used when necessary and is not enabled for sensitive directories or files. It's also a good idea to customize the appearance of the directory listing page to make it clear what files are available and to restrict access to the directory listing page using Nginx authentication or other security measures. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Nginx Config File: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; ######^^^ These two lines specify that the server block is listening on port 80 (the default HTTP port) for IPv4 and IPv6 connections. The default_server parameter indicates that this block will be used as the default server block for any incoming connections that do not match any other server blocks. ################################################# root /var/www/html; ######^^ This line sets the root directory for the server block. This is the directory where Nginx will look for files to serve in response to incoming requests. ########################################## # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; ##########^^ This line specifies the order in which Nginx should look for index files in the root directory when serving requests. In this case, Nginx will first look for index.html, then index.htm, and then index.nginx-debian.html. ########################################################## server_name _; #######^^ This line specifies the server name for the block. The underscore _ indicates a catch-all server name, meaning that this block will handle any requests that do not match a server name defined in another server block. ####################################################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; ###############^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. ###################################################### } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot ######^^ This block specifies the server configuration for requests that match the server name xml.completenoobs.com. The root directive specifies the root directory for this server block, and the index directive specifies the order in which Nginx should look for index files when serving requests. The server_name directive specifies the name of the server that this block handles. ###################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } ###########^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. The autoindex directive enables directory listing for this location. ############################## listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } ##################^^ These lines specify the SSL configuration for the server block, including the SSL certificates and keys, the SSL protocol settings, and the SSL Diffie-Hellman parameters. The listen directive specifies that the server block should listen for HTTPS connections on port 443, and the ssl parameter indicates that SSL/TLS should be used for these connections. The remaining lines specify the SSL certificates and keys, as well as the SSL options and Diffie-Hellman parameters managed by Certbot. ######################### server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot ########^^ This block specifies that if the incoming request matches the server name xml.completenoobs.com, Nginx should return a 301 HTTP status code (Moved Permanently) and redirect the request to HTTPS. ####################### listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } ##########^^ These lines specify the server configuration for requests that match the server name xml.completenoobs.com on port 80 (the default HTTP port). The listen directives specify that the server block should listen for HTTP connections on both IPv4 and IPv6. The server_name directive specifies the name of the server that this block handles. The return 404 directive specifies that Nginx should return a 404 HTTP status code for all requests that match this server block. Note that this server block is likely intended to be used in conjunction with another server block that handles HTTPS requests for xml.completenoobs.com, since the HTTP requests will be redirected to HTTPS by the if directive in this block. ############################ </pre> </div> </div> ==Hosting XML files for easy Downloading== we are going to delete the default index page and create another.<br> <code>rm /var/www/html/index.nginx-debian.html</code><br> <code>$EDITOR /var/www/html/index.html</code><br> Insert:<br> <pre> <!DOCTYPE html> <html> <head> <title>CompleteNoobs-XML_Dumps</title> </head> <body> <h1> <a href="xmlDumps/">Click here for are latest XML Dumps</a>.</p> </h1> </body> </html> </pre> <br> Create a Directory to place are dumps<br> <code>mkdir /var/www/html/xmlDumps</code><br> This is the directory we will place are dumps for sharing and easy downloads.<br> <code>chown -R www-data:www-data /var/www/html/xmlDumps</code><br> <code>systemctl restart nginx</code><br> now create a test file with some content and test.<br> <code>$EDITOR /var/www/html/xmlDumps/test.txt</code><br> Check you can see/read on web browser.<br> This is the directory where we will send are mediawiki dumps.<br> ==Transfer Files to Sharing Directory== ===scp=== Check [[SCP_Examples|SCP_Examples]] for more examples:<br> To send direct from MediaWiki server (Example file 'xmlDump-03-03-2023')<br> Will be prompted to enter password:<br> <code>scp /path/to/xmlDump-03-03-2023 root@xml.completenoobs.com:/var/www/html/xmlDumps/</code><br> ===sshfs=== [[Sshfs_ubuntu|Read the sshfs page for more info]]<br> Can be useful if you are transferring a large number of files from your computer to server and want to use the GUI file explorer.<br> <br> NOTE:replace $USER with your user account (Example: mine is 'ubunix' so i will replace '$USER' with 'ubunix') <br> Install sshfs on your computer<br> <code>sudo apt install sshfs</code><br> Create a Directory you are going to mount remote server directory to:<br> <code>mkdir /home/$USER/ServerMount</code><br> <br> <code>sudo sshfs -o allow_other,default_permissions root@xml.completenoobs.com:/var/www/html/xmlDumps/ /home/$USER/ServerMount/</code><br> To umount use:<br> <code>sudo umount /home/$USER/ServerMount</code><br> ==Require Username and Password to view website/files (Optional - Placed here for educational reasons)== <code>apt install apache2-utils</code><br> In your <code>/etc/nginx/sites-available/default</code><br> Append the lines(see before and after files to see where):<br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: Before <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: After <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ===Create a login Username and Password to view your website=== Add user; change <b>user1</b> to username of your choice; you will be prompted for password.<br \> <code>htpasswd -c /etc/nginx/.htpasswd user1</code><br \> The <b>-c</b> flag is only needed the first time to create the file <b>/etc/nginx/.htpasswd</b><br \> Add second user; the same method is used to add has many users has you want.<br \> <code>htpasswd /etc/nginx/.htpasswd user2</code> <br \> To update or change passwd for user, repeat command with username of account you wish to change; enter new password.<br \> <code>htpasswd /etc/nginx/.htpasswd user1</code><br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> And try site. ===Fail2Ban to Block IP's Which Enter Incorrect Username and/or Password=== Install Fail2Ban:<br> <code>apt install fail2ban</code><br> <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code><br> <code>$EDITOR /etc/fail2ban/jail.local</code><br> Note: Can append to the very bottom of the page.<br> <pre> # Reject Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s [nginx-cup] #the name in brackets above is what you use for status # fail2ban-client status nginx-cup enabled = true filter = nginx-correct-up port = http,https logpath = /var/log/nginx/error.log findtime = 3m bantime = 3m maxretry = 3 #ignoreip = <your-ipaddress> #Note: Can find your ipaddress using `curl ifconfig.me` or visit `whatismyip.com` </pre> <br \> <code>$EDITOR /etc/fail2ban/filter.d/nginx-correct-up.conf</code><br \> <pre> [Definition] failregex = client:\s<HOST> ignoreregex = </pre> ===Check Fail2Ban for errors=== <code>fail2ban-client -d</code><br \> ===restart nginx and fail2ban so updated setting can take effect=== <code>systemctl restart fail2ban.service</code><br \> <code>systemctl restart nginx.service</code><br \> And test. ===Remove need for username and password=== Comment out (or delete) the following lines from your nginx config file:<br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Can comment out lines by placing a '#' in front.<br> <pre> #auth_basic "Hello Please Login"; #auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> ==No DNS using IP and SelfSigned Certs== ===Update system=== <code>apt update && apt upgrade -y</code><br \> ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> ===Create keys for encrypted https connection=== Note: If you are just building a quick website to test this out you can use <b>Blank</b> (just press enter) for all fields and it will still work.<br \> <code>openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> quick explanation: <div class="mw-collapsible-content"> :* '''openssl''': This command invokes the OpenSSL tool, which is a software library that provides a variety of cryptographic functions and utilities. :* '''req''': This is a subcommand of OpenSSL that is used for creating and managing X.509 certificate signing requests (CSRs) and self-signed certificates. :* -'''x509''': This option specifies that the output should be a self-signed X.509 certificate rather than a CSR. :* '''-nodes''': This option specifies that the private key should not be encrypted with a password, allowing for automatic startup of services that use SSL/TLS. :* -days 365: This option specifies the number of days that the certificate will be valid for before it expires. :* '''-newkey rsa:4096''': This option generates a new RSA private key with a key length of 4096 bits, which provides a higher level of security than shorter key lengths. :* '''-keyout /etc/ssl/private/nginx-selfsigned.key''': This option specifies the path and filename of the private key file that will be generated by OpenSSL. :* '''-out /etc/ssl/certs/nginx-selfsigned.crt''': This option specifies the path and filename of the self-signed certificate file that will be generated by OpenSSL. Overall, this command generates a self-signed SSL/TLS certificate and private key that can be used to secure an Nginx web server. The certificate and key are saved to the specified locations for use in the Nginx server configuration. It's important to note that while self-signed certificates can provide some level of encryption for your web traffic, they do not provide any form of authentication or verification of identity, and should not be used in production environments where security is a top priority. </div> </div> /etc/ssl/private/nginx-selfsigned.key<br> /etc/ssl/certs/nginx-selfsigned.crt ===Create diffhelman=== <code>openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048</code><br \> You can upgrade from 2048 to 4096 but it might take a while.<br \> <code>$EDITOR /etc/nginx/snippets/ssl-params.conf</code><br> Nginx configuration directives related to SSL/TLS: <pre> ssl_protocols TLSv1.2; #This directive specifies the SSL/TLS protocols that the server will use for secure connections. In this case, only TLS version 1.2 is allowed. ssl_prefer_server_ciphers on; #This directive tells the server to prefer the ciphers specified by the server over those requested by the client. ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL !LOW !DSS !MD5 !RC4 !EXP !PSK !SRP !CAMELLIA !SEED'; #This directive specifies the SSL/TLS ciphers that the server will use for secure connections. These ciphers prioritize the use of elliptic curve cryptography (ECDHE) for key exchange and advanced encryption algorithms such as AES256 and CHACHA20-POLY1305 for encryption. ssl_ecdh_curve secp384r1; #This directive specifies the elliptic curve Diffie-Hellman (ECDH) curve that the server will use for key exchange. In this case, the secp384r1 curve is used. ssl_session_cache shared:SSL:10m; ssl_session_tickets off; #These directives configure SSL session caching, which can improve performance by allowing the server to reuse SSL session parameters for multiple connections. The ssl_session_cache directive specifies the type of session cache to use, and the ssl_session_tickets directive specifies whether session tickets should be used. # need to turn ssl_stapling off for selfsigned or will get errors in /var/log/nginx/error.log ssl_stapling off; ssl_stapling_verify off; #These directives configure OCSP stapling, which can improve security by allowing the server to provide proof of the SSL/TLS certificate's validity without requiring the client to contact the certificate authority. The ssl_stapling directive specifies whether stapling should be used, and the ssl_stapling_verify directive specifies whether the server should verify the OCSP response from the certificate authority. resolver 8.8.8.8 80.80.80.80 valid=300s; resolver_timeout 5s; #These directives configure DNS resolution for OCSP stapling. The resolver directive specifies the DNS servers to use for resolving OCSP requests, and the valid parameter specifies the duration for which DNS responses will be cached. The resolver_timeout directive specifies the timeout value for DNS resolution. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; #These directives add security-related HTTP headers to responses sent by the server. The Strict-Transport-Security header specifies that SSL/TLS should always be used for connections to the server, and the X-Frame-Options and X-Content-Type-Options headers help protect against clickjacking and MIME sniffing attacks, respectively. ssl_dhparam /etc/ssl/certs/dhparam.pem; #This directive specifies the location of the Diffie-Hellman parameters file used for SSL/TLS key exchange. The ssl_dhparam directive is used to specify the path to the file that contains the Diffie-Hellman parameters. ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; # self-signed certificate file ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; # private key file </pre> ====Nginx==== <code>$EDITOR /etc/nginx/sites-available/default</code><br \> <b>MAKE SURE TO CHANGE IP 12.34.56.78 to YOUR servers Public IP address</b><br \> <pre> server { listen 80 default_server; listen [::]:80 default_server; server_name 12.34.56.78; ## change ip to match your server ip return 302 https://$server_name$request_uri; } server { # SSL configuration # listen 443 ssl default_server; listen [::]:443 ssl default_server; include snippets/ssl-params.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } } </pre> ====Restart Nginx==== <code> systemctl restart nginx</code><br \> ====Allow Nginx pass firewall==== <code>ufw allow 80/tcp</code><br \> <code>ufw allow 443/tcp</code><br \> ====Create a Directory to share store files==== <code>mkdir /var/www/html/files</code><br \> ====Create an html file==== <code>$EDITOR /var/www/html/index.html</code><br \> <pre> <!DOCTYPE html> <html> <head> <title>Files For Download</title> </head> <body> <a href="files">Click here for are latest files</a>.</p> </body> </html> </pre> ====Transfer_Files_to_Sharing_Directory==== [[Nginx_file_server#Transfer_Files_to_Sharing_Directory|Same as with using certbot]]<br><br> [[Nginx_file_server#Require_Username_and_Password_to_view_website/files_(Optional_-_Placed_here_for_educational_reasons)|Require Username and Passwd to view files]] ad63gkbixfgzasd0mmu4pj0pn6lb7r3 322 287 2023-04-17T12:23:23Z imported>AwesomO 0 /* Transfer_Files_to_Sharing_Directory */ 322 wikitext text/x-wiki ==With DNS - cert by LetsEncrypt== [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04#No_DNS_using_IP_and_SelfSigned_Certs|No DNS Using IP and Self Signed Certs for https]] ===Spin up a Server === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $5 a month, 1 cpu, 1024MB ram, 25GB ssd, 1000GB Bandwidth.<br \> I have been given the IP:<b>192.248.155.201</b> <br \> ===DNS=== make a <b>A RECORD</b> for subdomain server IP address<br> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |xml |192.248.155.201 |auto |- |} ===Enable Basic FireWall=== <code>ufw allow 22/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw enable</code><br \> ===Enable Auto Updates=== [[Ubuntu_unattended-upgrades#Quick_Start_-_Up_and_running_auto_updates|Setup Basic Auto Updates for your Server so you don't have to keep logging into server to update]] ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> <div class="toccolours mw-collapsible mw-collapsed"> Default NGINX Before Certbot - Placed here just for notes:<br> <code>cat /etc/nginx/sites-available/default</code> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> </div> </div> ===LetsEncrypt=== <code>snap install certbot --classic</code><br> <code> certbot --nginx -d xml.completenoobs.com</code><br> You should now be able to view the <b>Welcome to nginx!</b> page with <b>https</b><br> ===Setup NGINX=== CertBot did the work for us :) Good Bot.<br> The nginx default site should look like this:<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /etc/nginx/sites-available/default</code><br> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> We just need to add one line <code>autoindex on;</code>in the <b>location { }</b> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> /etc/nginx/sites-available/default</code> After appending <code>autoindex on;</code>: <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Same File with Comments removed for easier read: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ====More Info==== <div class="toccolours mw-collapsible mw-collapsed"> <b>autoindex on;</b> directive: <div class="mw-collapsible-content"> The <b>autoindex on;</b> directive in an Nginx configuration file enables directory listing for the specified location. In other words, if a user requests a URL that corresponds to a directory (rather than a specific file), and '''autoindex on;''' is specified for that location in the Nginx configuration file, then Nginx will generate a directory listing page that shows the contents of that directory. This can be useful for making files available for download or for providing an easy way to browse the contents of a directory. However, it can also be a security risk if sensitive files are inadvertently made available for download or if a user gains access to a directory listing page that they should not be able to access. To mitigate this risk, it's important to ensure that the '''autoindex on;''' directive is only used when necessary and is not enabled for sensitive directories or files. It's also a good idea to customize the appearance of the directory listing page to make it clear what files are available and to restrict access to the directory listing page using Nginx authentication or other security measures. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Nginx Config File: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; ######^^^ These two lines specify that the server block is listening on port 80 (the default HTTP port) for IPv4 and IPv6 connections. The default_server parameter indicates that this block will be used as the default server block for any incoming connections that do not match any other server blocks. ################################################# root /var/www/html; ######^^ This line sets the root directory for the server block. This is the directory where Nginx will look for files to serve in response to incoming requests. ########################################## # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; ##########^^ This line specifies the order in which Nginx should look for index files in the root directory when serving requests. In this case, Nginx will first look for index.html, then index.htm, and then index.nginx-debian.html. ########################################################## server_name _; #######^^ This line specifies the server name for the block. The underscore _ indicates a catch-all server name, meaning that this block will handle any requests that do not match a server name defined in another server block. ####################################################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; ###############^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. ###################################################### } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot ######^^ This block specifies the server configuration for requests that match the server name xml.completenoobs.com. The root directive specifies the root directory for this server block, and the index directive specifies the order in which Nginx should look for index files when serving requests. The server_name directive specifies the name of the server that this block handles. ###################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } ###########^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. The autoindex directive enables directory listing for this location. ############################## listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } ##################^^ These lines specify the SSL configuration for the server block, including the SSL certificates and keys, the SSL protocol settings, and the SSL Diffie-Hellman parameters. The listen directive specifies that the server block should listen for HTTPS connections on port 443, and the ssl parameter indicates that SSL/TLS should be used for these connections. The remaining lines specify the SSL certificates and keys, as well as the SSL options and Diffie-Hellman parameters managed by Certbot. ######################### server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot ########^^ This block specifies that if the incoming request matches the server name xml.completenoobs.com, Nginx should return a 301 HTTP status code (Moved Permanently) and redirect the request to HTTPS. ####################### listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } ##########^^ These lines specify the server configuration for requests that match the server name xml.completenoobs.com on port 80 (the default HTTP port). The listen directives specify that the server block should listen for HTTP connections on both IPv4 and IPv6. The server_name directive specifies the name of the server that this block handles. The return 404 directive specifies that Nginx should return a 404 HTTP status code for all requests that match this server block. Note that this server block is likely intended to be used in conjunction with another server block that handles HTTPS requests for xml.completenoobs.com, since the HTTP requests will be redirected to HTTPS by the if directive in this block. ############################ </pre> </div> </div> ==Hosting XML files for easy Downloading== we are going to delete the default index page and create another.<br> <code>rm /var/www/html/index.nginx-debian.html</code><br> <code>$EDITOR /var/www/html/index.html</code><br> Insert:<br> <pre> <!DOCTYPE html> <html> <head> <title>CompleteNoobs-XML_Dumps</title> </head> <body> <h1> <a href="xmlDumps/">Click here for are latest XML Dumps</a>.</p> </h1> </body> </html> </pre> <br> Create a Directory to place are dumps<br> <code>mkdir /var/www/html/xmlDumps</code><br> This is the directory we will place are dumps for sharing and easy downloads.<br> <code>chown -R www-data:www-data /var/www/html/xmlDumps</code><br> <code>systemctl restart nginx</code><br> now create a test file with some content and test.<br> <code>$EDITOR /var/www/html/xmlDumps/test.txt</code><br> Check you can see/read on web browser.<br> This is the directory where we will send are mediawiki dumps.<br> ==Transfer Files to Sharing Directory== ===scp=== Check [[SCP_Examples|SCP_Examples]] for more examples:<br> To send direct from MediaWiki server (Example file 'xmlDump-03-03-2023')<br> Will be prompted to enter password:<br> <code>scp /path/to/xmlDump-03-03-2023 root@xml.completenoobs.com:/var/www/html/xmlDumps/</code><br> ===sshfs=== [[Sshfs_ubuntu|Read the sshfs page for more info]]<br> Can be useful if you are transferring a large number of files from your computer to server and want to use the GUI file explorer.<br> <br> NOTE:replace $USER with your user account (Example: mine is 'ubunix' so i will replace '$USER' with 'ubunix') <br> Install sshfs on your computer<br> <code>sudo apt install sshfs</code><br> Create a Directory you are going to mount remote server directory to:<br> <code>mkdir /home/$USER/ServerMount</code><br> <br> <code>sudo sshfs -o allow_other,default_permissions root@xml.completenoobs.com:/var/www/html/xmlDumps/ /home/$USER/ServerMount/</code><br> To umount use:<br> <code>sudo umount /home/$USER/ServerMount</code><br> ==Require Username and Password to view website/files (Optional - Placed here for educational reasons)== <code>apt install apache2-utils</code><br> In your <code>/etc/nginx/sites-available/default</code><br> Append the lines(see before and after files to see where):<br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: Before <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: After <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ===Create a login Username and Password to view your website=== Add user; change <b>user1</b> to username of your choice; you will be prompted for password.<br \> <code>htpasswd -c /etc/nginx/.htpasswd user1</code><br \> The <b>-c</b> flag is only needed the first time to create the file <b>/etc/nginx/.htpasswd</b><br \> Add second user; the same method is used to add has many users has you want.<br \> <code>htpasswd /etc/nginx/.htpasswd user2</code> <br \> To update or change passwd for user, repeat command with username of account you wish to change; enter new password.<br \> <code>htpasswd /etc/nginx/.htpasswd user1</code><br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> And try site. ===Fail2Ban to Block IP's Which Enter Incorrect Username and/or Password=== Install Fail2Ban:<br> <code>apt install fail2ban</code><br> <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code><br> <code>$EDITOR /etc/fail2ban/jail.local</code><br> Note: Can append to the very bottom of the page.<br> <pre> # Reject Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s [nginx-cup] #the name in brackets above is what you use for status # fail2ban-client status nginx-cup enabled = true filter = nginx-correct-up port = http,https logpath = /var/log/nginx/error.log findtime = 3m bantime = 3m maxretry = 3 #ignoreip = <your-ipaddress> #Note: Can find your ipaddress using `curl ifconfig.me` or visit `whatismyip.com` </pre> <br \> <code>$EDITOR /etc/fail2ban/filter.d/nginx-correct-up.conf</code><br \> <pre> [Definition] failregex = client:\s<HOST> ignoreregex = </pre> ===Check Fail2Ban for errors=== <code>fail2ban-client -d</code><br \> ===restart nginx and fail2ban so updated setting can take effect=== <code>systemctl restart fail2ban.service</code><br \> <code>systemctl restart nginx.service</code><br \> And test. ===Remove need for username and password=== Comment out (or delete) the following lines from your nginx config file:<br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Can comment out lines by placing a '#' in front.<br> <pre> #auth_basic "Hello Please Login"; #auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> ==No DNS using IP and SelfSigned Certs== ===Update system=== <code>apt update && apt upgrade -y</code><br \> ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> ===Create keys for encrypted https connection=== Note: If you are just building a quick website to test this out you can use <b>Blank</b> (just press enter) for all fields and it will still work.<br \> <code>openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> quick explanation: <div class="mw-collapsible-content"> :* '''openssl''': This command invokes the OpenSSL tool, which is a software library that provides a variety of cryptographic functions and utilities. :* '''req''': This is a subcommand of OpenSSL that is used for creating and managing X.509 certificate signing requests (CSRs) and self-signed certificates. :* -'''x509''': This option specifies that the output should be a self-signed X.509 certificate rather than a CSR. :* '''-nodes''': This option specifies that the private key should not be encrypted with a password, allowing for automatic startup of services that use SSL/TLS. :* -days 365: This option specifies the number of days that the certificate will be valid for before it expires. :* '''-newkey rsa:4096''': This option generates a new RSA private key with a key length of 4096 bits, which provides a higher level of security than shorter key lengths. :* '''-keyout /etc/ssl/private/nginx-selfsigned.key''': This option specifies the path and filename of the private key file that will be generated by OpenSSL. :* '''-out /etc/ssl/certs/nginx-selfsigned.crt''': This option specifies the path and filename of the self-signed certificate file that will be generated by OpenSSL. Overall, this command generates a self-signed SSL/TLS certificate and private key that can be used to secure an Nginx web server. The certificate and key are saved to the specified locations for use in the Nginx server configuration. It's important to note that while self-signed certificates can provide some level of encryption for your web traffic, they do not provide any form of authentication or verification of identity, and should not be used in production environments where security is a top priority. </div> </div> /etc/ssl/private/nginx-selfsigned.key<br> /etc/ssl/certs/nginx-selfsigned.crt ===Create diffhelman=== <code>openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048</code><br \> You can upgrade from 2048 to 4096 but it might take a while.<br \> <code>$EDITOR /etc/nginx/snippets/ssl-params.conf</code><br> Nginx configuration directives related to SSL/TLS: <pre> ssl_protocols TLSv1.2; #This directive specifies the SSL/TLS protocols that the server will use for secure connections. In this case, only TLS version 1.2 is allowed. ssl_prefer_server_ciphers on; #This directive tells the server to prefer the ciphers specified by the server over those requested by the client. ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL !LOW !DSS !MD5 !RC4 !EXP !PSK !SRP !CAMELLIA !SEED'; #This directive specifies the SSL/TLS ciphers that the server will use for secure connections. These ciphers prioritize the use of elliptic curve cryptography (ECDHE) for key exchange and advanced encryption algorithms such as AES256 and CHACHA20-POLY1305 for encryption. ssl_ecdh_curve secp384r1; #This directive specifies the elliptic curve Diffie-Hellman (ECDH) curve that the server will use for key exchange. In this case, the secp384r1 curve is used. ssl_session_cache shared:SSL:10m; ssl_session_tickets off; #These directives configure SSL session caching, which can improve performance by allowing the server to reuse SSL session parameters for multiple connections. The ssl_session_cache directive specifies the type of session cache to use, and the ssl_session_tickets directive specifies whether session tickets should be used. # need to turn ssl_stapling off for selfsigned or will get errors in /var/log/nginx/error.log ssl_stapling off; ssl_stapling_verify off; #These directives configure OCSP stapling, which can improve security by allowing the server to provide proof of the SSL/TLS certificate's validity without requiring the client to contact the certificate authority. The ssl_stapling directive specifies whether stapling should be used, and the ssl_stapling_verify directive specifies whether the server should verify the OCSP response from the certificate authority. resolver 8.8.8.8 80.80.80.80 valid=300s; resolver_timeout 5s; #These directives configure DNS resolution for OCSP stapling. The resolver directive specifies the DNS servers to use for resolving OCSP requests, and the valid parameter specifies the duration for which DNS responses will be cached. The resolver_timeout directive specifies the timeout value for DNS resolution. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; #These directives add security-related HTTP headers to responses sent by the server. The Strict-Transport-Security header specifies that SSL/TLS should always be used for connections to the server, and the X-Frame-Options and X-Content-Type-Options headers help protect against clickjacking and MIME sniffing attacks, respectively. ssl_dhparam /etc/ssl/certs/dhparam.pem; #This directive specifies the location of the Diffie-Hellman parameters file used for SSL/TLS key exchange. The ssl_dhparam directive is used to specify the path to the file that contains the Diffie-Hellman parameters. ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; # self-signed certificate file ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; # private key file </pre> ====Nginx==== <code>$EDITOR /etc/nginx/sites-available/default</code><br \> <b>MAKE SURE TO CHANGE IP 12.34.56.78 to YOUR servers Public IP address</b><br \> <pre> server { listen 80 default_server; listen [::]:80 default_server; server_name 12.34.56.78; ## change ip to match your server ip return 302 https://$server_name$request_uri; } server { # SSL configuration # listen 443 ssl default_server; listen [::]:443 ssl default_server; include snippets/ssl-params.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } } </pre> ====Restart Nginx==== <code> systemctl restart nginx</code><br \> ====Allow Nginx pass firewall==== <code>ufw allow 80/tcp</code><br \> <code>ufw allow 443/tcp</code><br \> ====Create a Directory to share store files==== <code>mkdir /var/www/html/files</code><br \> ====Create an html file==== <code>$EDITOR /var/www/html/index.html</code><br \> <pre> <!DOCTYPE html> <html> <head> <title>Files For Download</title> </head> <body> <a href="files">Click here for are latest files</a>.</p> </body> </html> </pre> ====Transfer_Files_to_Sharing_Directory==== [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04#Transfer_Files_to_Sharing_Directory|Same as with using certbot]]<br><br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04#Require_Username_and_Password_to_view_website/files_(Optional_-_Placed_here_for_educational_reasons)|Require Username and Passwd to view files]] 3j09s8ktnam47ca6lo30us7nmp5m2u4 323 322 2023-04-17T12:26:41Z imported>AwesomO 0 /* Transfer Files to Sharing Directory */ 323 wikitext text/x-wiki ==With DNS - cert by LetsEncrypt== [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04#No_DNS_using_IP_and_SelfSigned_Certs|No DNS Using IP and Self Signed Certs for https]] ===Spin up a Server === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $5 a month, 1 cpu, 1024MB ram, 25GB ssd, 1000GB Bandwidth.<br \> I have been given the IP:<b>192.248.155.201</b> <br \> ===DNS=== make a <b>A RECORD</b> for subdomain server IP address<br> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |xml |192.248.155.201 |auto |- |} ===Enable Basic FireWall=== <code>ufw allow 22/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw enable</code><br \> ===Enable Auto Updates=== [[Ubuntu_unattended-upgrades#Quick_Start_-_Up_and_running_auto_updates|Setup Basic Auto Updates for your Server so you don't have to keep logging into server to update]] ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> <div class="toccolours mw-collapsible mw-collapsed"> Default NGINX Before Certbot - Placed here just for notes:<br> <code>cat /etc/nginx/sites-available/default</code> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> </div> </div> ===LetsEncrypt=== <code>snap install certbot --classic</code><br> <code> certbot --nginx -d xml.completenoobs.com</code><br> You should now be able to view the <b>Welcome to nginx!</b> page with <b>https</b><br> ===Setup NGINX=== CertBot did the work for us :) Good Bot.<br> The nginx default site should look like this:<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /etc/nginx/sites-available/default</code><br> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> We just need to add one line <code>autoindex on;</code>in the <b>location { }</b> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> /etc/nginx/sites-available/default</code> After appending <code>autoindex on;</code>: <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Same File with Comments removed for easier read: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ====More Info==== <div class="toccolours mw-collapsible mw-collapsed"> <b>autoindex on;</b> directive: <div class="mw-collapsible-content"> The <b>autoindex on;</b> directive in an Nginx configuration file enables directory listing for the specified location. In other words, if a user requests a URL that corresponds to a directory (rather than a specific file), and '''autoindex on;''' is specified for that location in the Nginx configuration file, then Nginx will generate a directory listing page that shows the contents of that directory. This can be useful for making files available for download or for providing an easy way to browse the contents of a directory. However, it can also be a security risk if sensitive files are inadvertently made available for download or if a user gains access to a directory listing page that they should not be able to access. To mitigate this risk, it's important to ensure that the '''autoindex on;''' directive is only used when necessary and is not enabled for sensitive directories or files. It's also a good idea to customize the appearance of the directory listing page to make it clear what files are available and to restrict access to the directory listing page using Nginx authentication or other security measures. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Nginx Config File: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; ######^^^ These two lines specify that the server block is listening on port 80 (the default HTTP port) for IPv4 and IPv6 connections. The default_server parameter indicates that this block will be used as the default server block for any incoming connections that do not match any other server blocks. ################################################# root /var/www/html; ######^^ This line sets the root directory for the server block. This is the directory where Nginx will look for files to serve in response to incoming requests. ########################################## # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; ##########^^ This line specifies the order in which Nginx should look for index files in the root directory when serving requests. In this case, Nginx will first look for index.html, then index.htm, and then index.nginx-debian.html. ########################################################## server_name _; #######^^ This line specifies the server name for the block. The underscore _ indicates a catch-all server name, meaning that this block will handle any requests that do not match a server name defined in another server block. ####################################################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; ###############^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. ###################################################### } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot ######^^ This block specifies the server configuration for requests that match the server name xml.completenoobs.com. The root directive specifies the root directory for this server block, and the index directive specifies the order in which Nginx should look for index files when serving requests. The server_name directive specifies the name of the server that this block handles. ###################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } ###########^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. The autoindex directive enables directory listing for this location. ############################## listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } ##################^^ These lines specify the SSL configuration for the server block, including the SSL certificates and keys, the SSL protocol settings, and the SSL Diffie-Hellman parameters. The listen directive specifies that the server block should listen for HTTPS connections on port 443, and the ssl parameter indicates that SSL/TLS should be used for these connections. The remaining lines specify the SSL certificates and keys, as well as the SSL options and Diffie-Hellman parameters managed by Certbot. ######################### server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot ########^^ This block specifies that if the incoming request matches the server name xml.completenoobs.com, Nginx should return a 301 HTTP status code (Moved Permanently) and redirect the request to HTTPS. ####################### listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } ##########^^ These lines specify the server configuration for requests that match the server name xml.completenoobs.com on port 80 (the default HTTP port). The listen directives specify that the server block should listen for HTTP connections on both IPv4 and IPv6. The server_name directive specifies the name of the server that this block handles. The return 404 directive specifies that Nginx should return a 404 HTTP status code for all requests that match this server block. Note that this server block is likely intended to be used in conjunction with another server block that handles HTTPS requests for xml.completenoobs.com, since the HTTP requests will be redirected to HTTPS by the if directive in this block. ############################ </pre> </div> </div> ==Hosting XML files for easy Downloading== we are going to delete the default index page and create another.<br> <code>rm /var/www/html/index.nginx-debian.html</code><br> <code>$EDITOR /var/www/html/index.html</code><br> Insert:<br> <pre> <!DOCTYPE html> <html> <head> <title>CompleteNoobs-XML_Dumps</title> </head> <body> <h1> <a href="xmlDumps/">Click here for are latest XML Dumps</a>.</p> </h1> </body> </html> </pre> <br> Create a Directory to place are dumps<br> <code>mkdir /var/www/html/xmlDumps</code><br> This is the directory we will place are dumps for sharing and easy downloads.<br> <code>chown -R www-data:www-data /var/www/html/xmlDumps</code><br> <code>systemctl restart nginx</code><br> now create a test file with some content and test.<br> <code>$EDITOR /var/www/html/xmlDumps/test.txt</code><br> Check you can see/read on web browser.<br> This is the directory where we will send are mediawiki dumps.<br> ==Transfer Files to Sharing Directory== NOTE: [[Scp_only|If you are receiving file from another server (setup server to send with script and ssh-keys), you may wish to create another account which can only receive '''scp''' to path]] ===scp=== Check [[SCP_Examples|SCP_Examples]] for more examples:<br> To send direct from MediaWiki server (Example file 'xmlDump-03-03-2023')<br> Will be prompted to enter password:<br> <code>scp /path/to/xmlDump-03-03-2023 root@xml.completenoobs.com:/var/www/html/xmlDumps/</code><br> ===sshfs=== [[Sshfs_ubuntu|Read the sshfs page for more info]]<br> Can be useful if you are transferring a large number of files from your computer to server and want to use the GUI file explorer.<br> <br> NOTE:replace $USER with your user account (Example: mine is 'ubunix' so i will replace '$USER' with 'ubunix') <br> Install sshfs on your computer<br> <code>sudo apt install sshfs</code><br> Create a Directory you are going to mount remote server directory to:<br> <code>mkdir /home/$USER/ServerMount</code><br> <br> <code>sudo sshfs -o allow_other,default_permissions root@xml.completenoobs.com:/var/www/html/xmlDumps/ /home/$USER/ServerMount/</code><br> To umount use:<br> <code>sudo umount /home/$USER/ServerMount</code><br> ==Require Username and Password to view website/files (Optional - Placed here for educational reasons)== <code>apt install apache2-utils</code><br> In your <code>/etc/nginx/sites-available/default</code><br> Append the lines(see before and after files to see where):<br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: Before <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: After <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ===Create a login Username and Password to view your website=== Add user; change <b>user1</b> to username of your choice; you will be prompted for password.<br \> <code>htpasswd -c /etc/nginx/.htpasswd user1</code><br \> The <b>-c</b> flag is only needed the first time to create the file <b>/etc/nginx/.htpasswd</b><br \> Add second user; the same method is used to add has many users has you want.<br \> <code>htpasswd /etc/nginx/.htpasswd user2</code> <br \> To update or change passwd for user, repeat command with username of account you wish to change; enter new password.<br \> <code>htpasswd /etc/nginx/.htpasswd user1</code><br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> And try site. ===Fail2Ban to Block IP's Which Enter Incorrect Username and/or Password=== Install Fail2Ban:<br> <code>apt install fail2ban</code><br> <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code><br> <code>$EDITOR /etc/fail2ban/jail.local</code><br> Note: Can append to the very bottom of the page.<br> <pre> # Reject Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s [nginx-cup] #the name in brackets above is what you use for status # fail2ban-client status nginx-cup enabled = true filter = nginx-correct-up port = http,https logpath = /var/log/nginx/error.log findtime = 3m bantime = 3m maxretry = 3 #ignoreip = <your-ipaddress> #Note: Can find your ipaddress using `curl ifconfig.me` or visit `whatismyip.com` </pre> <br \> <code>$EDITOR /etc/fail2ban/filter.d/nginx-correct-up.conf</code><br \> <pre> [Definition] failregex = client:\s<HOST> ignoreregex = </pre> ===Check Fail2Ban for errors=== <code>fail2ban-client -d</code><br \> ===restart nginx and fail2ban so updated setting can take effect=== <code>systemctl restart fail2ban.service</code><br \> <code>systemctl restart nginx.service</code><br \> And test. ===Remove need for username and password=== Comment out (or delete) the following lines from your nginx config file:<br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Can comment out lines by placing a '#' in front.<br> <pre> #auth_basic "Hello Please Login"; #auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> ==No DNS using IP and SelfSigned Certs== ===Update system=== <code>apt update && apt upgrade -y</code><br \> ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> ===Create keys for encrypted https connection=== Note: If you are just building a quick website to test this out you can use <b>Blank</b> (just press enter) for all fields and it will still work.<br \> <code>openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> quick explanation: <div class="mw-collapsible-content"> :* '''openssl''': This command invokes the OpenSSL tool, which is a software library that provides a variety of cryptographic functions and utilities. :* '''req''': This is a subcommand of OpenSSL that is used for creating and managing X.509 certificate signing requests (CSRs) and self-signed certificates. :* -'''x509''': This option specifies that the output should be a self-signed X.509 certificate rather than a CSR. :* '''-nodes''': This option specifies that the private key should not be encrypted with a password, allowing for automatic startup of services that use SSL/TLS. :* -days 365: This option specifies the number of days that the certificate will be valid for before it expires. :* '''-newkey rsa:4096''': This option generates a new RSA private key with a key length of 4096 bits, which provides a higher level of security than shorter key lengths. :* '''-keyout /etc/ssl/private/nginx-selfsigned.key''': This option specifies the path and filename of the private key file that will be generated by OpenSSL. :* '''-out /etc/ssl/certs/nginx-selfsigned.crt''': This option specifies the path and filename of the self-signed certificate file that will be generated by OpenSSL. Overall, this command generates a self-signed SSL/TLS certificate and private key that can be used to secure an Nginx web server. The certificate and key are saved to the specified locations for use in the Nginx server configuration. It's important to note that while self-signed certificates can provide some level of encryption for your web traffic, they do not provide any form of authentication or verification of identity, and should not be used in production environments where security is a top priority. </div> </div> /etc/ssl/private/nginx-selfsigned.key<br> /etc/ssl/certs/nginx-selfsigned.crt ===Create diffhelman=== <code>openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048</code><br \> You can upgrade from 2048 to 4096 but it might take a while.<br \> <code>$EDITOR /etc/nginx/snippets/ssl-params.conf</code><br> Nginx configuration directives related to SSL/TLS: <pre> ssl_protocols TLSv1.2; #This directive specifies the SSL/TLS protocols that the server will use for secure connections. In this case, only TLS version 1.2 is allowed. ssl_prefer_server_ciphers on; #This directive tells the server to prefer the ciphers specified by the server over those requested by the client. ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL !LOW !DSS !MD5 !RC4 !EXP !PSK !SRP !CAMELLIA !SEED'; #This directive specifies the SSL/TLS ciphers that the server will use for secure connections. These ciphers prioritize the use of elliptic curve cryptography (ECDHE) for key exchange and advanced encryption algorithms such as AES256 and CHACHA20-POLY1305 for encryption. ssl_ecdh_curve secp384r1; #This directive specifies the elliptic curve Diffie-Hellman (ECDH) curve that the server will use for key exchange. In this case, the secp384r1 curve is used. ssl_session_cache shared:SSL:10m; ssl_session_tickets off; #These directives configure SSL session caching, which can improve performance by allowing the server to reuse SSL session parameters for multiple connections. The ssl_session_cache directive specifies the type of session cache to use, and the ssl_session_tickets directive specifies whether session tickets should be used. # need to turn ssl_stapling off for selfsigned or will get errors in /var/log/nginx/error.log ssl_stapling off; ssl_stapling_verify off; #These directives configure OCSP stapling, which can improve security by allowing the server to provide proof of the SSL/TLS certificate's validity without requiring the client to contact the certificate authority. The ssl_stapling directive specifies whether stapling should be used, and the ssl_stapling_verify directive specifies whether the server should verify the OCSP response from the certificate authority. resolver 8.8.8.8 80.80.80.80 valid=300s; resolver_timeout 5s; #These directives configure DNS resolution for OCSP stapling. The resolver directive specifies the DNS servers to use for resolving OCSP requests, and the valid parameter specifies the duration for which DNS responses will be cached. The resolver_timeout directive specifies the timeout value for DNS resolution. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; #These directives add security-related HTTP headers to responses sent by the server. The Strict-Transport-Security header specifies that SSL/TLS should always be used for connections to the server, and the X-Frame-Options and X-Content-Type-Options headers help protect against clickjacking and MIME sniffing attacks, respectively. ssl_dhparam /etc/ssl/certs/dhparam.pem; #This directive specifies the location of the Diffie-Hellman parameters file used for SSL/TLS key exchange. The ssl_dhparam directive is used to specify the path to the file that contains the Diffie-Hellman parameters. ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; # self-signed certificate file ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; # private key file </pre> ====Nginx==== <code>$EDITOR /etc/nginx/sites-available/default</code><br \> <b>MAKE SURE TO CHANGE IP 12.34.56.78 to YOUR servers Public IP address</b><br \> <pre> server { listen 80 default_server; listen [::]:80 default_server; server_name 12.34.56.78; ## change ip to match your server ip return 302 https://$server_name$request_uri; } server { # SSL configuration # listen 443 ssl default_server; listen [::]:443 ssl default_server; include snippets/ssl-params.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } } </pre> ====Restart Nginx==== <code> systemctl restart nginx</code><br \> ====Allow Nginx pass firewall==== <code>ufw allow 80/tcp</code><br \> <code>ufw allow 443/tcp</code><br \> ====Create a Directory to share store files==== <code>mkdir /var/www/html/files</code><br \> ====Create an html file==== <code>$EDITOR /var/www/html/index.html</code><br \> <pre> <!DOCTYPE html> <html> <head> <title>Files For Download</title> </head> <body> <a href="files">Click here for are latest files</a>.</p> </body> </html> </pre> ====Transfer_Files_to_Sharing_Directory==== [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04#Transfer_Files_to_Sharing_Directory|Same as with using certbot]]<br><br> [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04#Require_Username_and_Password_to_view_website/files_(Optional_-_Placed_here_for_educational_reasons)|Require Username and Passwd to view files]] a8zya4jju13x37x9gz7qidfj3potfs3 0 76 275 2023-04-02T21:53:08Z Noob 1 Created page with "==Create User Account== add user using a ubuntu script <code>/usr/sbin/adduser</code><br \> <code>adduser <username></code><br \> And nice and straightforward.<br \> Manually for scripts:<br \> <code>useradd</code>-><code>/usr/sbin/useradd</code> <br \> Syntax:<code>useradd -s <path/shell> -d <directory> -m -G <SecondaryGroup> <user>; passwd <user> </code><br \> Example<code>useradd -s /bin/bash -d /home/green -m -G sudo green;passwd green</code> <div class="toccolours..." 275 wikitext text/x-wiki ==Create User Account== add user using a ubuntu script <code>/usr/sbin/adduser</code><br \> <code>adduser <username></code><br \> And nice and straightforward.<br \> Manually for scripts:<br \> <code>useradd</code>-><code>/usr/sbin/useradd</code> <br \> Syntax:<code>useradd -s <path/shell> -d <directory> -m -G <SecondaryGroup> <user>; passwd <user> </code><br \> Example<code>useradd -s /bin/bash -d /home/green -m -G sudo green;passwd green</code> <div class="toccolours mw-collapsible mw-collapsed"> flag notes: <div class="mw-collapsible-content"> <b>-s</b> login shell to be used for created account<br \> <b>-d</b> home directory for created account.<br \> <b>-m</b> make home directory if does not exist.<br \> <b>-G</b> add created user to groups.<br \> <b>;</b> separator <br \> <b>passwd $USER</b> will prompt for a password of created account.<br \> </div> </div> ===Create User Account with restricted shell=== <code>sudo useradd -s /usr/bin/rbash -d /home/<username> -m <username>;passwd <username></code> ==Change User Shell== Give a user a restricted shell:<br \> <code>chsh -s /usr/bin/rbash <user></code> ==Change User Password== Open a terminal window and type the following command, replacing "username" with the name of the user whose password you want to change: <code>sudo passwd username</code> :* You will be prompted to enter and confirm the new password for the user. Follow the on-screen instructions to complete the process. :* Once the password has been changed, you can test it by logging in to the Ubuntu server with the user's credentials. ==Remove/Delete User== To delete a user and their home directory on Ubuntu 22.04, you can use the userdel command. Follow these steps: :* Open a terminal window. :* Make sure you have root privileges or use sudo. You need administrative rights to delete a user. If you're not logged in as the root user, you can use sudo to execute the command with elevated privileges. :* Use the <b>userdel</b> command with the <b>-r</b> flag to delete the user and their home directory: <code>sudo userdel -r username</code> Replace username with the actual username of the user you want to delete. The -r flag will remove the user's home directory, along with their mail spool, and any files they own in their home directory. Be cautious when using this flag, as it will permanently delete the user's data. Note: Before deleting a user, ensure that they are not currently logged in and that no processes are running under their account. You can use the who command to see <b>who</b> is currently logged in and the <b>ps -u username</b> command to check for any running processes for that user. If necessary, you can terminate processes using the <b>kill</b> command, followed by the process ID To delete USER and keep there <b>home directory</b> on system use:<br> <code>userdel username</code> ==Add user to group/s== add user to sudo group after account created:<br \> <code>usermod -aG sudo <user></code> ==Check if a User is a member of a group== To check if a user is a member of a specific group, you can use the groups or id command. :* groups command: <code>groups username</code> Replace username with the actual username. This command will display a list of groups the user is a member of. :* id command: <code>id username</code> Replace username with the actual username. This command will display the user ID, group ID, and the groups the user is a member of. ==See what users are in a specific group== To see the list of users in a specific group, you can use the getent command: <code>getent group groupname</code> Replace groupname with the actual name of the group you want to check. This command will display the group name, group ID, and the list of users in that group. Alternatively, you can check the /etc/group file, which contains information about all the groups on your system and their members: <code>grep groupname /etc/group</code> Replace groupname with the actual name of the group. This command will display the group name, group ID, and the list of users in that group. ==Find Users on system== <code>/etc/passwd</code> see users<br \> <code>/etc/shadow</code> contains hash of passwords.<br \> <code>cat /etc/shadow | grep <user></code><br \> ==Run Command as another user== <code>sudo -H -u <user> bash -c "mkdir /home/<user>/.ssh"</code> <code>su - <user> -c "mkdir /home/<user>/.ssh"</code> <code>su - www-data -c "touch /var/log/logfile"</code> == Monitoring user activity on your system == To see what users are currently doing on your system, you can use the following commands:<br> <code>who</code> :* <b>who</b>: Shows a list of users currently logged in, their terminal, and login time. :* w: Displays information about the users currently on the machine and their processes. This includes the user's login name, terminal, host, login time, idle time, and the currently running process. :* last: Shows a list of the last logged-in users. To monitor the activity of a specific user, you can use the ps command with the -u flag, followed by the username: <code>ps -u username</code> This command will show a list of processes owned by the specified user. bnsb2ve5nw777xxy9vngmfbjlagga3w 0 77 279 2023-04-04T22:19:59Z Noob 1 Created page with "== Introduction == Unattended-upgrades is a tool that allows Ubuntu users to automatically update their system with the latest security patches and bug fixes. It's important to keep your system up-to-date to ensure that it's secure and running smoothly. With unattended-upgrades, you don't have to worry about manually checking for updates and installing them yourself. Instead, the tool automatically downloads and installs the updates in the background, saving you time and..." 279 wikitext text/x-wiki == Introduction == Unattended-upgrades is a tool that allows Ubuntu users to automatically update their system with the latest security patches and bug fixes. It's important to keep your system up-to-date to ensure that it's secure and running smoothly. With unattended-upgrades, you don't have to worry about manually checking for updates and installing them yourself. Instead, the tool automatically downloads and installs the updates in the background, saving you time and effort. By using unattended-upgrades, you can be confident that your Ubuntu system is always up-to-date and protected from security vulnerabilities. ==Install unattended-upgrades== <code>unattended-upgrades</code> package should be pre installed on ubuntu If not you can install with <code>sudo apt install unattended-upgrades</code> Unattended-upgrades config files are kept in directory <code>/etc/apt/apt.conf.d/</code> ===<code>/etc/apt/apt.conf.d/</code>=== Each of the configuration files in directory serves a specific purpose in managing different aspects of the Ubuntu system updates. Here's a brief summary of what each of these files does: :* '''01-vendor-ubuntu''': This file specifies the vendor-specific configuration for Ubuntu. It defines the Ubuntu-specific package sources and repository settings. :* '''01autoremove''': This file specifies the list of packages that can be automatically removed from the system when they are no longer needed. :* '''01autoremove-kernels''': This file specifies the list of old kernel packages that can be automatically removed from the system when a new kernel is installed. :* '''10periodic''': This file specifies the frequency of automatic system updates. It allows you to set how often the system checks for updates and installs them. :* '''15update-stamp''': This file stores the timestamp of the last system update. :* '''20archive''': This file specifies the settings for the package archive, including the URL of the package repository and the authentication keys for verifying package integrity. :* '''20auto-upgrades''': This file specifies the configuration settings for automatic updates, including which packages to update and how to install them. :* '''20packagekit''': This file specifies the configuration settings for PackageKit, which is a system service for managing software updates. :* '''20snapd.conf''': This file specifies the configuration settings for the Snap package manager. :* '''50command-not-found''': This file specifies the behavior of the command-not-found feature, which suggests packages to install when a command is not found. :* '''50unattended-upgrades''': This file specifies the settings for unattended-upgrades, which is a tool for automatically installing security updates. :* '''70debconf''': This file specifies the settings for debconf, which is a configuration management system for Debian-based systems. :* '''99update-notifier''': This file specifies the behavior of the update-notifier, which is a tool for notifying users about available system updates. Each of these configuration files plays an important role in managing different aspects of system updates in Ubuntu, and understanding their purpose can be helpful in customizing the system update settings to fit your specific needs. ==Quick Start - Up and running auto updates== ===Check service is running and enabled=== <code>sudo systemctl enable unattended-upgrades</code> ===50unattended-upgrades=== '''/etc/apt/apt.conf.d/50unattended-upgrades''' is a configuration file that specifies the settings for automatically installing security updates using the unattended-upgrades tool in Ubuntu. <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades </code><br> <div class="toccolours mw-collapsible mw-collapsed"> Default Content <code>/etc/apt/apt.conf.d/50unattended-upgrades</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Note: Having a <b><code>//</code></b> At the Front of the line, will comment out the line: <div class="mw-collapsible-content"> lines that begin with a "#" or "//" are called comments. These lines are ignored by the system and are intended for human readers to provide explanations or context about the configuration settings. When you "comment out" a line in a configuration file, you are essentially telling the system to ignore that line of configuration. This can be useful if you want to temporarily disable or override a specific configuration setting without having to delete it entirely. For example, if you wanted to temporarily disable automatic updates in Ubuntu, you could comment out the line that enables them in the /etc/apt/apt.conf.d/20auto-upgrades file by adding a "#" or "//" character at the beginning of the line. This would prevent the system from executing that particular configuration setting and would effectively disable automatic updates until you uncommented the line by removing the "#" or "//" characters. </div> </div> <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; // "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> ===Common Server Changes - Quick start guide=== <b>Note: The only change required to enable auto updates is to uncomment:<br> <code>// "${distro_id}:${distro_codename}-updates";</code><br> The rest is opitional.</b><br> ====updates==== <code>// "${distro_id}:${distro_codename}-updates";</code><br> Change to:<br> <code> "${distro_id}:${distro_codename}-updates";</code> ====Remove unused automatically installed kernel-related packages==== <code>//Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code><br> Change to:<br> <code>Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code> ==== Do automatic removal of newly unused dependencies after the upgrade==== <code>//Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code> ==== Do automatic removal of unused packages after the upgrade - apt-get autoremove==== <code>//Unattended-Upgrade::Remove-Unused-Dependencies "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-Unused-Dependencies "true";</code> ====Automatically reboot *WITHOUT CONFIRMATION* If the file /var/run/reboot-required is found after the upgrade==== <code>//Unattended-Upgrade::Automatic-Reboot "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot "true";</code> ====Automatically reboot even if there are users currently logged in when Unattended-Upgrade::Automatic-Reboot is set to true==== <code>//Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code> ====If automatic reboot is enabled and needed, reboot at the specific time instead of immediately==== <code>//Unattended-Upgrade::Automatic-Reboot-Time "02:00";</code><br> Change to: Note: Reboot-Time is your server/computers time zone: Use the command <code>date</code> to see time zone.<br> <code>Unattended-Upgrade::Automatic-Reboot-Time "04:00";</code> ===Save and Exit Config file=== <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/apt/apt.conf.d/50unattended-upgrades</code> Config File After Changes: <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> And that's pretty much your <b>Basic Quick Start Auto Updates</b> taken care of!<br> ==What time does <code>unattended-upgrades</code> run?== By default, the unattended-upgrades tool in Ubuntu is configured to run once a day at a random time between 6:00 AM and 7:00 AM, local time. However, you can modify the time at which unattended-upgrades runs by editing the '''/etc/apt/apt.conf.d/20auto-upgrades''' file. In this file, you can set the '''APT::Periodic::RandomSleep''' and '''APT::Periodic::Unattended-Upgrade::RandomSleep''' options to specify the range of random delay times in seconds before '''unattended-upgrades''' runs. Additionally, you can set the '''APT::Periodic::Unattended-Upgrade::StartHour''' and '''APT::Periodic::Unattended-Upgrade::StartMinute''' options to specify the exact time at which unattended-upgrades runs each day. For example, if you want '''unattended-upgrades''' to run at '''2:30 AM every day''', you can add the following lines to the '''/etc/apt/apt.conf.d/20auto-upgrades''' file: <pre> APT::Periodic::Unattended-Upgrade "1"; APT::Periodic::Unattended-Upgrade::StartHour "2"; APT::Periodic::Unattended-Upgrade::StartMinute "30"; </pre> After making changes to this file, you will need to save and close it, and then wait for the specified time to see if the changes have taken effect. suogqyyzdicy29kwoa7ubjro7op4sth 505 279 2025-04-17T16:47:45Z AwesomO 5 /* updates */ 505 wikitext text/x-wiki == Introduction == Unattended-upgrades is a tool that allows Ubuntu users to automatically update their system with the latest security patches and bug fixes. It's important to keep your system up-to-date to ensure that it's secure and running smoothly. With unattended-upgrades, you don't have to worry about manually checking for updates and installing them yourself. Instead, the tool automatically downloads and installs the updates in the background, saving you time and effort. By using unattended-upgrades, you can be confident that your Ubuntu system is always up-to-date and protected from security vulnerabilities. ==Install unattended-upgrades== <code>unattended-upgrades</code> package should be pre installed on ubuntu If not you can install with <code>sudo apt install unattended-upgrades</code> Unattended-upgrades config files are kept in directory <code>/etc/apt/apt.conf.d/</code> ===<code>/etc/apt/apt.conf.d/</code>=== Each of the configuration files in directory serves a specific purpose in managing different aspects of the Ubuntu system updates. Here's a brief summary of what each of these files does: :* '''01-vendor-ubuntu''': This file specifies the vendor-specific configuration for Ubuntu. It defines the Ubuntu-specific package sources and repository settings. :* '''01autoremove''': This file specifies the list of packages that can be automatically removed from the system when they are no longer needed. :* '''01autoremove-kernels''': This file specifies the list of old kernel packages that can be automatically removed from the system when a new kernel is installed. :* '''10periodic''': This file specifies the frequency of automatic system updates. It allows you to set how often the system checks for updates and installs them. :* '''15update-stamp''': This file stores the timestamp of the last system update. :* '''20archive''': This file specifies the settings for the package archive, including the URL of the package repository and the authentication keys for verifying package integrity. :* '''20auto-upgrades''': This file specifies the configuration settings for automatic updates, including which packages to update and how to install them. :* '''20packagekit''': This file specifies the configuration settings for PackageKit, which is a system service for managing software updates. :* '''20snapd.conf''': This file specifies the configuration settings for the Snap package manager. :* '''50command-not-found''': This file specifies the behavior of the command-not-found feature, which suggests packages to install when a command is not found. :* '''50unattended-upgrades''': This file specifies the settings for unattended-upgrades, which is a tool for automatically installing security updates. :* '''70debconf''': This file specifies the settings for debconf, which is a configuration management system for Debian-based systems. :* '''99update-notifier''': This file specifies the behavior of the update-notifier, which is a tool for notifying users about available system updates. Each of these configuration files plays an important role in managing different aspects of system updates in Ubuntu, and understanding their purpose can be helpful in customizing the system update settings to fit your specific needs. ==Quick Start - Up and running auto updates== ===Check service is running and enabled=== <code>sudo systemctl enable unattended-upgrades</code> ===50unattended-upgrades=== '''/etc/apt/apt.conf.d/50unattended-upgrades''' is a configuration file that specifies the settings for automatically installing security updates using the unattended-upgrades tool in Ubuntu. <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades </code><br> <div class="toccolours mw-collapsible mw-collapsed"> Default Content <code>/etc/apt/apt.conf.d/50unattended-upgrades</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Note: Having a <b><code>//</code></b> At the Front of the line, will comment out the line: <div class="mw-collapsible-content"> lines that begin with a "#" or "//" are called comments. These lines are ignored by the system and are intended for human readers to provide explanations or context about the configuration settings. When you "comment out" a line in a configuration file, you are essentially telling the system to ignore that line of configuration. This can be useful if you want to temporarily disable or override a specific configuration setting without having to delete it entirely. For example, if you wanted to temporarily disable automatic updates in Ubuntu, you could comment out the line that enables them in the /etc/apt/apt.conf.d/20auto-upgrades file by adding a "#" or "//" character at the beginning of the line. This would prevent the system from executing that particular configuration setting and would effectively disable automatic updates until you uncommented the line by removing the "#" or "//" characters. </div> </div> <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; // "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> ===Common Server Changes - Quick start guide=== <b>Note: The only change required to enable auto updates is to uncomment:<br> <code>// "${distro_id}:${distro_codename}-updates";</code><br> The rest is opitional.</b><br> ====updates==== * Line: 15 <code>// "${distro_id}:${distro_codename}-updates";</code><br> Change to:<br> <code> "${distro_id}:${distro_codename}-updates";</code> ====Remove unused automatically installed kernel-related packages==== <code>//Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code><br> Change to:<br> <code>Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code> ==== Do automatic removal of newly unused dependencies after the upgrade==== <code>//Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code> ==== Do automatic removal of unused packages after the upgrade - apt-get autoremove==== <code>//Unattended-Upgrade::Remove-Unused-Dependencies "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-Unused-Dependencies "true";</code> ====Automatically reboot *WITHOUT CONFIRMATION* If the file /var/run/reboot-required is found after the upgrade==== <code>//Unattended-Upgrade::Automatic-Reboot "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot "true";</code> ====Automatically reboot even if there are users currently logged in when Unattended-Upgrade::Automatic-Reboot is set to true==== <code>//Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code> ====If automatic reboot is enabled and needed, reboot at the specific time instead of immediately==== <code>//Unattended-Upgrade::Automatic-Reboot-Time "02:00";</code><br> Change to: Note: Reboot-Time is your server/computers time zone: Use the command <code>date</code> to see time zone.<br> <code>Unattended-Upgrade::Automatic-Reboot-Time "04:00";</code> ===Save and Exit Config file=== <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/apt/apt.conf.d/50unattended-upgrades</code> Config File After Changes: <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> And that's pretty much your <b>Basic Quick Start Auto Updates</b> taken care of!<br> ==What time does <code>unattended-upgrades</code> run?== By default, the unattended-upgrades tool in Ubuntu is configured to run once a day at a random time between 6:00 AM and 7:00 AM, local time. However, you can modify the time at which unattended-upgrades runs by editing the '''/etc/apt/apt.conf.d/20auto-upgrades''' file. In this file, you can set the '''APT::Periodic::RandomSleep''' and '''APT::Periodic::Unattended-Upgrade::RandomSleep''' options to specify the range of random delay times in seconds before '''unattended-upgrades''' runs. Additionally, you can set the '''APT::Periodic::Unattended-Upgrade::StartHour''' and '''APT::Periodic::Unattended-Upgrade::StartMinute''' options to specify the exact time at which unattended-upgrades runs each day. For example, if you want '''unattended-upgrades''' to run at '''2:30 AM every day''', you can add the following lines to the '''/etc/apt/apt.conf.d/20auto-upgrades''' file: <pre> APT::Periodic::Unattended-Upgrade "1"; APT::Periodic::Unattended-Upgrade::StartHour "2"; APT::Periodic::Unattended-Upgrade::StartMinute "30"; </pre> After making changes to this file, you will need to save and close it, and then wait for the specified time to see if the changes have taken effect. 7ek27ccdmkyb95ayjj3hykflin4zg29 506 505 2025-04-17T16:49:09Z AwesomO 5 /* Remove unused automatically installed kernel-related packages */ 506 wikitext text/x-wiki == Introduction == Unattended-upgrades is a tool that allows Ubuntu users to automatically update their system with the latest security patches and bug fixes. It's important to keep your system up-to-date to ensure that it's secure and running smoothly. With unattended-upgrades, you don't have to worry about manually checking for updates and installing them yourself. Instead, the tool automatically downloads and installs the updates in the background, saving you time and effort. By using unattended-upgrades, you can be confident that your Ubuntu system is always up-to-date and protected from security vulnerabilities. ==Install unattended-upgrades== <code>unattended-upgrades</code> package should be pre installed on ubuntu If not you can install with <code>sudo apt install unattended-upgrades</code> Unattended-upgrades config files are kept in directory <code>/etc/apt/apt.conf.d/</code> ===<code>/etc/apt/apt.conf.d/</code>=== Each of the configuration files in directory serves a specific purpose in managing different aspects of the Ubuntu system updates. Here's a brief summary of what each of these files does: :* '''01-vendor-ubuntu''': This file specifies the vendor-specific configuration for Ubuntu. It defines the Ubuntu-specific package sources and repository settings. :* '''01autoremove''': This file specifies the list of packages that can be automatically removed from the system when they are no longer needed. :* '''01autoremove-kernels''': This file specifies the list of old kernel packages that can be automatically removed from the system when a new kernel is installed. :* '''10periodic''': This file specifies the frequency of automatic system updates. It allows you to set how often the system checks for updates and installs them. :* '''15update-stamp''': This file stores the timestamp of the last system update. :* '''20archive''': This file specifies the settings for the package archive, including the URL of the package repository and the authentication keys for verifying package integrity. :* '''20auto-upgrades''': This file specifies the configuration settings for automatic updates, including which packages to update and how to install them. :* '''20packagekit''': This file specifies the configuration settings for PackageKit, which is a system service for managing software updates. :* '''20snapd.conf''': This file specifies the configuration settings for the Snap package manager. :* '''50command-not-found''': This file specifies the behavior of the command-not-found feature, which suggests packages to install when a command is not found. :* '''50unattended-upgrades''': This file specifies the settings for unattended-upgrades, which is a tool for automatically installing security updates. :* '''70debconf''': This file specifies the settings for debconf, which is a configuration management system for Debian-based systems. :* '''99update-notifier''': This file specifies the behavior of the update-notifier, which is a tool for notifying users about available system updates. Each of these configuration files plays an important role in managing different aspects of system updates in Ubuntu, and understanding their purpose can be helpful in customizing the system update settings to fit your specific needs. ==Quick Start - Up and running auto updates== ===Check service is running and enabled=== <code>sudo systemctl enable unattended-upgrades</code> ===50unattended-upgrades=== '''/etc/apt/apt.conf.d/50unattended-upgrades''' is a configuration file that specifies the settings for automatically installing security updates using the unattended-upgrades tool in Ubuntu. <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades </code><br> <div class="toccolours mw-collapsible mw-collapsed"> Default Content <code>/etc/apt/apt.conf.d/50unattended-upgrades</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Note: Having a <b><code>//</code></b> At the Front of the line, will comment out the line: <div class="mw-collapsible-content"> lines that begin with a "#" or "//" are called comments. These lines are ignored by the system and are intended for human readers to provide explanations or context about the configuration settings. When you "comment out" a line in a configuration file, you are essentially telling the system to ignore that line of configuration. This can be useful if you want to temporarily disable or override a specific configuration setting without having to delete it entirely. For example, if you wanted to temporarily disable automatic updates in Ubuntu, you could comment out the line that enables them in the /etc/apt/apt.conf.d/20auto-upgrades file by adding a "#" or "//" character at the beginning of the line. This would prevent the system from executing that particular configuration setting and would effectively disable automatic updates until you uncommented the line by removing the "#" or "//" characters. </div> </div> <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; // "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> ===Common Server Changes - Quick start guide=== <b>Note: The only change required to enable auto updates is to uncomment:<br> <code>// "${distro_id}:${distro_codename}-updates";</code><br> The rest is opitional.</b><br> ====updates==== * Line: 15 <code>// "${distro_id}:${distro_codename}-updates";</code><br> Change to:<br> <code> "${distro_id}:${distro_codename}-updates";</code> ====Remove unused automatically installed kernel-related packages==== * Line: 83 <code>//Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code><br> Change to:<br> <code>Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code> ==== Do automatic removal of newly unused dependencies after the upgrade==== <code>//Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code> ==== Do automatic removal of unused packages after the upgrade - apt-get autoremove==== <code>//Unattended-Upgrade::Remove-Unused-Dependencies "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-Unused-Dependencies "true";</code> ====Automatically reboot *WITHOUT CONFIRMATION* If the file /var/run/reboot-required is found after the upgrade==== <code>//Unattended-Upgrade::Automatic-Reboot "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot "true";</code> ====Automatically reboot even if there are users currently logged in when Unattended-Upgrade::Automatic-Reboot is set to true==== <code>//Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code> ====If automatic reboot is enabled and needed, reboot at the specific time instead of immediately==== <code>//Unattended-Upgrade::Automatic-Reboot-Time "02:00";</code><br> Change to: Note: Reboot-Time is your server/computers time zone: Use the command <code>date</code> to see time zone.<br> <code>Unattended-Upgrade::Automatic-Reboot-Time "04:00";</code> ===Save and Exit Config file=== <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/apt/apt.conf.d/50unattended-upgrades</code> Config File After Changes: <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> And that's pretty much your <b>Basic Quick Start Auto Updates</b> taken care of!<br> ==What time does <code>unattended-upgrades</code> run?== By default, the unattended-upgrades tool in Ubuntu is configured to run once a day at a random time between 6:00 AM and 7:00 AM, local time. However, you can modify the time at which unattended-upgrades runs by editing the '''/etc/apt/apt.conf.d/20auto-upgrades''' file. In this file, you can set the '''APT::Periodic::RandomSleep''' and '''APT::Periodic::Unattended-Upgrade::RandomSleep''' options to specify the range of random delay times in seconds before '''unattended-upgrades''' runs. Additionally, you can set the '''APT::Periodic::Unattended-Upgrade::StartHour''' and '''APT::Periodic::Unattended-Upgrade::StartMinute''' options to specify the exact time at which unattended-upgrades runs each day. For example, if you want '''unattended-upgrades''' to run at '''2:30 AM every day''', you can add the following lines to the '''/etc/apt/apt.conf.d/20auto-upgrades''' file: <pre> APT::Periodic::Unattended-Upgrade "1"; APT::Periodic::Unattended-Upgrade::StartHour "2"; APT::Periodic::Unattended-Upgrade::StartMinute "30"; </pre> After making changes to this file, you will need to save and close it, and then wait for the specified time to see if the changes have taken effect. batv966zjs1e9ctl0qzloxu1rw3vfly 507 506 2025-04-17T16:49:41Z AwesomO 5 /* Do automatic removal of newly unused dependencies after the upgrade */ 507 wikitext text/x-wiki == Introduction == Unattended-upgrades is a tool that allows Ubuntu users to automatically update their system with the latest security patches and bug fixes. It's important to keep your system up-to-date to ensure that it's secure and running smoothly. With unattended-upgrades, you don't have to worry about manually checking for updates and installing them yourself. Instead, the tool automatically downloads and installs the updates in the background, saving you time and effort. By using unattended-upgrades, you can be confident that your Ubuntu system is always up-to-date and protected from security vulnerabilities. ==Install unattended-upgrades== <code>unattended-upgrades</code> package should be pre installed on ubuntu If not you can install with <code>sudo apt install unattended-upgrades</code> Unattended-upgrades config files are kept in directory <code>/etc/apt/apt.conf.d/</code> ===<code>/etc/apt/apt.conf.d/</code>=== Each of the configuration files in directory serves a specific purpose in managing different aspects of the Ubuntu system updates. Here's a brief summary of what each of these files does: :* '''01-vendor-ubuntu''': This file specifies the vendor-specific configuration for Ubuntu. It defines the Ubuntu-specific package sources and repository settings. :* '''01autoremove''': This file specifies the list of packages that can be automatically removed from the system when they are no longer needed. :* '''01autoremove-kernels''': This file specifies the list of old kernel packages that can be automatically removed from the system when a new kernel is installed. :* '''10periodic''': This file specifies the frequency of automatic system updates. It allows you to set how often the system checks for updates and installs them. :* '''15update-stamp''': This file stores the timestamp of the last system update. :* '''20archive''': This file specifies the settings for the package archive, including the URL of the package repository and the authentication keys for verifying package integrity. :* '''20auto-upgrades''': This file specifies the configuration settings for automatic updates, including which packages to update and how to install them. :* '''20packagekit''': This file specifies the configuration settings for PackageKit, which is a system service for managing software updates. :* '''20snapd.conf''': This file specifies the configuration settings for the Snap package manager. :* '''50command-not-found''': This file specifies the behavior of the command-not-found feature, which suggests packages to install when a command is not found. :* '''50unattended-upgrades''': This file specifies the settings for unattended-upgrades, which is a tool for automatically installing security updates. :* '''70debconf''': This file specifies the settings for debconf, which is a configuration management system for Debian-based systems. :* '''99update-notifier''': This file specifies the behavior of the update-notifier, which is a tool for notifying users about available system updates. Each of these configuration files plays an important role in managing different aspects of system updates in Ubuntu, and understanding their purpose can be helpful in customizing the system update settings to fit your specific needs. ==Quick Start - Up and running auto updates== ===Check service is running and enabled=== <code>sudo systemctl enable unattended-upgrades</code> ===50unattended-upgrades=== '''/etc/apt/apt.conf.d/50unattended-upgrades''' is a configuration file that specifies the settings for automatically installing security updates using the unattended-upgrades tool in Ubuntu. <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades </code><br> <div class="toccolours mw-collapsible mw-collapsed"> Default Content <code>/etc/apt/apt.conf.d/50unattended-upgrades</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Note: Having a <b><code>//</code></b> At the Front of the line, will comment out the line: <div class="mw-collapsible-content"> lines that begin with a "#" or "//" are called comments. These lines are ignored by the system and are intended for human readers to provide explanations or context about the configuration settings. When you "comment out" a line in a configuration file, you are essentially telling the system to ignore that line of configuration. This can be useful if you want to temporarily disable or override a specific configuration setting without having to delete it entirely. For example, if you wanted to temporarily disable automatic updates in Ubuntu, you could comment out the line that enables them in the /etc/apt/apt.conf.d/20auto-upgrades file by adding a "#" or "//" character at the beginning of the line. This would prevent the system from executing that particular configuration setting and would effectively disable automatic updates until you uncommented the line by removing the "#" or "//" characters. </div> </div> <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; // "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> ===Common Server Changes - Quick start guide=== <b>Note: The only change required to enable auto updates is to uncomment:<br> <code>// "${distro_id}:${distro_codename}-updates";</code><br> The rest is opitional.</b><br> ====updates==== * Line: 15 <code>// "${distro_id}:${distro_codename}-updates";</code><br> Change to:<br> <code> "${distro_id}:${distro_codename}-updates";</code> ====Remove unused automatically installed kernel-related packages==== * Line: 83 <code>//Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code><br> Change to:<br> <code>Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code> ==== Do automatic removal of newly unused dependencies after the upgrade==== * Line: 86 <code>//Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code> ==== Do automatic removal of unused packages after the upgrade - apt-get autoremove==== <code>//Unattended-Upgrade::Remove-Unused-Dependencies "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-Unused-Dependencies "true";</code> ====Automatically reboot *WITHOUT CONFIRMATION* If the file /var/run/reboot-required is found after the upgrade==== <code>//Unattended-Upgrade::Automatic-Reboot "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot "true";</code> ====Automatically reboot even if there are users currently logged in when Unattended-Upgrade::Automatic-Reboot is set to true==== <code>//Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code> ====If automatic reboot is enabled and needed, reboot at the specific time instead of immediately==== <code>//Unattended-Upgrade::Automatic-Reboot-Time "02:00";</code><br> Change to: Note: Reboot-Time is your server/computers time zone: Use the command <code>date</code> to see time zone.<br> <code>Unattended-Upgrade::Automatic-Reboot-Time "04:00";</code> ===Save and Exit Config file=== <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/apt/apt.conf.d/50unattended-upgrades</code> Config File After Changes: <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> And that's pretty much your <b>Basic Quick Start Auto Updates</b> taken care of!<br> ==What time does <code>unattended-upgrades</code> run?== By default, the unattended-upgrades tool in Ubuntu is configured to run once a day at a random time between 6:00 AM and 7:00 AM, local time. However, you can modify the time at which unattended-upgrades runs by editing the '''/etc/apt/apt.conf.d/20auto-upgrades''' file. In this file, you can set the '''APT::Periodic::RandomSleep''' and '''APT::Periodic::Unattended-Upgrade::RandomSleep''' options to specify the range of random delay times in seconds before '''unattended-upgrades''' runs. Additionally, you can set the '''APT::Periodic::Unattended-Upgrade::StartHour''' and '''APT::Periodic::Unattended-Upgrade::StartMinute''' options to specify the exact time at which unattended-upgrades runs each day. For example, if you want '''unattended-upgrades''' to run at '''2:30 AM every day''', you can add the following lines to the '''/etc/apt/apt.conf.d/20auto-upgrades''' file: <pre> APT::Periodic::Unattended-Upgrade "1"; APT::Periodic::Unattended-Upgrade::StartHour "2"; APT::Periodic::Unattended-Upgrade::StartMinute "30"; </pre> After making changes to this file, you will need to save and close it, and then wait for the specified time to see if the changes have taken effect. kjisj2wweljodcwkff8m317vhh8mwjt 508 507 2025-04-17T16:50:39Z AwesomO 5 /* Do automatic removal of unused packages after the upgrade - apt-get autoremove */ 508 wikitext text/x-wiki == Introduction == Unattended-upgrades is a tool that allows Ubuntu users to automatically update their system with the latest security patches and bug fixes. It's important to keep your system up-to-date to ensure that it's secure and running smoothly. With unattended-upgrades, you don't have to worry about manually checking for updates and installing them yourself. Instead, the tool automatically downloads and installs the updates in the background, saving you time and effort. By using unattended-upgrades, you can be confident that your Ubuntu system is always up-to-date and protected from security vulnerabilities. ==Install unattended-upgrades== <code>unattended-upgrades</code> package should be pre installed on ubuntu If not you can install with <code>sudo apt install unattended-upgrades</code> Unattended-upgrades config files are kept in directory <code>/etc/apt/apt.conf.d/</code> ===<code>/etc/apt/apt.conf.d/</code>=== Each of the configuration files in directory serves a specific purpose in managing different aspects of the Ubuntu system updates. Here's a brief summary of what each of these files does: :* '''01-vendor-ubuntu''': This file specifies the vendor-specific configuration for Ubuntu. It defines the Ubuntu-specific package sources and repository settings. :* '''01autoremove''': This file specifies the list of packages that can be automatically removed from the system when they are no longer needed. :* '''01autoremove-kernels''': This file specifies the list of old kernel packages that can be automatically removed from the system when a new kernel is installed. :* '''10periodic''': This file specifies the frequency of automatic system updates. It allows you to set how often the system checks for updates and installs them. :* '''15update-stamp''': This file stores the timestamp of the last system update. :* '''20archive''': This file specifies the settings for the package archive, including the URL of the package repository and the authentication keys for verifying package integrity. :* '''20auto-upgrades''': This file specifies the configuration settings for automatic updates, including which packages to update and how to install them. :* '''20packagekit''': This file specifies the configuration settings for PackageKit, which is a system service for managing software updates. :* '''20snapd.conf''': This file specifies the configuration settings for the Snap package manager. :* '''50command-not-found''': This file specifies the behavior of the command-not-found feature, which suggests packages to install when a command is not found. :* '''50unattended-upgrades''': This file specifies the settings for unattended-upgrades, which is a tool for automatically installing security updates. :* '''70debconf''': This file specifies the settings for debconf, which is a configuration management system for Debian-based systems. :* '''99update-notifier''': This file specifies the behavior of the update-notifier, which is a tool for notifying users about available system updates. Each of these configuration files plays an important role in managing different aspects of system updates in Ubuntu, and understanding their purpose can be helpful in customizing the system update settings to fit your specific needs. ==Quick Start - Up and running auto updates== ===Check service is running and enabled=== <code>sudo systemctl enable unattended-upgrades</code> ===50unattended-upgrades=== '''/etc/apt/apt.conf.d/50unattended-upgrades''' is a configuration file that specifies the settings for automatically installing security updates using the unattended-upgrades tool in Ubuntu. <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades </code><br> <div class="toccolours mw-collapsible mw-collapsed"> Default Content <code>/etc/apt/apt.conf.d/50unattended-upgrades</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Note: Having a <b><code>//</code></b> At the Front of the line, will comment out the line: <div class="mw-collapsible-content"> lines that begin with a "#" or "//" are called comments. These lines are ignored by the system and are intended for human readers to provide explanations or context about the configuration settings. When you "comment out" a line in a configuration file, you are essentially telling the system to ignore that line of configuration. This can be useful if you want to temporarily disable or override a specific configuration setting without having to delete it entirely. For example, if you wanted to temporarily disable automatic updates in Ubuntu, you could comment out the line that enables them in the /etc/apt/apt.conf.d/20auto-upgrades file by adding a "#" or "//" character at the beginning of the line. This would prevent the system from executing that particular configuration setting and would effectively disable automatic updates until you uncommented the line by removing the "#" or "//" characters. </div> </div> <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; // "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> ===Common Server Changes - Quick start guide=== <b>Note: The only change required to enable auto updates is to uncomment:<br> <code>// "${distro_id}:${distro_codename}-updates";</code><br> The rest is opitional.</b><br> ====updates==== * Line: 15 <code>// "${distro_id}:${distro_codename}-updates";</code><br> Change to:<br> <code> "${distro_id}:${distro_codename}-updates";</code> ====Remove unused automatically installed kernel-related packages==== * Line: 83 <code>//Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code><br> Change to:<br> <code>Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code> ==== Do automatic removal of newly unused dependencies after the upgrade==== * Line: 86 <code>//Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code> ==== Do automatic removal of unused packages after the upgrade - apt-get autoremove==== * Line: 90 <code>//Unattended-Upgrade::Remove-Unused-Dependencies "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-Unused-Dependencies "true";</code> ====Automatically reboot *WITHOUT CONFIRMATION* If the file /var/run/reboot-required is found after the upgrade==== <code>//Unattended-Upgrade::Automatic-Reboot "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot "true";</code> ====Automatically reboot even if there are users currently logged in when Unattended-Upgrade::Automatic-Reboot is set to true==== <code>//Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code> ====If automatic reboot is enabled and needed, reboot at the specific time instead of immediately==== <code>//Unattended-Upgrade::Automatic-Reboot-Time "02:00";</code><br> Change to: Note: Reboot-Time is your server/computers time zone: Use the command <code>date</code> to see time zone.<br> <code>Unattended-Upgrade::Automatic-Reboot-Time "04:00";</code> ===Save and Exit Config file=== <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/apt/apt.conf.d/50unattended-upgrades</code> Config File After Changes: <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> And that's pretty much your <b>Basic Quick Start Auto Updates</b> taken care of!<br> ==What time does <code>unattended-upgrades</code> run?== By default, the unattended-upgrades tool in Ubuntu is configured to run once a day at a random time between 6:00 AM and 7:00 AM, local time. However, you can modify the time at which unattended-upgrades runs by editing the '''/etc/apt/apt.conf.d/20auto-upgrades''' file. In this file, you can set the '''APT::Periodic::RandomSleep''' and '''APT::Periodic::Unattended-Upgrade::RandomSleep''' options to specify the range of random delay times in seconds before '''unattended-upgrades''' runs. Additionally, you can set the '''APT::Periodic::Unattended-Upgrade::StartHour''' and '''APT::Periodic::Unattended-Upgrade::StartMinute''' options to specify the exact time at which unattended-upgrades runs each day. For example, if you want '''unattended-upgrades''' to run at '''2:30 AM every day''', you can add the following lines to the '''/etc/apt/apt.conf.d/20auto-upgrades''' file: <pre> APT::Periodic::Unattended-Upgrade "1"; APT::Periodic::Unattended-Upgrade::StartHour "2"; APT::Periodic::Unattended-Upgrade::StartMinute "30"; </pre> After making changes to this file, you will need to save and close it, and then wait for the specified time to see if the changes have taken effect. sronrvgzheg411ix2q9oi4sq9y2c3o9 509 508 2025-04-17T16:51:19Z AwesomO 5 /* Automatically reboot *WITHOUT CONFIRMATION* If the file /var/run/reboot-required is found after the upgrade */ 509 wikitext text/x-wiki == Introduction == Unattended-upgrades is a tool that allows Ubuntu users to automatically update their system with the latest security patches and bug fixes. It's important to keep your system up-to-date to ensure that it's secure and running smoothly. With unattended-upgrades, you don't have to worry about manually checking for updates and installing them yourself. Instead, the tool automatically downloads and installs the updates in the background, saving you time and effort. By using unattended-upgrades, you can be confident that your Ubuntu system is always up-to-date and protected from security vulnerabilities. ==Install unattended-upgrades== <code>unattended-upgrades</code> package should be pre installed on ubuntu If not you can install with <code>sudo apt install unattended-upgrades</code> Unattended-upgrades config files are kept in directory <code>/etc/apt/apt.conf.d/</code> ===<code>/etc/apt/apt.conf.d/</code>=== Each of the configuration files in directory serves a specific purpose in managing different aspects of the Ubuntu system updates. Here's a brief summary of what each of these files does: :* '''01-vendor-ubuntu''': This file specifies the vendor-specific configuration for Ubuntu. It defines the Ubuntu-specific package sources and repository settings. :* '''01autoremove''': This file specifies the list of packages that can be automatically removed from the system when they are no longer needed. :* '''01autoremove-kernels''': This file specifies the list of old kernel packages that can be automatically removed from the system when a new kernel is installed. :* '''10periodic''': This file specifies the frequency of automatic system updates. It allows you to set how often the system checks for updates and installs them. :* '''15update-stamp''': This file stores the timestamp of the last system update. :* '''20archive''': This file specifies the settings for the package archive, including the URL of the package repository and the authentication keys for verifying package integrity. :* '''20auto-upgrades''': This file specifies the configuration settings for automatic updates, including which packages to update and how to install them. :* '''20packagekit''': This file specifies the configuration settings for PackageKit, which is a system service for managing software updates. :* '''20snapd.conf''': This file specifies the configuration settings for the Snap package manager. :* '''50command-not-found''': This file specifies the behavior of the command-not-found feature, which suggests packages to install when a command is not found. :* '''50unattended-upgrades''': This file specifies the settings for unattended-upgrades, which is a tool for automatically installing security updates. :* '''70debconf''': This file specifies the settings for debconf, which is a configuration management system for Debian-based systems. :* '''99update-notifier''': This file specifies the behavior of the update-notifier, which is a tool for notifying users about available system updates. Each of these configuration files plays an important role in managing different aspects of system updates in Ubuntu, and understanding their purpose can be helpful in customizing the system update settings to fit your specific needs. ==Quick Start - Up and running auto updates== ===Check service is running and enabled=== <code>sudo systemctl enable unattended-upgrades</code> ===50unattended-upgrades=== '''/etc/apt/apt.conf.d/50unattended-upgrades''' is a configuration file that specifies the settings for automatically installing security updates using the unattended-upgrades tool in Ubuntu. <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades </code><br> <div class="toccolours mw-collapsible mw-collapsed"> Default Content <code>/etc/apt/apt.conf.d/50unattended-upgrades</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Note: Having a <b><code>//</code></b> At the Front of the line, will comment out the line: <div class="mw-collapsible-content"> lines that begin with a "#" or "//" are called comments. These lines are ignored by the system and are intended for human readers to provide explanations or context about the configuration settings. When you "comment out" a line in a configuration file, you are essentially telling the system to ignore that line of configuration. This can be useful if you want to temporarily disable or override a specific configuration setting without having to delete it entirely. For example, if you wanted to temporarily disable automatic updates in Ubuntu, you could comment out the line that enables them in the /etc/apt/apt.conf.d/20auto-upgrades file by adding a "#" or "//" character at the beginning of the line. This would prevent the system from executing that particular configuration setting and would effectively disable automatic updates until you uncommented the line by removing the "#" or "//" characters. </div> </div> <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; // "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> ===Common Server Changes - Quick start guide=== <b>Note: The only change required to enable auto updates is to uncomment:<br> <code>// "${distro_id}:${distro_codename}-updates";</code><br> The rest is opitional.</b><br> ====updates==== * Line: 15 <code>// "${distro_id}:${distro_codename}-updates";</code><br> Change to:<br> <code> "${distro_id}:${distro_codename}-updates";</code> ====Remove unused automatically installed kernel-related packages==== * Line: 83 <code>//Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code><br> Change to:<br> <code>Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code> ==== Do automatic removal of newly unused dependencies after the upgrade==== * Line: 86 <code>//Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code> ==== Do automatic removal of unused packages after the upgrade - apt-get autoremove==== * Line: 90 <code>//Unattended-Upgrade::Remove-Unused-Dependencies "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-Unused-Dependencies "true";</code> ====Automatically reboot *WITHOUT CONFIRMATION* If the file /var/run/reboot-required is found after the upgrade==== * Line: 94 <code>//Unattended-Upgrade::Automatic-Reboot "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot "true";</code> ====Automatically reboot even if there are users currently logged in when Unattended-Upgrade::Automatic-Reboot is set to true==== <code>//Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code> ====If automatic reboot is enabled and needed, reboot at the specific time instead of immediately==== <code>//Unattended-Upgrade::Automatic-Reboot-Time "02:00";</code><br> Change to: Note: Reboot-Time is your server/computers time zone: Use the command <code>date</code> to see time zone.<br> <code>Unattended-Upgrade::Automatic-Reboot-Time "04:00";</code> ===Save and Exit Config file=== <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/apt/apt.conf.d/50unattended-upgrades</code> Config File After Changes: <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> And that's pretty much your <b>Basic Quick Start Auto Updates</b> taken care of!<br> ==What time does <code>unattended-upgrades</code> run?== By default, the unattended-upgrades tool in Ubuntu is configured to run once a day at a random time between 6:00 AM and 7:00 AM, local time. However, you can modify the time at which unattended-upgrades runs by editing the '''/etc/apt/apt.conf.d/20auto-upgrades''' file. In this file, you can set the '''APT::Periodic::RandomSleep''' and '''APT::Periodic::Unattended-Upgrade::RandomSleep''' options to specify the range of random delay times in seconds before '''unattended-upgrades''' runs. Additionally, you can set the '''APT::Periodic::Unattended-Upgrade::StartHour''' and '''APT::Periodic::Unattended-Upgrade::StartMinute''' options to specify the exact time at which unattended-upgrades runs each day. For example, if you want '''unattended-upgrades''' to run at '''2:30 AM every day''', you can add the following lines to the '''/etc/apt/apt.conf.d/20auto-upgrades''' file: <pre> APT::Periodic::Unattended-Upgrade "1"; APT::Periodic::Unattended-Upgrade::StartHour "2"; APT::Periodic::Unattended-Upgrade::StartMinute "30"; </pre> After making changes to this file, you will need to save and close it, and then wait for the specified time to see if the changes have taken effect. p22v5j7zf6dpi7jrewk5u5u95ihj044 510 509 2025-04-17T16:51:35Z AwesomO 5 /* Automatically reboot even if there are users currently logged in when Unattended-Upgrade::Automatic-Reboot is set to true */ 510 wikitext text/x-wiki == Introduction == Unattended-upgrades is a tool that allows Ubuntu users to automatically update their system with the latest security patches and bug fixes. It's important to keep your system up-to-date to ensure that it's secure and running smoothly. With unattended-upgrades, you don't have to worry about manually checking for updates and installing them yourself. Instead, the tool automatically downloads and installs the updates in the background, saving you time and effort. By using unattended-upgrades, you can be confident that your Ubuntu system is always up-to-date and protected from security vulnerabilities. ==Install unattended-upgrades== <code>unattended-upgrades</code> package should be pre installed on ubuntu If not you can install with <code>sudo apt install unattended-upgrades</code> Unattended-upgrades config files are kept in directory <code>/etc/apt/apt.conf.d/</code> ===<code>/etc/apt/apt.conf.d/</code>=== Each of the configuration files in directory serves a specific purpose in managing different aspects of the Ubuntu system updates. Here's a brief summary of what each of these files does: :* '''01-vendor-ubuntu''': This file specifies the vendor-specific configuration for Ubuntu. It defines the Ubuntu-specific package sources and repository settings. :* '''01autoremove''': This file specifies the list of packages that can be automatically removed from the system when they are no longer needed. :* '''01autoremove-kernels''': This file specifies the list of old kernel packages that can be automatically removed from the system when a new kernel is installed. :* '''10periodic''': This file specifies the frequency of automatic system updates. It allows you to set how often the system checks for updates and installs them. :* '''15update-stamp''': This file stores the timestamp of the last system update. :* '''20archive''': This file specifies the settings for the package archive, including the URL of the package repository and the authentication keys for verifying package integrity. :* '''20auto-upgrades''': This file specifies the configuration settings for automatic updates, including which packages to update and how to install them. :* '''20packagekit''': This file specifies the configuration settings for PackageKit, which is a system service for managing software updates. :* '''20snapd.conf''': This file specifies the configuration settings for the Snap package manager. :* '''50command-not-found''': This file specifies the behavior of the command-not-found feature, which suggests packages to install when a command is not found. :* '''50unattended-upgrades''': This file specifies the settings for unattended-upgrades, which is a tool for automatically installing security updates. :* '''70debconf''': This file specifies the settings for debconf, which is a configuration management system for Debian-based systems. :* '''99update-notifier''': This file specifies the behavior of the update-notifier, which is a tool for notifying users about available system updates. Each of these configuration files plays an important role in managing different aspects of system updates in Ubuntu, and understanding their purpose can be helpful in customizing the system update settings to fit your specific needs. ==Quick Start - Up and running auto updates== ===Check service is running and enabled=== <code>sudo systemctl enable unattended-upgrades</code> ===50unattended-upgrades=== '''/etc/apt/apt.conf.d/50unattended-upgrades''' is a configuration file that specifies the settings for automatically installing security updates using the unattended-upgrades tool in Ubuntu. <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades </code><br> <div class="toccolours mw-collapsible mw-collapsed"> Default Content <code>/etc/apt/apt.conf.d/50unattended-upgrades</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Note: Having a <b><code>//</code></b> At the Front of the line, will comment out the line: <div class="mw-collapsible-content"> lines that begin with a "#" or "//" are called comments. These lines are ignored by the system and are intended for human readers to provide explanations or context about the configuration settings. When you "comment out" a line in a configuration file, you are essentially telling the system to ignore that line of configuration. This can be useful if you want to temporarily disable or override a specific configuration setting without having to delete it entirely. For example, if you wanted to temporarily disable automatic updates in Ubuntu, you could comment out the line that enables them in the /etc/apt/apt.conf.d/20auto-upgrades file by adding a "#" or "//" character at the beginning of the line. This would prevent the system from executing that particular configuration setting and would effectively disable automatic updates until you uncommented the line by removing the "#" or "//" characters. </div> </div> <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; // "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> ===Common Server Changes - Quick start guide=== <b>Note: The only change required to enable auto updates is to uncomment:<br> <code>// "${distro_id}:${distro_codename}-updates";</code><br> The rest is opitional.</b><br> ====updates==== * Line: 15 <code>// "${distro_id}:${distro_codename}-updates";</code><br> Change to:<br> <code> "${distro_id}:${distro_codename}-updates";</code> ====Remove unused automatically installed kernel-related packages==== * Line: 83 <code>//Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code><br> Change to:<br> <code>Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code> ==== Do automatic removal of newly unused dependencies after the upgrade==== * Line: 86 <code>//Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code> ==== Do automatic removal of unused packages after the upgrade - apt-get autoremove==== * Line: 90 <code>//Unattended-Upgrade::Remove-Unused-Dependencies "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-Unused-Dependencies "true";</code> ====Automatically reboot *WITHOUT CONFIRMATION* If the file /var/run/reboot-required is found after the upgrade==== * Line: 94 <code>//Unattended-Upgrade::Automatic-Reboot "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot "true";</code> ====Automatically reboot even if there are users currently logged in when Unattended-Upgrade::Automatic-Reboot is set to true==== * Line: 98 <code>//Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code> ====If automatic reboot is enabled and needed, reboot at the specific time instead of immediately==== <code>//Unattended-Upgrade::Automatic-Reboot-Time "02:00";</code><br> Change to: Note: Reboot-Time is your server/computers time zone: Use the command <code>date</code> to see time zone.<br> <code>Unattended-Upgrade::Automatic-Reboot-Time "04:00";</code> ===Save and Exit Config file=== <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/apt/apt.conf.d/50unattended-upgrades</code> Config File After Changes: <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> And that's pretty much your <b>Basic Quick Start Auto Updates</b> taken care of!<br> ==What time does <code>unattended-upgrades</code> run?== By default, the unattended-upgrades tool in Ubuntu is configured to run once a day at a random time between 6:00 AM and 7:00 AM, local time. However, you can modify the time at which unattended-upgrades runs by editing the '''/etc/apt/apt.conf.d/20auto-upgrades''' file. In this file, you can set the '''APT::Periodic::RandomSleep''' and '''APT::Periodic::Unattended-Upgrade::RandomSleep''' options to specify the range of random delay times in seconds before '''unattended-upgrades''' runs. Additionally, you can set the '''APT::Periodic::Unattended-Upgrade::StartHour''' and '''APT::Periodic::Unattended-Upgrade::StartMinute''' options to specify the exact time at which unattended-upgrades runs each day. For example, if you want '''unattended-upgrades''' to run at '''2:30 AM every day''', you can add the following lines to the '''/etc/apt/apt.conf.d/20auto-upgrades''' file: <pre> APT::Periodic::Unattended-Upgrade "1"; APT::Periodic::Unattended-Upgrade::StartHour "2"; APT::Periodic::Unattended-Upgrade::StartMinute "30"; </pre> After making changes to this file, you will need to save and close it, and then wait for the specified time to see if the changes have taken effect. 88rnlmalgm5wblk9ip84hpnau9uojeb 511 510 2025-04-17T16:51:56Z AwesomO 5 /* If automatic reboot is enabled and needed, reboot at the specific time instead of immediately */ 511 wikitext text/x-wiki == Introduction == Unattended-upgrades is a tool that allows Ubuntu users to automatically update their system with the latest security patches and bug fixes. It's important to keep your system up-to-date to ensure that it's secure and running smoothly. With unattended-upgrades, you don't have to worry about manually checking for updates and installing them yourself. Instead, the tool automatically downloads and installs the updates in the background, saving you time and effort. By using unattended-upgrades, you can be confident that your Ubuntu system is always up-to-date and protected from security vulnerabilities. ==Install unattended-upgrades== <code>unattended-upgrades</code> package should be pre installed on ubuntu If not you can install with <code>sudo apt install unattended-upgrades</code> Unattended-upgrades config files are kept in directory <code>/etc/apt/apt.conf.d/</code> ===<code>/etc/apt/apt.conf.d/</code>=== Each of the configuration files in directory serves a specific purpose in managing different aspects of the Ubuntu system updates. Here's a brief summary of what each of these files does: :* '''01-vendor-ubuntu''': This file specifies the vendor-specific configuration for Ubuntu. It defines the Ubuntu-specific package sources and repository settings. :* '''01autoremove''': This file specifies the list of packages that can be automatically removed from the system when they are no longer needed. :* '''01autoremove-kernels''': This file specifies the list of old kernel packages that can be automatically removed from the system when a new kernel is installed. :* '''10periodic''': This file specifies the frequency of automatic system updates. It allows you to set how often the system checks for updates and installs them. :* '''15update-stamp''': This file stores the timestamp of the last system update. :* '''20archive''': This file specifies the settings for the package archive, including the URL of the package repository and the authentication keys for verifying package integrity. :* '''20auto-upgrades''': This file specifies the configuration settings for automatic updates, including which packages to update and how to install them. :* '''20packagekit''': This file specifies the configuration settings for PackageKit, which is a system service for managing software updates. :* '''20snapd.conf''': This file specifies the configuration settings for the Snap package manager. :* '''50command-not-found''': This file specifies the behavior of the command-not-found feature, which suggests packages to install when a command is not found. :* '''50unattended-upgrades''': This file specifies the settings for unattended-upgrades, which is a tool for automatically installing security updates. :* '''70debconf''': This file specifies the settings for debconf, which is a configuration management system for Debian-based systems. :* '''99update-notifier''': This file specifies the behavior of the update-notifier, which is a tool for notifying users about available system updates. Each of these configuration files plays an important role in managing different aspects of system updates in Ubuntu, and understanding their purpose can be helpful in customizing the system update settings to fit your specific needs. ==Quick Start - Up and running auto updates== ===Check service is running and enabled=== <code>sudo systemctl enable unattended-upgrades</code> ===50unattended-upgrades=== '''/etc/apt/apt.conf.d/50unattended-upgrades''' is a configuration file that specifies the settings for automatically installing security updates using the unattended-upgrades tool in Ubuntu. <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades </code><br> <div class="toccolours mw-collapsible mw-collapsed"> Default Content <code>/etc/apt/apt.conf.d/50unattended-upgrades</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Note: Having a <b><code>//</code></b> At the Front of the line, will comment out the line: <div class="mw-collapsible-content"> lines that begin with a "#" or "//" are called comments. These lines are ignored by the system and are intended for human readers to provide explanations or context about the configuration settings. When you "comment out" a line in a configuration file, you are essentially telling the system to ignore that line of configuration. This can be useful if you want to temporarily disable or override a specific configuration setting without having to delete it entirely. For example, if you wanted to temporarily disable automatic updates in Ubuntu, you could comment out the line that enables them in the /etc/apt/apt.conf.d/20auto-upgrades file by adding a "#" or "//" character at the beginning of the line. This would prevent the system from executing that particular configuration setting and would effectively disable automatic updates until you uncommented the line by removing the "#" or "//" characters. </div> </div> <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; // "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> ===Common Server Changes - Quick start guide=== <b>Note: The only change required to enable auto updates is to uncomment:<br> <code>// "${distro_id}:${distro_codename}-updates";</code><br> The rest is opitional.</b><br> ====updates==== * Line: 15 <code>// "${distro_id}:${distro_codename}-updates";</code><br> Change to:<br> <code> "${distro_id}:${distro_codename}-updates";</code> ====Remove unused automatically installed kernel-related packages==== * Line: 83 <code>//Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code><br> Change to:<br> <code>Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";</code> ==== Do automatic removal of newly unused dependencies after the upgrade==== * Line: 86 <code>//Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-New-Unused-Dependencies "true";</code> ==== Do automatic removal of unused packages after the upgrade - apt-get autoremove==== * Line: 90 <code>//Unattended-Upgrade::Remove-Unused-Dependencies "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Remove-Unused-Dependencies "true";</code> ====Automatically reboot *WITHOUT CONFIRMATION* If the file /var/run/reboot-required is found after the upgrade==== * Line: 94 <code>//Unattended-Upgrade::Automatic-Reboot "false";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot "true";</code> ====Automatically reboot even if there are users currently logged in when Unattended-Upgrade::Automatic-Reboot is set to true==== * Line: 98 <code>//Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code><br> Change To:<br> <code>Unattended-Upgrade::Automatic-Reboot-WithUsers "true";</code> ====If automatic reboot is enabled and needed, reboot at the specific time instead of immediately==== * Line: 103 <code>//Unattended-Upgrade::Automatic-Reboot-Time "02:00";</code><br> Change to: Note: Reboot-Time is your server/computers time zone: Use the command <code>date</code> to see time zone.<br> <code>Unattended-Upgrade::Automatic-Reboot-Time "04:00";</code> ===Save and Exit Config file=== <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/apt/apt.conf.d/50unattended-upgrades</code> Config File After Changes: <div class="mw-collapsible-content"> <pre> // Automatically upgrade packages from these (origin:archive) pairs // // Note that in Ubuntu security updates may pull in new dependencies // from non-security sources (e.g. chromium). By allowing the release // pocket these get automatically pulled in. Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}"; "${distro_id}:${distro_codename}-security"; // Extended Security Maintenance; doesn't necessarily exist for // every release and this system may not have it installed, but if // available, the policy for updates is such that unattended-upgrades // should also install from here by default. "${distro_id}ESMApps:${distro_codename}-apps-security"; "${distro_id}ESM:${distro_codename}-infra-security"; "${distro_id}:${distro_codename}-updates"; // "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-backports"; }; // Python regular expressions, matching packages to exclude from upgrading Unattended-Upgrade::Package-Blacklist { // The following matches all packages starting with linux- // "linux-"; // Use $ to explicitely define the end of a package name. Without // the $, "libc6" would match all of them. // "libc6$"; // "libc6-dev$"; // "libc6-i686$"; // Special characters need escaping // "libstdc\+\+6$"; // The following matches packages like xen-system-amd64, xen-utils-4.1, // xenstore-utils and libxenstore3.0 // "(lib)?xen(store)?"; // For more information about Python regular expressions, see // https://docs.python.org/3/howto/regex.html }; // This option controls whether the development release of Ubuntu will be // upgraded automatically. Valid values are "true", "false", and "auto". Unattended-Upgrade::DevRelease "auto"; // This option allows you to control if on a unclean dpkg exit // unattended-upgrades will automatically run // dpkg --force-confold --configure -a // The default is true, to ensure updates keep getting installed //Unattended-Upgrade::AutoFixInterruptedDpkg "true"; // Split the upgrade into the smallest possible chunks so that // they can be interrupted with SIGTERM. This makes the upgrade // a bit slower but it has the benefit that shutdown while a upgrade // is running is possible (with a small delay) //Unattended-Upgrade::MinimalSteps "true"; // Install all updates when the machine is shutting down // instead of doing it in the background while the machine is running. // This will (obviously) make shutdown slower. // Unattended-upgrades increases logind's InhibitDelayMaxSec to 30s. // This allows more time for unattended-upgrades to shut down gracefully // or even install a few packages in InstallOnShutdown mode, but is still a // big step back from the 30 minutes allowed for InstallOnShutdown previously. // Users enabling InstallOnShutdown mode are advised to increase // InhibitDelayMaxSec even further, possibly to 30 minutes. //Unattended-Upgrade::InstallOnShutdown "false"; // Send email to this address for problems or packages upgrades // If empty or unset then no email is sent, make sure that you // have a working mail setup on your system. A package that provides // 'mailx' must be installed. E.g. "user@example.com" //Unattended-Upgrade::Mail ""; // Set this value to one of: // "always", "only-on-error" or "on-change" // If this is not set, then any legacy MailOnlyOnError (boolean) value // is used to chose between "only-on-error" and "on-change" //Unattended-Upgrade::MailReport "on-change"; // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; // Enable logging to syslog. Default is False // Unattended-Upgrade::SyslogEnable "false"; // Specify syslog facility. Default is daemon // Unattended-Upgrade::SyslogFacility "daemon"; // Download and install upgrades only on AC power // (i.e. skip or gracefully stop updates on battery) // Unattended-Upgrade::OnlyOnACPower "true"; // Download and install upgrades only on non-metered connection // (i.e. skip or gracefully stop updates on a metered connection) // Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true"; // Verbose logging // Unattended-Upgrade::Verbose "false"; // Print debugging information both in unattended-upgrades and // in unattended-upgrade-shutdown // Unattended-Upgrade::Debug "false"; // Allow package downgrade if Pin-Priority exceeds 1000 // Unattended-Upgrade::Allow-downgrade "false"; </pre> </div> </div> And that's pretty much your <b>Basic Quick Start Auto Updates</b> taken care of!<br> ==What time does <code>unattended-upgrades</code> run?== By default, the unattended-upgrades tool in Ubuntu is configured to run once a day at a random time between 6:00 AM and 7:00 AM, local time. However, you can modify the time at which unattended-upgrades runs by editing the '''/etc/apt/apt.conf.d/20auto-upgrades''' file. In this file, you can set the '''APT::Periodic::RandomSleep''' and '''APT::Periodic::Unattended-Upgrade::RandomSleep''' options to specify the range of random delay times in seconds before '''unattended-upgrades''' runs. Additionally, you can set the '''APT::Periodic::Unattended-Upgrade::StartHour''' and '''APT::Periodic::Unattended-Upgrade::StartMinute''' options to specify the exact time at which unattended-upgrades runs each day. For example, if you want '''unattended-upgrades''' to run at '''2:30 AM every day''', you can add the following lines to the '''/etc/apt/apt.conf.d/20auto-upgrades''' file: <pre> APT::Periodic::Unattended-Upgrade "1"; APT::Periodic::Unattended-Upgrade::StartHour "2"; APT::Periodic::Unattended-Upgrade::StartMinute "30"; </pre> After making changes to this file, you will need to save and close it, and then wait for the specified time to see if the changes have taken effect. nkb8tk4zmlrykb1c0wa4burmp1f3woj 0 81 329 2023-04-17T03:54:39Z imported>AwesomO 0 Created page with "modules, submodules, and topics. Drafting Concept Structure Working Out Mode. :* [[Introduction_to_Linux|Introduction to Linux]] ::* 1.1 [[Introduction_to_Linux#History_of_Linux|History of Linux]] ::* 1.2 [[Introduction_to_Linux#Linux_Distributions:|Linux distributions]] ::* 1.3 [[Introduction_to_Linux#Open-Source_Software_and_Licensing|Open-source software and licensing]] ::* 1.4 [[Introduction_to_Linux#History_of_Ubuntu|History of Ubuntu]] ::* 1..." 329 wikitext text/x-wiki modules, submodules, and topics. Drafting Concept Structure Working Out Mode. :* [[Introduction_to_Linux|Introduction to Linux]] ::* 1.1 [[Introduction_to_Linux#History_of_Linux|History of Linux]] ::* 1.2 [[Introduction_to_Linux#Linux_Distributions:|Linux distributions]] ::* 1.3 [[Introduction_to_Linux#Open-Source_Software_and_Licensing|Open-source software and licensing]] ::* 1.4 [[Introduction_to_Linux#History_of_Ubuntu|History of Ubuntu]] ::* 1.5 [[Introduction_to_Linux#Online_Resources_for_Learning_and_Studying_Ubuntu|Online Resources ]] :* [[Getting_Started_with_Ubuntu|Getting Started with Ubuntu]] ::* 2.1. Installing Ubuntu ::* 2.1.1. Virtual machines ::* 2.1.2. Dual booting ::* 2.1.3. Live USB ::* 2.2. Navigating the Linux desktop ::* 2.3. Basic Linux commands ::* 2.4. Using the terminal :* [[Linux_Filesystem_and_Directories|Linux Filesystem and Directories]] ::* 3.1. [[Linux_Filesystem_and_Directories#Linux_filesystem_hierarchy|Linux filesystem hierarchy]] ::* 3.2. [[Linux_Filesystem_and_Directories#File_types_and_permissions|File types and permissions]] ::* 3.3. [[Linux_Filesystem_and_Directories#Navigating_directories_using_the_command_line|Navigating directories using the command line]] ::* 3.4. [[Linux_Filesystem_and_Directories#Manipulating_files_and_directories|Manipulating files and directories]] ::* 3.5. [[Linux_Filesystem_and_Directories#File_searching_and_comparisons|File searching and comparisons]] :* [[Text_Editing_and_Processing|Text Editing and Processing]] ::* 4.1. [[Text_Editing_and_Processing#Command_Line_Editors|Command Line Text Editors (vi, nano, and emacs)]] ::* 4.2. [[Text_Editing_and_Processing#Basic_text_manipulation_commands|Basic text manipulation commands (cat, less, head, tail)]] ::* 4.3. [[Text_Editing_and_Processing#Text_processing_commands|Text processing commands (grep, awk, sed)]] ::* 4.4. [[Text_Editing_and_Processing#Regular_expressions_(regex)|Regular expressions]] :* [[Linux_Users_and_Groups|Linux Users and Groups]] ::* 5.1. [[Linux_Users_and_Groups#Understanding_Users_and_Groups_in_Linux|Understanding users and groups]] ::* 5.2. [[Linux_Users_and_Groups#Managing_User_and_Group|Managing users and groups]] ::* 5.3. [[Linux_Users_and_Groups#File_Ownership_and_Permissions|File ownership and permissions]] ::* 5.4. [[Linux_Users_and_Groups#Sudo_and_su_commands|Sudo and su commands]] :* [[Linux_Processes_and_Services|Linux Processes and Services]] ::* 6.1. [[Linux_Processes_and_Services#Understanding_processes|Understanding processes]] ::* 6.2. [[Linux_Processes_and_Services#Process_management_commands_(ps,_top,_htop,_kill)|Process management commands (ps, top, htop, kill)]] ::* 6.3. [[Linux_Processes_and_Services#Background_and_foreground_processes|Background and foreground processes]] ::* 6.4. [[Linux_Processes_and_Services#System_services_and_daemons|System services and daemons]] ::* 6.5. [[Linux_Processes_and_Services#systemd_and_systemctl|systemd and systemctl]] :* [[Linux_Networking|Linux Networking]] ::* 7.1. [[Linux_Networking#Network_configuration_and_troubleshooting|Network configuration and troubleshooting]] ::* 7.2. [[Linux_Networking#Network_protocols_and_services|Network protocols and services (TCP/IP, DHCP, DNS)]] ::* 7.3. [[Linux_Networking#Remote_access_and_management_(SSH,_SCP,_SFTP)|Remote access and management (SSH, SCP, SFTP)]] ::* 7.4. [[Linux_Networking#Network_Security_and_Firewalls:_iptables_and_ufw|Network security and firewalls (iptables, ufw)]] :* [[Ubuntu_Package_Management|Ubuntu Package Management]] ::* 8.1. Package managers ::* 8.2. APT :::* 8.2.1. Installing and updating software :::* 8.2.2. Managing package repositories :::* 8.2.3. Dependency management ::* 8.3. Snaps ::* 8.4. AppImage ::* 8.5 FlatPak :* Shell Scripting ::* 9.1. Introduction to shell scripting ::* 9.2. Bash scripting basics ::* 9.3. Flow control (loops, conditionals) ::* 9.4. Functions and best practices ::* 9.5. Practical shell scripting examples :* System Maintenance and Troubleshooting ::* 10.1. System monitoring and logging ::* 10.2. Backup and recovery strategies ::* 10.3. Disk and filesystem management ::* 10.4. Kernel updates and management ::* 10.5. Boot process and troubleshooting :* Advanced Topics (optional) ::* 11.1. Virtualization and containers (KVM, Docker, Kubernetes) ::* 11.2. Linux security (SELinux, AppArmor) ::* 11.3. Automation and configuration management (Ansible, Puppet, Chef) ::* 11.4. Cloud computing (AWS, Azure, GCP) ==Notes in No Order== Introduction to Ubuntu Linux<br> Installing Ubuntu Linux<br> Ubuntu min - build up Build a Linux distro from scratch Docker LXD LXC Interface Basics<br> Install Linux on VM in Window's and OSX Create Live Linux USB on Windows and OSX System Configuration <br> Network Config <br> Security Config <br> Desktops <br> Window Managers <br> The Shell <br> Shell Configuration <br> Linux File Structure <br> File Systems on Linux <br> System Administration <br> Basic<br> System Management Superuser<br> System Configuration<br> Time and Date Scheduling Tasks: Crontab System Directory and Files Systemd System Startup files System Logs Performance Analysis Tools and Processes Boot Grub Lilo Systemd Managing Users The Password Files Managing User Enviroments Login Access Controlling Access to Directories and Files Adding and Removing Users Managing Groups Groupadd del mod Software Management Apt Dpkg Snap Flatpak Guix RPM Build From Source Packaging Software Reproducable builds Command-Line Basics Editing Text Files systemd vs init ezm8xwmsdlhlowfudtkgx047agwfroa 361 329 2023-04-24T23:43:32Z AwesomO 5 361 wikitext text/x-wiki modules, submodules, and topics. Drafting Concept Structure Working Out Mode. :* [[Introduction_to_Linux|Introduction to Linux]] ::* 1.1 [[Introduction_to_Linux#History_of_Linux|History of Linux]] ::* 1.2 [[Introduction_to_Linux#Linux_Distributions:|Linux distributions]] ::* 1.3 [[Introduction_to_Linux#Open-Source_Software_and_Licensing|Open-source software and licensing]] ::* 1.4 [[Introduction_to_Linux#History_of_Ubuntu|History of Ubuntu]] ::* 1.5 [[Introduction_to_Linux#Online_Resources_for_Learning_and_Studying_Ubuntu|Online Resources ]] :* [[Getting_Started_with_Ubuntu|Getting Started with Ubuntu]] ::* 2.1. Installing Ubuntu ::* 2.1.1. Virtual machines ::* 2.1.2. Dual booting ::* 2.1.3. Live USB ::* 2.2. Navigating the Linux desktop ::* 2.3. Basic Linux commands ::* 2.4. Using the terminal :* [[Linux_Filesystem_and_Directories|Linux Filesystem and Directories]] ::* 3.1. [[Linux_Filesystem_and_Directories#Linux_filesystem_hierarchy|Linux filesystem hierarchy]] ::* 3.2. [[Linux_Filesystem_and_Directories#File_types_and_permissions|File types and permissions]] ::* 3.3. [[Linux_Filesystem_and_Directories#Navigating_directories_using_the_command_line|Navigating directories using the command line]] ::* 3.4. [[Linux_Filesystem_and_Directories#Manipulating_files_and_directories|Manipulating files and directories]] ::* 3.5. [[Linux_Filesystem_and_Directories#File_searching_and_comparisons|File searching and comparisons]] :* [[Text_Editing_and_Processing|Text Editing and Processing]] ::* 4.1. [[Text_Editing_and_Processing#Command_Line_Editors|Command Line Text Editors (vi, nano, and emacs)]] ::* 4.2. [[Text_Editing_and_Processing#Basic_text_manipulation_commands|Basic text manipulation commands (cat, less, head, tail)]] ::* 4.3. [[Text_Editing_and_Processing#Text_processing_commands|Text processing commands (grep, awk, sed)]] ::* 4.4. [[Text_Editing_and_Processing#Regular_expressions_(regex)|Regular expressions]] :* [[Linux_Users_and_Groups|Linux Users and Groups]] ::* 5.1. [[Linux_Users_and_Groups#Understanding_Users_and_Groups_in_Linux|Understanding users and groups]] ::* 5.2. [[Linux_Users_and_Groups#Managing_User_and_Group|Managing users and groups]] ::* 5.3. [[Linux_Users_and_Groups#File_Ownership_and_Permissions|File ownership and permissions]] ::* 5.4. [[Linux_Users_and_Groups#Sudo_and_su_commands|Sudo and su commands]] :* [[Linux_Processes_and_Services|Linux Processes and Services]] ::* 6.1. [[Linux_Processes_and_Services#Understanding_processes|Understanding processes]] ::* 6.2. [[Linux_Processes_and_Services#Process_management_commands_(ps,_top,_htop,_kill)|Process management commands (ps, top, htop, kill)]] ::* 6.3. [[Linux_Processes_and_Services#Background_and_foreground_processes|Background and foreground processes]] ::* 6.4. [[Linux_Processes_and_Services#System_services_and_daemons|System services and daemons]] ::* 6.5. [[Linux_Processes_and_Services#systemd_and_systemctl|systemd and systemctl]] :* [[Linux_Networking|Linux Networking]] ::* 7.1. [[Linux_Networking#Network_configuration_and_troubleshooting|Network configuration and troubleshooting]] ::* 7.2. [[Linux_Networking#Network_protocols_and_services|Network protocols and services (TCP/IP, DHCP, DNS)]] ::* 7.3. [[Linux_Networking#Remote_access_and_management_(SSH,_SCP,_SFTP)|Remote access and management (SSH, SCP, SFTP)]] ::* 7.4. [[Linux_Networking#Network_Security_and_Firewalls:_iptables_and_ufw|Network security and firewalls (iptables, ufw)]] :* [[Ubuntu_Package_Management|Ubuntu Package Management]] ::* [[Ubuntu_Package_Management#Package_managers|8.1. Package managers]] ::* [[Ubuntu_Package_Management#APT|8.2. APT]] :::* 8.2.1. Installing and updating software :::* 8.2.2. Managing package repositories :::* 8.2.3. Dependency management ::* 8.3. Snaps ::* 8.4. AppImage ::* 8.5 FlatPak :* Shell Scripting ::* 9.1. Introduction to shell scripting ::* 9.2. Bash scripting basics ::* 9.3. Flow control (loops, conditionals) ::* 9.4. Functions and best practices ::* 9.5. Practical shell scripting examples :* System Maintenance and Troubleshooting ::* 10.1. System monitoring and logging ::* 10.2. Backup and recovery strategies ::* 10.3. Disk and filesystem management ::* 10.4. Kernel updates and management ::* 10.5. Boot process and troubleshooting :* Advanced Topics (optional) ::* 11.1. Virtualization and containers (KVM, Docker, Kubernetes) ::* 11.2. Linux security (SELinux, AppArmor) ::* 11.3. Automation and configuration management (Ansible, Puppet, Chef) ::* 11.4. Cloud computing (AWS, Azure, GCP) ==Notes in No Order== Introduction to Ubuntu Linux<br> Installing Ubuntu Linux<br> Ubuntu min - build up Build a Linux distro from scratch Docker LXD LXC Interface Basics<br> Install Linux on VM in Window's and OSX Create Live Linux USB on Windows and OSX System Configuration <br> Network Config <br> Security Config <br> Desktops <br> Window Managers <br> The Shell <br> Shell Configuration <br> Linux File Structure <br> File Systems on Linux <br> System Administration <br> Basic<br> System Management Superuser<br> System Configuration<br> Time and Date Scheduling Tasks: Crontab System Directory and Files Systemd System Startup files System Logs Performance Analysis Tools and Processes Boot Grub Lilo Systemd Managing Users The Password Files Managing User Enviroments Login Access Controlling Access to Directories and Files Adding and Removing Users Managing Groups Groupadd del mod Software Management Apt Dpkg Snap Flatpak Guix RPM Build From Source Packaging Software Reproducable builds Command-Line Basics Editing Text Files systemd vs init ldddkgk4c5erzt5bnbt0y361193tdy3 0 82 330 2023-04-17T03:56:02Z imported>AwesomO 0 Created page with "= Introduction to Linux = Linux is a free and open-source operating system renowned for its flexibility, reliability, and strong community support. This guide introduces you to the world of Linux, providing an overview of its history, features, and applications. == History of Linux == Linux, a free and open-source operating system, has revolutionized the world of computing. This guide covers the history of Linux, from its early beginnings to its widespread use today...." 330 wikitext text/x-wiki = Introduction to Linux = Linux is a free and open-source operating system renowned for its flexibility, reliability, and strong community support. This guide introduces you to the world of Linux, providing an overview of its history, features, and applications. == History of Linux == Linux, a free and open-source operating system, has revolutionized the world of computing. This guide covers the history of Linux, from its early beginnings to its widespread use today. === Origins of Linux === Linux traces its roots back to the UNIX operating system, developed in the 1960s and 1970s at Bell Labs by Ken Thompson, Dennis Ritchie, and other researchers. UNIX was designed to be portable, multi-user, and multi-tasking, providing a versatile foundation for many future operating systems. The creation of Linux can be attributed to Linus Torvalds, a Finnish computer science student who began developing a new operating system kernel in 1991. Inspired by the philosophy of the GNU Project, Torvalds wanted to create a free operating system that anyone could use, modify, and distribute. His creation, which combined his first name with "UNIX," became known as Linux. === The GNU Project === In 1983, Richard Stallman launched the GNU Project with the goal of creating a free and open-source operating system compatible with UNIX. Stallman's vision was to create a system that respected users' freedom, allowing them to modify, distribute, and share software without restrictions. The project led to the development of the GNU General Public License (GPL), which is used by many open-source projects, including Linux. === Birth of Linux === In 1991, a young Finnish computer science student named Linus Torvalds began working on a new operating system kernel as a hobby. He was inspired by the philosophy of the GNU Project and wanted to create a free operating system for his personal use. He named his creation "Linux," combining his first name with the "UNIX" operating system. ==== First Release ==== On October 5, 1991, Linus Torvalds announced the release of Linux version 0.02 on the Usenet newsgroup comp.os.minix. This initial release was limited in functionality and only supported Intel 80386 processors. However, it quickly attracted the attention of developers around the world, who began contributing to its development. === The Growth of Linux === Over the years, Linux has grown from a hobby project into a full-fledged operating system used by millions of people around the world. === The Linux Desktop === While Linux has long been popular for servers and embedded systems, it has also made strides in the desktop market. Linux distributions such as Ubuntu and Fedora have made it easier for users to install and use Linux on their personal computers, providing an alternative to proprietary operating systems like Microsoft Windows and Apple macOS. === Corporate Involvement === As Linux has grown in popularity, it has also attracted the attention of large corporations, many of which have become significant contributors to the development of the platform. Companies like IBM, Intel, and Red Hat have invested resources in Linux development, providing financial support and contributing code to improve the operating system. === The Future of Linux === The future of Linux looks bright, with continued growth in both the server and desktop markets. As more and more devices become connected to the internet, Linux is poised to become a key player in the Internet of Things (IoT) space, powering a wide range of smart devices. Its open-source nature and strong developer community will ensure that Linux remains at the forefront of technological innovation for years to come. In conclusion, the history of Linux is a testament to the power of collaboration and the open-source philosophy. From its humble beginnings as a hobby project, Linux has grown into a versatile and widely-used operating system that continues to shape the future of computing. == Components of Linux == A Linux operating system consists of several key components, including: :* '''Kernel''': The Linux kernel is the core of the operating system, responsible for managing hardware resources, processes, and system memory. It acts as an intermediary between the hardware and software, enabling programs to run smoothly on various devices. :* '''Shell''': The shell is a command-line interface that allows users to interact with the Linux operating system. It interprets and executes user commands, providing a powerful and flexible way to control the system. :* '''Filesystem''': Linux uses a hierarchical filesystem, which organizes files and directories in a tree-like structure. This structure allows for efficient file management and storage. :* '''Applications''': A wide variety of applications can run on Linux, from simple text editors to complex web servers and graphical desktop environments. == Linux Distributions: == Linux distributions, also known as "distros," are unique combinations of the Linux kernel, system utilities, and application software, tailored to meet various user needs. In this guide, we will explore the world of Linux distributions, discussing their origins, common features, and some popular examples. == Origins of Linux Distributions == The birth of Linux distributions can be traced back to the early days of Linux development. As the Linux kernel matured and gained popularity, developers and enthusiasts began to package the kernel with additional software and tools, creating unique distributions that catered to specific user requirements. === The First Distributions === One of the earliest Linux distributions was Softlanding Linux System (SLS), released in 1992. SLS provided users with an easy way to install Linux on their computers, including a variety of utilities and applications. However, SLS was quickly overshadowed by newer distributions such as Slackware and Debian, which offered improved stability and package management. === Common Features of Linux Distributions === While each Linux distribution is unique, there are some common features that most distributions share. These include: :* '''Linux kernel''': All distributions are built around the Linux kernel, which is the core component responsible for managing hardware, processes, and system resources. :* '''Package management''': Most distributions include a package management system, which allows users to easily install, update, and remove software. :* '''Desktop environments''': Many distributions offer a graphical desktop environment, such as GNOME, KDE, or Xfce, providing users with a familiar and user-friendly interface. :* '''Software repositories''': Most distributions maintain online repositories of software packages, allowing users to easily find and install new applications. :* '''Community support''': Linux distributions typically have active user communities, which provide support and guidance through forums, mailing lists, and other online resources. === Popular Linux Distributions === There are hundreds of Linux distributions available, catering to a wide range of user needs and preferences. Some popular distributions include: === Ubuntu === Ubuntu is one of the most well-known Linux distributions, known for its ease of use and strong community support. Based on Debian, Ubuntu is aimed at both beginners and experienced users, offering a polished desktop experience, extensive software repositories, and regular updates. === Fedora === Fedora is a cutting-edge distribution sponsored by Red Hat, focusing on the latest technologies and innovations. It serves as a testing ground for new features that may eventually be incorporated into Red Hat Enterprise Linux. Fedora has a strong commitment to open-source principles and offers a wide range of software packages. === Debian === Debian is a venerable distribution with a strong focus on stability and software freedom. It has a large and active community of developers and users, who contribute to its extensive repositories. Debian is the basis for many other distributions, including Ubuntu and its derivatives. === Arch Linux === Arch Linux is a lightweight and highly customizable distribution, aimed at experienced users who prefer to build their own system from the ground up. It follows a rolling-release model, ensuring users always have access to the latest software versions. Arch Linux is known for its excellent documentation and the Arch User Repository (AUR), which contains thousands of user-contributed packages. === Choosing the Right Distribution === There is no "one size fits all" Linux distribution, and the best choice for a user will depend on their individual needs, preferences, and experience. When selecting a distribution, consider factors such as ease of use, hardware compatibility, software availability, and community support. It may be helpful to try several distributions using live CDs or virtual machines before settling on a final choice. In conclusion, Linux distributions offer users a diverse range of options, ensuring that there is a perfect fit for everyone. From beginner-friendly Ubuntu to the highly customizable Arch Linux, these distributions showcase the flexibility and adaptability of the Linux ecosystem. By understanding the features and characteristics of different distributions, users can make informed decisions and find the ideal distribution to meet their specific needs. As the Linux community continues to grow and evolve, it is likely that even more innovative and unique distributions will emerge, further expanding the possibilities for users worldwide. ==== More Linux Distros ==== https://distrowatch.com/ == Linux in the Real World == Linux has found a wide range of applications in various domains, including: :* '''Servers''': Linux is a popular choice for web servers, database servers, and other server applications, due to its stability, security, and low cost. :* '''Desktops''': While Linux has a smaller market share in the desktop space compared to Windows and macOS, distributions like Ubuntu and Fedora have made it more accessible and user-friendly for everyday computing tasks. :* '''Embedded Systems''': Linux is commonly used in embedded systems, such as smartphones, routers, and IoT devices, thanks to its lightweight nature and adaptability. :* '''Supercomputers''': Linux powers the majority of the world's supercomputers, offering high performance and scalability for complex scientific and engineering tasks. :* '''Education''': Linux is widely used in educational settings, from K-12 schools to universities, due to its cost-effectiveness and flexibility in supporting a wide range of software and hardware. == Open-Source Software and Licensing == Open-source software and licensing are essential concepts for anyone interested in the world of free and open technology. In this guide, we will delve into the fundamentals of open-source software, explore various licensing models, and discuss the benefits and drawbacks of open-source development. === Introduction to Open-Source Software === Open-source software is a type of software whose source code is available to the public, allowing anyone to view, modify, and distribute the code freely. This collaborative approach to software development stands in contrast to proprietary software, where the source code is kept secret and only the compiled program is distributed. === History of Open-Source Software === The concept of open-source software can be traced back to the early days of computing when software was typically distributed with its source code. In the late 1970s and 1980s, however, the growing commercialization of software led to the rise of proprietary development models. The open-source movement was largely a response to this shift, with pioneers like Richard Stallman advocating for the free sharing of software and the establishment of the GNU Project in 1983. The term "open source" was later coined in 1998 by a group of developers, including Eric S. Raymond and Bruce Perens, who sought to promote the collaborative and transparent approach to software development. === Licensing Models for Open-Source Software === A critical aspect of open-source software is the licensing model that governs its use, modification, and distribution. There are several well-known open-source licenses, each with its own set of terms and conditions. Some of the most popular include: === GNU General Public License (GPL) === The GPL, created by Richard Stallman for the GNU Project, is one of the most widely used open-source licenses. It is a "copyleft" license, meaning that any modifications or derivative works must also be licensed under the GPL. This ensures that the software remains free and open for all users. There are three major versions of the GPL: GPLv1, GPLv2, and GPLv3. The latest version, GPLv3, addresses issues such as software patents, digital rights management (DRM), and compatibility with other licenses. === MIT License === The MIT License is a permissive open-source license that allows for the free use, modification, and distribution of the software, with minimal restrictions. Unlike the GPL, the MIT License does not require derivative works to be open-source. This makes it a popular choice for projects that wish to encourage collaboration without imposing strict requirements on downstream users. === Apache License === The Apache License is another permissive open-source license, maintained by the Apache Software Foundation. It grants similar rights as the MIT License, with the added stipulation that any contributions to the software must be explicitly licensed under the Apache License. The license also includes provisions for patent rights, protecting both contributors and users from patent litigation. == Benefits of Open-Source Software == There are numerous advantages to using and developing open-source software, including: :* '''Collaboration''': Open-source projects benefit from a diverse community of developers who can contribute their skills and knowledge, leading to faster development and improved software quality. :* '''Transparency''': With access to the source code, users can better understand how the software works and identify potential security vulnerabilities or bugs. :* '''Customization''': Open-source software can be tailored to meet the specific needs of users, allowing for greater flexibility and adaptability. :* '''Cost''': Many open-source projects are available free of charge, reducing the financial burden on users and organizations. === Drawbacks of Open-Source Software === Despite its numerous benefits, there are also some potential drawbacks to open-source software: :* '''Support''': Open-source projects may lack the same level of professional support and documentation as proprietary software, although this can vary depending on the project and community involvement. :* '''Compatibility''': While many open-source projects prioritize compatibility and interoperability, some may not work seamlessly with proprietary systems or other open-source projects. :* '''Fragmentation''': The freedom to modify and distribute open-source software can sometimes lead to fragmentation, where multiple competing versions of a project exist, making it challenging for users to choose the best option for their needs. :* '''Misconceptions''': Some users may mistakenly believe that open-source software is inherently less secure or of lower quality than proprietary software, which is not necessarily true. The quality and security of open-source software depend on the development and maintenance practices of the project. === Choosing the Right Open-Source License === When creating or contributing to an open-source project, it's essential to choose an appropriate license that aligns with the project's goals and values. Some factors to consider when selecting a license include: :* '''Copyleft vs. permissive''': Consider whether you want to enforce the open-source nature of your project (copyleft, e.g., GPL) or allow more flexibility for downstream users (permissive, e.g., MIT or Apache). :* '''Patent protection''': Some licenses, like the Apache License, include provisions to protect contributors and users from patent litigation. If this is a concern for your project, choose a license that addresses this issue. :* '''Compatibility''': If your project is intended to be used with other open-source projects, ensure that the chosen license is compatible with the licenses of those projects. === Open-Source Software in Education === As an educator, it is important to promote the understanding and use of open-source software. By incorporating open-source tools and resources into the classroom, students can: :* Gain hands-on experience with real-world software development practices :* Develop problem-solving and critical thinking skills by analyzing and modifying existing code :* Engage with a global community of developers and learners, fostering collaboration and communication skills :* Contribute to the open-source ecosystem, creating a sense of accomplishment and ownership in their work In conclusion, open-source software and licensing are foundational concepts in the world of collaborative technology development. By understanding the history, licensing models, benefits, and drawbacks of open-source software, students can make informed decisions about the tools and resources they use, as well as participate in and contribute to the vibrant open-source community. Educators play a crucial role in fostering this understanding and encouraging the next generation of developers and technologists to embrace the principles of openness and collaboration. == History of Ubuntu == Ubuntu is a popular and user-friendly Linux distribution that has made significant contributions to the widespread adoption of Linux as a desktop operating system. We will explore the history of Ubuntu, discussing its origins, development, and impact on the Linux ecosystem. === Origins of Ubuntu === The story of Ubuntu begins with Mark Shuttleworth, a South African entrepreneur and former Debian developer. Shuttleworth, who made a fortune by selling his internet security company, Thawte, to VeriSign in 1999, had a vision to create a Linux distribution that was both easy to use and freely available. In 2004, Shuttleworth founded Canonical Ltd., a UK-based company, to support the development of this new distribution. The name "Ubuntu" was chosen for the project, deriving from a Southern African philosophy that emphasizes the interconnectedness of humanity. Ubuntu, which translates to "humanity towards others" or "I am because we are," reflects the core values of the distribution: collaboration, sharing, and community support. === Early Development and First Release === Shuttleworth assembled a team of developers, many of whom had experience working on the Debian project, to create the first version of Ubuntu. The team focused on usability, simplicity, and regular release cycles, aiming to make Linux accessible to a broader audience. The first release of Ubuntu, version 4.10, codenamed "Warty Warthog," was launched in October 2004. It was based on the Debian distribution but featured a simplified installation process, a custom desktop environment (GNOME), and a commitment to providing free software and support. === Release Cycle and Version Naming === One of the defining features of Ubuntu is its predictable release cycle. A new version of Ubuntu is released every six months, in April and October, with each release receiving a unique codename. The codenames consist of an adjective and an animal, both starting with the same letter, and follow an alphabetical order. For example, the second release was named "Hoary Hedgehog," followed by "Breezy Badger" and "Dapper Drake." Every two years, Ubuntu releases a Long Term Support (LTS) version, which receives security updates and support for a longer period (usually five years) compared to the regular releases (nine months). This stability makes LTS releases a popular choice for organizations and users seeking a reliable and well-supported platform. === Derivative Flavors and Variants === Over time, the Ubuntu project has spawned several official derivative distributions, or "flavors," that cater to different user preferences and hardware requirements. These flavors package the Ubuntu base with alternative desktop environments, applications, and features. Some of the most popular Ubuntu flavors include: :* '''Kubuntu''': Kubuntu provides a KDE Plasma desktop environment, offering a more feature-rich and customizable user experience compared to the default GNOME desktop. :* '''Xubuntu''': Xubuntu features the lightweight Xfce desktop environment, making it an ideal choice for older or low-resource hardware. :* '''Lubuntu''': Lubuntu is designed for even more resource-constrained systems, utilizing the LXQt desktop environment to provide a minimal yet functional user experience. :* '''Ubuntu MATE''': Ubuntu MATE integrates the MATE desktop environment, a continuation of the classic GNOME 2 interface, appealing to users who prefer a traditional desktop layout. === Widespread Adoption and Impact === Ubuntu has played a significant role in promoting the adoption of Linux as a desktop operating system. Its commitment to usability, regular release cycles, and extensive support have made it a popular choice for both newcomers and experienced users. Over the years, Ubuntu has attracted a large and active community that contributes to its development, provides support, and develops third-party applications. This community-driven approach has fueled the growth and success of Ubuntu, making it one of the most popular Linux distributions in the world. In addition to its impact on the desktop market, Ubuntu has found success in other areas, such as: :* '''Servers''': Ubuntu Server is a popular choice for web servers, cloud computing, and virtualization, due to its stability, performance, and extensive package repositories. :* '''IoT devices''': Ubuntu Core, a lightweight and secure variant of Ubuntu, is designed specifically for IoT devices, embedded systems, and edge computing. :* '''Cloud platforms''': Ubuntu is widely used on major cloud platforms, such as Amazon Web Services (AWS), Google Cloud Platform, and Microsoft Azure, enabling users to deploy scalable and reliable applications in the cloud. Furthermore, Canonical, the company behind Ubuntu, has partnered with various hardware manufacturers to offer Ubuntu pre-installed on laptops, desktops, and servers. These partnerships have increased the visibility of Ubuntu and made it more accessible to users who may not have considered using Linux otherwise. === Recent Developments and Future Outlook === Throughout its history, Ubuntu has continued to evolve and adapt to the changing needs of its users. In recent years, Ubuntu has transitioned back to the GNOME desktop environment as its default interface, after a period of using its custom-developed Unity desktop. This move has aligned Ubuntu more closely with the broader Linux ecosystem and allowed for greater collaboration with upstream projects. As the world of technology continues to change, Ubuntu is poised to remain at the forefront of innovation. With ongoing developments in areas like artificial intelligence, machine learning, and edge computing, Ubuntu will likely play a crucial role in shaping the future of open-source software and the technology landscape as a whole. The history of Ubuntu is a testament to the power of collaboration, openness, and community-driven development. From its humble beginnings as a vision for a more accessible Linux distribution to its current status as a global force in the world of computing, Ubuntu has left an indelible mark on the Linux ecosystem and continues to empower users around the world. == Online Resources for Learning and Studying Ubuntu == Below is a list of online resources that can help you learn, study, and ask questions about Ubuntu and related technologies: :* '''Official Ubuntu Documentation''' [https://ubuntu.com/docs]: Comprehensive guides and manuals covering installation, configuration, and usage of Ubuntu and its various flavors. :* '''Ask Ubuntu''' [https://askubuntu.com/]: A question and answer community for Ubuntu users and developers, part of the Stack Exchange network. :* '''Ubuntu Forums''' [https://ubuntuforums.org/]: An active community forum where users can discuss issues, share knowledge, and get support for Ubuntu-related questions. :* '''Ubuntu Wiki''' [https://wiki.ubuntu.com/]: A collaborative platform containing a wealth of information about Ubuntu, including development, packaging, and community involvement. :* '''Ubuntu Community Help Wiki''' [https://help.ubuntu.com/community]: A user-contributed knowledge base providing tutorials, guides, and troubleshooting tips for Ubuntu. :* '''Launchpad''' [https://launchpad.net/ubuntu]: A collaboration platform for Ubuntu development, where users can report bugs, request features, and track the progress of various projects. :* '''Ubuntu Discourse''' [https://discourse.ubuntu.com/]: A modern discussion platform for the Ubuntu community, covering development, support, and community events. :* '''OMG! Ubuntu!''' [https://www.omgubuntu.co.uk/]: A popular news and information blog dedicated to Ubuntu, featuring articles, tutorials, and updates on the latest developments. :* '''YouTube Channels''': ::* '''Official Ubuntu Channel''' [https://www.youtube.com/user/celebratingubuntu]: Offers video tutorials, release announcements, and other Ubuntu-related content. ::* '''Ubuntu Podcast''' [https://www.youtube.com/channel/UCJ_mB8uzeK1K9lQYXxl3_IA]: Provides informative and entertaining discussions about Ubuntu and the broader open-source community. :* '''Ubuntu Classroom''' [https://wiki.ubuntu.com/Classroom]: An initiative that offers free online classes, workshops, and presentations on various Ubuntu-related topics. :* '''Reddit Communities''': ::* '''/r/Ubuntu''' [https://www.reddit.com/r/Ubuntu/]: A subreddit for news, support, and discussions related to Ubuntu. ::* '''/r/linux4noobs''' [https://www.reddit.com/r/linux4noobs/]: A beginner-friendly subreddit that covers general Linux questions, including Ubuntu-specific inquiries. These resources provide a wealth of information and support for individuals looking to learn more about Ubuntu and its associated technologies. By engaging with these communities and platforms, you can deepen your understanding of Ubuntu and connect with other users and developers. ===Bugs=== :* '''Ubuntu Bug Reporting Guide''' [https://help.ubuntu.com/community/ReportingBugs]: A step-by-step guide on how to report bugs in Ubuntu, including information on how to gather necessary data and file a bug report using Launchpad. :* '''Ubuntu Debugging Procedures''' [https://wiki.ubuntu.com/DebuggingProcedures]: A collection of debugging procedures for various Ubuntu components, which can help you diagnose and fix issues. :* '''Ubuntu Development Guide''' [https://ubuntu.com/desktop/developers]: A guide for individuals interested in contributing to Ubuntu development, including information on bug fixing, packaging, and quality assurance. :* '''Ubuntu Quality Assurance Team''' [https://wiki.ubuntu.com/QATeam]: A team of volunteers who work to ensure the quality of Ubuntu releases by testing, triaging, and fixing bugs. Their wiki page provides resources on how to get involved in the QA process and contribute to the improvement of Ubuntu. :* '''Ubuntu Bug Squad''' [https://wiki.ubuntu.com/BugSquad]: A team of volunteers who triage and categorize bug reports, assisting developers in identifying critical issues and ensuring that bugs receive appropriate attention. The Bug Squad's wiki page offers information on how to join and contribute to their efforts. :* '''Ubuntu Testing''' [https://wiki.ubuntu.com/Testing]: Information on how to participate in testing Ubuntu releases, including tips on finding and reporting bugs during development cycles. :* '''Ubuntu Development Mailing List''' [https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel]: A mailing list where developers discuss Ubuntu development, including bug fixing, packaging, and other related topics. == Conclusion == Linux is a versatile and powerful operating system that offers users a wide range of applications and customization options. With its strong community support and open-source philosophy, Linux has become an essential tool in the world of computing. Whether you are a beginner looking to explore a new operating system or an experienced user seeking greater control and flexibility, Linux offers a unique and rewarding experience. By understanding the history, components, and applications of Linux, you can begin your journey into the world of this remarkable operating system. As you delve deeper into Linux, you will discover a wealth of resources and support from the community. Online forums, tutorials, and documentation can help guide you through the learning process, while user groups and conferences provide opportunities to connect with other Linux enthusiasts. Embrace the open-source spirit, and you will not only enhance your computing skills but also contribute to the ongoing development and growth of the Linux ecosystem. 77wild8okxv5bfc352pghjoxto24x2u 0 83 331 2023-04-17T03:56:44Z imported>AwesomO 0 Created page with "Will redo with Videos" 331 wikitext text/x-wiki Will redo with Videos d2aa1rk7zc928fynnqgexippikugshh 0 84 332 2023-04-17T03:57:43Z imported>AwesomO 0 Created page with "= Basic Linux Filesystem and Directories = == Linux filesystem hierarchy == The Linux filesystem is organized in a hierarchical structure, similar to a tree. At the top of this tree is the root directory, denoted by a forward slash (/), and all other directories and files branch off from the root directory. Understanding the purpose of common directories in the Linux filesystem is essential for navigating and managing files effectively. Here are some of the key direct..." 332 wikitext text/x-wiki = Basic Linux Filesystem and Directories = == Linux filesystem hierarchy == The Linux filesystem is organized in a hierarchical structure, similar to a tree. At the top of this tree is the root directory, denoted by a forward slash (/), and all other directories and files branch off from the root directory. Understanding the purpose of common directories in the Linux filesystem is essential for navigating and managing files effectively. Here are some of the key directories in a typical Linux filesystem: :* '''/''' (Root): The root directory is the starting point of the filesystem hierarchy. All files and directories in the system are located under the root directory. :* '''/bin''': This directory contains essential binary executables, such as basic commands used by all users, including the shell and common utilities like 'ls', 'cp', 'mv', and 'rm'. :* '''/sbin''': The 'sbin' directory stores system binary executables, which are essential for system maintenance and administration tasks. These commands are generally used by the root user, for example, 'fdisk', 'ifconfig', and 'shutdown'. :* '''/boot''': The 'boot' directory contains the files needed to boot the system, such as the Linux kernel, the initial RAM disk (initrd), and the bootloader configuration files (e.g., GRUB). :* '''/dev''': The 'dev' directory contains device files that represent various hardware devices on the system, such as hard drives, printers, and terminals. In Linux, devices are treated as files, allowing users to interact with them using file manipulation commands. :* '''/etc''': The 'etc' directory holds system-wide configuration files and scripts. These files are generally plain text and can be edited to configure various aspects of the system, such as network settings, user accounts, and installed services. :* '''/home''': The 'home' directory contains individual user directories, where users store their personal files and settings. Each user has their own directory under '/home', named after their username (e.g., /home/johndoe). :* '''/lib''', '''/lib64''': These directories store shared library files required by the executables in '/bin' and '/sbin'. Libraries contain common code used by multiple programs, reducing duplication and conserving system resources. :* '''/media''': The 'media' directory is used to mount removable media, such as USB flash drives, CDs, and DVDs. When you connect or insert removable media, the system typically creates a subdirectory under '/media' for accessing the contents. :* '''/mnt''': The 'mnt' directory serves as a temporary mount point for filesystems, such as network drives or additional hard drives. Administrators can manually mount devices to this directory to access their contents. :* '''/opt''': The 'opt' directory is designated for optional or third-party software installations that are not managed by the system's package manager. This directory helps keep manually installed software separate from the rest of the system. :* '''/proc''': The 'proc' directory is a virtual filesystem that provides an interface to kernel data structures. It contains information about running processes and system resources, presented as files and directories. :* '''/root''': The 'root' directory is the home directory for the root user. This directory is separate from '/home' to ensure the root user always has access to essential files, even if the '/home' partition becomes full or unavailable. :* '''/tmp''': The 'tmp' directory is used to store temporary files created by the system and applications. These files are typically deleted upon system reboot or after a specified period. :* '''/usr''': The 'usr' directory contains user-related programs, libraries, and documentation. It is further organized into subdirectories such as '/usr/bin', '/usr/sbin', '/usr/lib', and '/usr/share'. The '/usr' directory is usually read-only and is meant for system-wide files that are not frequently modified: :* '''/usr/bin''': This directory holds non-essential user binary executables, such as command-line tools and applications. These files are accessible to all users on the system. :* '''/usr/sbin''': Similar to '/usr/bin', this directory contains non-essential system binary executables, intended for system maintenance and administration tasks. :* '''/usr/lib''', '''/usr/lib64''': These directories store shared libraries used by the executables in '/usr/bin' and '/usr/sbin'. :* '''/usr/share''': The 'usr/share' directory contains architecture-independent data, such as documentation, icons, fonts, and configuration files for various applications. :* '''/var''': The 'var' directory is used to store variable data, such as logs, mail, and web content. It contains subdirectories for different types of data that may change frequently or grow in size over time: ::* '''/var/log''': This directory holds log files generated by various system processes and applications. Log files are essential for monitoring system activity and troubleshooting issues. ::* '''/var/mail''': The 'var/mail' directory stores user mailboxes, containing incoming and outgoing email messages for each user on the system. ::* '''/var/spool''': This directory is used to store queued or temporary files, such as print jobs waiting to be processed or emails waiting to be sent. ::* '''/var/www''': In systems running a web server, the 'var/www' directory typically serves as the default location for web content, such as HTML files, images, and scripts. In summary, the Linux filesystem is organized into a hierarchical structure with specific directories serving distinct purposes. Familiarity with these directories and their functions is crucial for effective file management, system administration, and troubleshooting tasks on a Linux system. ==File types and permissions== In Linux, files have types and permissions that determine their nature and dictate how users can interact with them. Understanding file types and permissions is crucial for maintaining the security and integrity of a Linux system. === File Types === Linux supports several file types, each with its specific purpose and structure: : '''Regular files''' (indicated by '-'): These are the most common file type, including text files, images, executables, and data files. They can be read, written, or executed based on their permissions. : '''Directories''' (indicated by 'd'): Directories are special files that serve as containers for other files and directories. They are used to organize the filesystem in a hierarchical structure. : '''Symbolic links''' (indicated by 'l'): Symbolic links are pointers to other files or directories. They serve as shortcuts or aliases, allowing you to access the target file or directory without specifying its full path. : '''Character device files''' (indicated by 'c'): These files represent devices, such as a mouse or keyboard, that transmit data one character at a time. They facilitate communication between the hardware and the system. : '''Block device files''' (indicated by 'b'): Block device files represent devices that handle data in blocks, such as hard drives, CD-ROM drives, or USB storage devices. : '''Sockets''' (indicated by 's'): Sockets are special files that facilitate inter-process communication (IPC) between processes on the same or different systems. : '''Named pipes''' (indicated by 'p'): Named pipes, also known as FIFOs (first in, first out), are similar to sockets but only allow communication between processes on the same system. === File Permissions === In Linux, file permissions determine the level of access granted to the owner of the file, the group associated with the file, and other users. There are three basic permission types: : '''Read''' (r): The read permission allows users to view the file's contents or list the contents of a directory. : '''Write''' (w): The write permission allows users to modify a file's contents or create, delete, or rename files within a directory. : '''Execute''' (x): The execute permission allows users to run a file as a program or script or to access the contents of a directory. File permissions are displayed using a combination of letters and dashes (e.g., 'rw-r--r--'). The first set of permissions (rw-) applies to the owner of the file, the second set (r--) applies to the group, and the third set (r--) applies to other users. : '''owner''' first set of permissions : '''group''' second set of permissions : '''other users''' third set of permissions To view the permissions of files and directories, use the 'ls -l' command in the terminal. The output will show the file type and permissions, along with other information such as the owner, group, size, and modification date. To change file permissions, use the 'chmod' command. Permissions can be modified using either alphanumeric notation (e.g., 'chmod u+x myfile') or octal notation (e.g., 'chmod 755 myfile'). The alphanumeric notation uses letters to represent the user (u), group (g), and other (o) categories, while the octal notation uses numbers (0-7) to represent the permissions. In Linux, file and directory permissions are represented using a numerical system, with 0, 1, 2, and 4 being the base values. These numbers correspond to specific permissions: : 0: No permission : 1: Execute permission : 2: Write permission : 4: Read permission To set multiple permissions, you can combine these base values. For example, if you want to grant both read and execute permissions, you would add their respective values (4 for read and 1 for execute) to get a combined value of 5. Here are the possible combinations and their meanings: : 0: No permissions (---) : 1: Execute only (--x) : 2: Write only (-w-) : 3: Write and execute (-wx) : 4: Read only (r--) : 5: Read and execute (r-x) : 6: Read and write (rw-) : 7: Read, write, and execute (rwx) These numerical permissions are applied in sets of three digits, representing the owner, group, and others (everyone else) permissions, respectively. For example, chmod 750 file would grant the following permissions: : 7 (first digit): Owner has read (4), write (2), and execute (1) permissions (4+2+1=7) : 5 (second digit): Group has read (4) and execute (1) permissions (4+1=5) : 0 (third digit): Others have no permissions (0) This would result in the following permissions: -rwxr-x---. The owner has full access, group members have read and execute access, and others have no access to the file. ====four-digit number==== When you see a four-digit number used with the chmod command, such as <code>chmod 7777 file</code>, it includes an additional set of permissions known as the "setuid", "setgid", and "sticky" bits. These special permissions are represented by the first digit, while the remaining three digits represent the owner, group, and other permissions, respectively. Here's a breakdown of the special permissions represented by the first digit: :* setuid (4): When the setuid (set user ID) bit is set on an executable file, the process runs with the effective user ID of the file owner rather than the user who executed the file. This is useful for allowing users to run certain programs with elevated privileges, such as the passwd command, which needs root access to modify the /etc/shadow file. :* setgid (2): When the setgid (set group ID) bit is set on an executable file, the process runs with the effective group ID of the file group rather than the user's primary group. This is helpful in shared environments where multiple users need to access the same files with a common group. Additionally, when setgid is set on a directory, newly created files and directories within that directory inherit the group ownership from the parent directory. :* sticky (1): The sticky bit, when set on a directory, restricts file deletion within that directory. Only the owner of the file, the owner of the directory, or a user with root privileges can delete a file with the sticky bit set. This is commonly used on shared directories, such as /tmp, to prevent users from accidentally or maliciously deleting files owned by other users. In the case of chmod 7777 file, the permissions are as follows: : 7 (first digit): Setuid (4), setgid (2), and sticky bit (1) are all set (4+2+1=7). : 7 (second digit): The owner has read (4), write (2), and execute (1) permissions (4+2+1=7). : 7 (third digit): The group has read (4), write (2), and execute (1) permissions (4+2+1=7). : 7 (fourth digit): Other users have read (4), write (2), and execute (1) permissions (4+2+1=7). It's important to note that setting permissions to 7777 is generally not recommended, as it grants all users full access to the file, including the ability to read, write, and execute it, and may also enable the setuid, setgid, and sticky bits, potentially leading to security vulnerabilities. Use caution when setting permissions and ensure you understand the implications of the values you assign. In summary, file types and permissions in Linux play a crucial role in maintaining the security and organization of a system. Understanding these concepts allows administrators and users to manage access to files and directories effectively and protect sensitive data from unauthorized access. ==Navigating directories using the command line== Navigating directories using the command line is an essential skill when working with a Linux system. Here's an overview of some basic commands to help you navigate directories: : '''pwd''' (Print Working Directory): This command displays the current working directory, which is the directory you are currently in. <pre> $ pwd /home/username </pre> : '''ls''' (List): This command lists the contents of the current directory or a specified directory. <pre> $ ls Desktop Documents Downloads Music Pictures Videos </pre> To list the contents of a specific directory, use ls followed by the directory path: <pre> $ ls /var/www html logs </pre> : cd (Change Directory): This command is used to change the current working directory. To navigate to a specific directory, use cd followed by the directory path: <pre> $ cd Documents </pre> To move up one directory level, use cd ..: <pre> $ cd .. </pre> To go to your home directory, simply use cd without any arguments: <pre> $ cd </pre> : '''mkdir''' (Make Directory): This command creates a new directory. To create a new directory, use mkdir followed by the directory name: <pre> $ mkdir NewDirectory </pre> : '''rmdir''' (Remove Directory): This command removes an empty directory. To remove an empty directory, use rmdir followed by the directory name: <pre> $ rmdir NewDirectory </pre> Note: If the directory is not empty, you will need to use rm -r to remove the directory and its contents: <pre> $ rm -r DirectoryWithContents </pre> By using these basic commands, you can navigate directories, view their contents, and create or remove directories using the command line in Linux. Practice these commands to familiarize yourself with the Linux file system and improve your command-line skills. ==Manipulating files and directories== Manipulating files and directories is an important aspect of working with Linux. Here's an overview of basic commands to manage files and directories using the command line: : '''touch''' (Create a new file): This command creates an empty file. To create a new file, use touch followed by the file name: <pre> $ touch newfile.txt </pre> : '''cp''' (Copy): This command copies a file or directory. To copy a file, use cp followed by the source file and the destination: <pre> $ cp sourcefile.txt destinationfile.txt </pre> To copy a directory and its contents, use the '''-r''' (recursive) option: <pre> $ cp -r sourcedirectory destinationdirectory </pre> : '''mv''' (Move/Rename): This command moves or renames a file or directory. To move a file, use mv followed by the source file and the destination: <pre> $ mv sourcefile.txt destinationfile.txt </pre> To rename a file, use mv followed by the old file name and the new file name: <pre> $ mv oldname.txt newname.txt </pre> : '''rm''' (Remove): This command removes a file or directory. To remove a file, use rm followed by the file name: <pre> $ rm filetoremove.txt </pre> To remove a directory and its contents, use the -r (recursive) option: <pre> $ rm -r directorytoremove </pre> : '''cat''' (Concatenate): This command displays the contents of a file or concatenates multiple files. To display the contents of a file, use cat followed by the file name: <pre> $ cat file.txt </pre> To [[Dictionary_concatenate|concatenate]] multiple files, use cat followed by the file names: <pre> $ cat file1.txt file2.txt > combined.txt </pre> : '''ln''' (Link): This command creates a link (hard or symbolic) between files. To create a hard link, use ln followed by the source file and the link name: <pre> $ ln sourcefile.txt linkname.txt </pre> To create a symbolic link, use the -s option: <pre> $ ln -s sourcefile.txt symlinkname.txt </pre> <div class="toccolours mw-collapsible mw-collapsed"> <code>ln</code> hard vs symbolic link: <div class="mw-collapsible-content"> In Linux, a link is a reference to a file or directory. There are two types of links: hard links and symbolic (or soft) links. Each type of link has its own characteristics and use cases. '''Hard Links''': A hard link is a direct reference to the actual file or directory on the storage device. It essentially creates another name for the same file, sharing the same inode (a unique identifier that represents the file on the filesystem). Here are some key points about hard links: :* Hard links can only be created for files, not directories. :* Hard links must be on the same filesystem as the original file. :* Deleting a hard link doesn't affect the original file or other hard links to the file. The file is only deleted when all hard links to it are removed. :* A hard link doesn't occupy additional disk space, as it points directly to the same data as the original file. '''Symbolic (Soft) Links''': A symbolic link, also known as a soft link, is an indirect reference to a file or directory. Instead of pointing to the actual file data, it points to the file's pathname. Here are some key points about symbolic links: :* Symbolic links can be created for both files and directories. :* Symbolic links can span across different filesystems. :* Deleting a symbolic link doesn't affect the original file or directory, but if the target is removed, the symbolic link becomes a "dangling" or "broken" link, pointing to a non-existent file. :* A symbolic link occupies a small amount of disk space, as it stores the target file's pathname as a separate entity. In summary, hard links are direct references to file data and can only be created for files within the same filesystem, while symbolic links are indirect references that can be created for both files and directories across different filesystems. Hard links are generally more efficient in terms of disk space usage, but symbolic links offer more flexibility and can be used in a wider range of scenarios. </div> </div> These commands provide the basic functionality to manipulate files and directories in Linux. Familiarize yourself with these commands to improve your efficiency and productivity when working with the Linux command line. ==File searching and comparisons== File searching and comparisons are essential tasks when working with files and directories in a Linux environment. They help you find specific files or directories based on certain criteria or compare the content of two or more files. Here's an overview of some commonly used commands for file searching and comparisons: ===Find=== : '''find''': The find command is a powerful tool for searching files and directories based on various criteria, such as name, size, modification time, and type. The basic syntax is: <pre> find [path] [expression] </pre> For example, to find all files with the .txt extension in the current directory and its subdirectories, you would use: <pre> find . -name "*.txt" </pre> : '''locate''': The locate command searches for files and directories based on their names using a pre-built database. It is generally faster than find but may not have the most up-to-date information. The basic syntax is: <pre> locate [options] pattern </pre> For example, to find all files and directories with the word "example" in their name: <pre> locate example </pre> ===Grep=== : '''grep''': The grep command searches for a specific pattern in the content of one or more files. It's a versatile tool for filtering and searching text. The basic syntax is: <pre> grep [options] pattern [files] </pre> For example, to search for the word "error" in all log files in the current directory: <pre> grep 'error' *.log </pre> Search through files in recursive directories to find a string of text. <pre> grep -SWITCHES "TEXT2FIND" /PATH/TO/DIRECTORY </pre> Example: <pre> grep -iRl "text" ./ </pre> * '''-i''' - Ignore case distinctions in patterns and input data, so that characters that differ only in case match each other. * '''-R''' - Read all files under each directory, recursively. Follow all symbolic links, unlike -r. * '''-l''' - Suppress normal output; instead print the name of each input file from which output would normally have been printed. The scanning will stop on the first match. * '''-n''' - return/display the line number. * '''-w''' - Select only those lines containing matches that form whole words. More about switches can be found in <code>man grep</code> ===Diff=== : '''diff''': The diff command is used to compare the content of two files line by line, showing the differences between them. It's useful for identifying changes between file versions or finding discrepancies. The basic syntax is: <pre> diff [options] file1 file2 </pre> For example, to compare the content of file1.txt and file2.txt: <pre> diff file1.txt file2.txt </pre> ===Comm=== : '''comm''': The comm command is another tool for comparing two sorted files, showing the lines that are unique to each file and the lines that are common to both. The basic syntax is: <pre> comm [options] file1 file2 </pre> For example, to compare the content of two sorted text files file1.txt and file2.txt: <pre> comm file1.txt file2.txt </pre> These commands are just the tip of the iceberg when it comes to file searching and comparisons in Linux. There are many more options and tools available to help you find and manage your files efficiently. f1ffea2kctnqzaboytoh8ifuz0cwyo3 0 85 333 2023-04-17T03:58:18Z imported>AwesomO 0 Created page with "Text editing and processing in Linux involve using a variety of command-line tools and text editors to create, modify, and analyze text files. These tools are essential for tasks such as writing scripts, editing configuration files, or analyzing log files. Here are some common text editing and processing tasks along with the tools used to accomplish them: : '''Text Editors''': Text editors allow you to create and modify plain text files. There are many text editors a..." 333 wikitext text/x-wiki Text editing and processing in Linux involve using a variety of command-line tools and text editors to create, modify, and analyze text files. These tools are essential for tasks such as writing scripts, editing configuration files, or analyzing log files. Here are some common text editing and processing tasks along with the tools used to accomplish them: : '''Text Editors''': Text editors allow you to create and modify plain text files. There are many text editors available for Linux, ranging from simple to feature-rich editors. Some popular text editors include: :* '''nano''': A simple and easy-to-use text editor that is beginner-friendly. :* '''vi/vim''': A powerful and versatile text editor with a steep learning curve but extensive features. :* '''emacs''': Another powerful and extensible text editor with a large number of features and customization options. : '''Viewing Text Files''': To view the contents of a text file without editing it, you can use the following commands: :* '''cat''': Displays the entire contents of a file. :* '''less''' or '''more''': Allows you to scroll through the file, displaying one screen of content at a time. : '''Text Processing''': Linux provides several command-line tools for manipulating and analyzing text files. Some commonly used text processing commands include: :* '''grep''': Searches for a specified pattern within a file or a stream of text. It's useful for filtering log files, finding specific lines in a file, or searching for a particular string in multiple files. :* '''sed''': A powerful stream editor that can be used to perform complex text transformations, such as find-and-replace operations, on a file or a stream of text. :* '''awk''': A versatile text processing tool that can be used to perform operations on structured text data, such as filtering, transformations, or calculations. : '''Sorting and Comparing Text''': Linux provides commands for sorting and comparing the contents of text files: :* '''sort''': Sorts the lines of a text file based on various criteria, such as alphabetical order or numerical values. :* '''uniq''': Removes duplicate lines from a sorted text file or displays the unique lines in a file. :* '''diff''': Compares two text files and displays the differences between them. : '''Text Manipulation''': There are several commands for modifying text files or streams of text, such as: :* '''cut''': Removes specific columns or fields from each line of a text file. :* '''paste''': Merges the lines of multiple text files side by side. :* '''tr''': Translates (replaces) characters from one set to another, such as converting uppercase letters to lowercase. These are just some of the many tools and utilities available in Linux for text editing and processing. Familiarizing yourself with these tools will greatly enhance your ability to work with text files and perform various tasks efficiently using the command line. ==Command Line Editors== A command line editor is a type of software program that allows users to create and edit text files directly from a command line interface. This means that instead of using a graphical user interface, users interact with the editor through a text-based interface. Command line editors are often used by programmers and system administrators who need to work with text files in a terminal environment. They are particularly useful for tasks such as modifying configuration files, writing scripts, and editing code. Some popular command line editors include Vi, Nano, and Emacs. Each editor has its own set of features and commands, and users often have strong preferences for which one they prefer to use. One advantage of using a command line editor is that it allows for efficient editing of text files without the need for a separate program or application. Additionally, command line editors can be used over a network connection, which can be useful for remote administration and collaboration. However, command line editors do require some familiarity with basic command line navigation and editing commands, which can be daunting for users who are not accustomed to working in a terminal environment. Nonetheless, mastering a command line editor can be a valuable skill for anyone who works with text files on a regular basis. ===VI=== <b>vi</b> is a text editor that is built into most Linux distributions. It is a command-line based editor that can be used to create and modify text files.<br> <br> <b>vi</b> has two main modes: * Command mode: This is the default mode when you open a file in "vi". In command mode, you can navigate around the file, make edits, and execute commands. You cannot enter text in this mode. * Insert mode: In insert mode, you can enter text into the file. To enter insert mode, you need to switch from command mode to insert mode. Here's how to switch between the two modes in "<b>vi</b>": * To switch from command mode to insert mode, press the "<b>i</b>" key. This will allow you to start typing text into the file. * To switch from insert mode back to command mode, press the "<b>Esc</b>" key. While in command mode, you can use various commands to navigate around the file and perform various editing tasks, such as deleting or copying text. Here are some examples of commands you can use in command mode:<br> <br> <code>h</code>: Move the cursor left<br> <code>j</code>: Move the cursor down<br> <code>k</code>: Move the cursor up<br> <code>l</code>: Move the cursor right<br> <code>dd</code>: Delete the current line<br> <code>yy</code>: Copy the current line<br> <code>p</code>: Paste the last line that was copied or deleted<br> <br> There are many more commands available in "vi". You can access a list of commands by typing <code>:help</code> in command mode.<br> <br> It's important to note that "vi" can be a bit confusing for new users, especially since it requires memorizing different commands to navigate and edit files. However, once you get the hang of it, "vi" can be a very powerful and efficient tool for editing text files.<br> <br> ===nano=== Nano is a simple, easy-to-use text editor that is available on most Linux distributions. It is designed to be user-friendly and intuitive, making it a good choice for beginners who are new to Linux. Here are some examples of how to use Nano: To open a file with Nano, type the following command in a terminal: <code>nano filename</code><br> This will open the file "filename" in the Nano editor. To enter text in Nano, simply start typing. Text will appear at the cursor location. To save changes to a file, press the <b>Ctrl</b> and <b>O</b> keys together. This will bring up the save prompt. Type in the name of the file you want to save and press "Enter". To exit Nano, press the <b>Ctrl</b> and <b>X</b> keys together. If there are unsaved changes, Nano will prompt you to save them before exiting. To copy text in Nano, use the <b>Alt</b> and <b>6</b> keys together to set a mark at the beginning of the text you want to copy, then move the cursor to the end of the text you want to copy. Press the <b>Ctrl</b> and <b>K</b> keys together to cut the text to the clipboard. Move the cursor to the location where you want to paste the text, and press the <b>Ctrl</b> and <b>U</b> keys together to paste the text. To search for text in Nano, press the <b>Ctrl</b> and <b>W</b> keys together. This will bring up the search prompt. Type in the text you want to search for and press "Enter". Nano will search the file for the text and highlight the first occurrence. To navigate through a file in Nano, use the arrow keys to move the cursor up, down, left, or right. Use the <b>Page Up</b> and <b>Page Down</b> keys to move the cursor up or down one page at a time. Nano is a great option for users who prefer a simple, easy-to-use text editor that doesn't require memorizing complicated commands. ===Emacs=== Emacs is a text editor that is popular among programmers and developers. It is a powerful, customizable editor that is available on most operating systems, including Linux, macOS, and Windows. Here are some basic commands that you can use to get started with Emacs: To open a file with Emacs, type the following command in a terminal:<br> <code>emacs filename</code><br> This will open the file "filename" in the Emacs editor. To enter text in Emacs, simply start typing. Text will appear at the cursor location. To save changes to a file, press the <b>Ctrl</b> and <b>X</b> keys together, followed by the <b>Ctrl</b> and <b>S</b> keys. This will save the changes to the file. To exit Emacs, press the <b>Ctrl</b> and <b>X</b> keys together, followed by the <b>Ctrl</b> and <b>C</b> keys. If there are unsaved changes, Emacs will prompt you to save them before exiting. To copy text in Emacs, use the <b>Alt</b> and <b>W</b> keys together to mark the beginning of the text you want to copy, then move the cursor to the end of the text you want to copy. Press the <b>Alt</b> and <b>W</b> keys together to copy the text to the clipboard. Move the cursor to the location where you want to paste the text, and press the <b>Ctrl</b> and <b>Y</b> keys together to paste the text. To search for text in Emacs, press the <b>Ctrl</b> and <b>S</b> keys together. This will bring up the search prompt. Type in the text you want to search for and press "Enter". Emacs will search the file for the text and highlight the first occurrence. To navigate through a file in Emacs, use the arrow keys to move the cursor up, down, left, or right. Use the <b>PgUp</b> and <b>PgDn</b> keys to move the cursor up or down one page at a time. Emacs also has a wide range of features and customization options, making it a powerful tool for developers. Some popular features include syntax highlighting, code completion, and version control integration. To learn more about Emacs and its advanced features, you can check out the official documentation and online tutorials. ====Set $EDITOR==== In Linux and other Unix-like operating systems, the EDITOR environment variable is used to specify the default text editor that should be used when opening and editing files from the command line. The set EDITOR=nano command is used to set the EDITOR environment variable to the nano text editor. This means that any command or program that requires a text editor to be opened, such as git commit, will now use nano as the default editor instead of the previously set default. The nano editor is a simple, easy-to-use text editor that is designed to be user-friendly and intuitive, making it a good choice for beginners who are new to Linux. Setting the EDITOR environment variable to nano can be useful for users who prefer to use nano as their default text editor, or for users who are not familiar with other text editors like vi or emacs. To make the EDITOR environment variable persist across terminal sessions, you can add the set EDITOR=nano command to your shell startup file, such as .bashrc or .zshrc, depending on which shell you are using. To see if <b>EDITOR</b> as already be assigned:<br> <code>echo $EDITOR</code><br> <br> To set environment variable:<br> <code>set EDITOR=nano</code><br> <br> To unset use:<br> <code>unset EDITOR</code><br> ==Basic text manipulation commands== In Linux, there are several basic text manipulation commands that allow you to view and manage text files. These commands are essential for quickly inspecting the content of files or processing text data. Here's an explanation of the basic text manipulation commands cat, less, head, and tail: ===cat=== '''cat''': The cat command is used to concatenate and display the content of one or more files. It reads files sequentially, writing them to standard output. You can use cat to view the entire content of a file, combine multiple files, or create a new file. Usage examples: :* '''cat file1.txt''': Displays the content of '''file1.txt'''. :* '''cat file1.txt file2.txt''': Displays the content of both file1.txt and file2.txt in sequence. :* '''cat file1.txt file2.txt > combined.txt''': Combines the content of file1.txt and file2.txt and saves it to a new file called combined.txt. ===less=== '''less''': The less command is a pager program that allows you to scroll through the content of a text file, displaying one screen of text at a time. With less, you can navigate forward and backward, search for text, and use various other navigation commands. less is especially useful for viewing large files, as it doesn't load the entire file into memory. Usage examples: :* '''less file1.txt''': Opens file1.txt in the less pager. Use the arrow keys or Page Up/Down to navigate, / to search, and '''q''' to quit. ===head=== '''head''': The head command is used to display the first part (usually the first few lines) of a file. By default, head shows the first 10 lines, but you can specify a different number of lines to display. Usage examples: :* '''head file1.txt''': Displays the first 10 lines of file1.txt. :* '''head -n 5 file1.txt''': Displays the first 5 lines of file1.txt. ===tail=== '''tail''': The tail command is similar to head, but it displays the last part (usually the last few lines) of a file. By default, tail shows the last 10 lines, but you can specify a different number of lines to display. tail is particularly useful for monitoring log files, as it can display new lines in real-time. Usage examples: :* '''tail file1.txt''': Displays the last 10 lines of file1.txt. :* '''tail -n 5 file1.txt''': Displays the last 5 lines of file1.txt. :* '''tail -f file1.txt''': Monitors file1.txt and displays new lines as they are added to the file. These basic text manipulation commands are powerful and easy to use, providing you with a simple way to view and manage text files from the command line. Mastering these commands will enhance your efficiency when working with text data on a Linux system. ==Text processing commands== In Linux, there are several powerful text processing commands that allow you to filter, transform, and manipulate text data. These commands are essential for working with text files and processing data from the command line. Here's an explanation of the text processing commands grep, awk, and sed: ===grep=== '''grep''': The grep command is used to search for patterns in text files. It can search for regular expressions, fixed strings, or a combination of both. grep is commonly used to filter lines in a file or output from other commands based on specific patterns. Usage examples: :* '''grep 'pattern' file.txt''': Searches for lines containing the pattern in file.txt and displays them. :* '''cat file.txt | grep 'pattern'''': Searches for lines containing the pattern in the output of cat file.txt. :* '''grep -i 'pattern' file.txt''': Searches for lines containing the pattern in file.txt, ignoring case. ===awk=== '''awk''': The awk command is a versatile text processing tool that can be used to perform complex operations on structured text data, such as columns. awk reads input lines, applies a set of rules and actions, and prints the results. It can be used for tasks like text filtering, transformation, and reporting. Usage examples: :* '''awk '{ print $1 }' file.txt''': Prints the first field (column) of each line in file.txt. :* '''awk -F, '{ print $1 }' file.csv''': Prints the first field of each line in file.csv, using a comma as the field separator. :* '''awk '$1 > 100 { print $0 }' file.txt''': Prints lines from file.txt where the value of the first field is greater than 100. ===sed=== '''sed''': The sed command, short for "stream editor", is a powerful text editor that can be used to perform basic text transformations on an input stream (a file or input from a pipeline). sed is particularly useful for performing operations like search and replace, insertions, and deletions on text data. Usage examples: :* '''sed 's/pattern/replacement/' file.txt''': Replaces the first occurrence of pattern with replacement in each line of file.txt and displays the result. :* '''sed 's/pattern/replacement/g' file.txt''': Replaces all occurrences of pattern with replacement in each line of file.txt and displays the result. :* '''sed '/pattern/d' file.txt''': Deletes lines containing pattern from file.txt and displays the result. These text processing commands (grep, awk, and sed) are powerful tools for working with text data on a Linux system. By mastering these commands, you can efficiently process and manipulate text data, automate tasks, and perform complex operations on structured data. ==Regular expressions (regex) == Regular expressions (regex) are a powerful tool used to define patterns for matching, searching, and manipulating strings in text data. Regular expressions provide a concise and flexible means for identifying strings of text that follow a specific pattern, such as email addresses, phone numbers, or specific words. They are widely used in programming languages, text processing utilities, and search engines. Here's an in-depth explanation of regular expressions, covering their key concepts and components: '''Literal characters''': The simplest regular expression is a sequence of characters that must be matched exactly. For example, the regex hello matches the string "hello". '''Metacharacters''': Metacharacters have a special meaning in regular expressions, and they are used to define more complex patterns. Some common metacharacters include: :* '''.''': Matches any single character except a newline. :* '''^''': Matches the start of a line. :* '''$''': Matches the end of a line. :* '''*''': Matches zero or more occurrences of the preceding character. :* '''+''': Matches one or more occurrences of the preceding character. :* '''?''': Matches zero or one occurrence of the preceding character. :* '''{m,n}''': Matches the preceding character at least m times and at most n times. :* '''|''': Indicates alternation, matching either the expression before or after the |. '''Character classes''': Character classes are used to define a set of characters to match. They are enclosed in square brackets [ ]. For example, [abc] matches any single character that is either "a", "b", or "c". Ranges of characters can also be defined using a hyphen -, such as [a-z] (matches any lowercase letter) or [0-9] (matches any digit). '''Predefined character classes''': Regular expressions provide some predefined character classes for commonly used sets of characters: :* '''\d''': Matches any digit (equivalent to [0-9]). :* '''\D''': Matches any non-digit character (equivalent to [^0-9]). :* '''\w''': Matches any word character (letters, digits, or underscores; equivalent to [a-zA-Z0-9_]). :* '''\W''': Matches any non-word character (equivalent to [^a-zA-Z0-9_]). :* '''\s''': Matches any whitespace character (spaces, tabs, or newlines). :* '''\S''': Matches any non-whitespace character. '''Grouping and capturing''': Parentheses () are used to group parts of a regular expression, allowing you to apply quantifiers or alternation to a group of characters. Additionally, parentheses create a capture group, storing the matched text for later use. For example, (ab)+ matches one or more occurrences of the string "ab". '''Lookaround assertions''': Lookaround assertions are zero-width assertions that check for a pattern without consuming any characters. They can be used to ensure that a pattern is preceded or followed by another pattern without including that pattern in the match. There are four types of lookaround assertions: :* Positive lookahead: '''(?=pattern)''' :* Negative lookahead: '''(?!pattern)''' :* Positive lookbehind: '''(?<=pattern)''' :* Negative lookbehind: '''(?<!pattern)''' '''Escaping metacharacters''': To use a metacharacter as a literal character, you must escape it with a backslash \. For example, the regex a\.b matches the string "a.b". Regular expressions are a powerful and flexible tool for working with text data. They can be used in various programming languages and utilities, such as Python, JavaScript, grep, awk, and sed, to perform tasks such as searching, filtering, and transforming text. By understanding and mastering regular expressions, you can greatly enhance your ability to work with and manipulate text data. Here are a few more examples of regular expressions and their meanings: '''Email address pattern''':<code>^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$</code><br> This regex matches valid email addresses. It allows for alphanumeric characters, periods, underscores, percent signs, plus signs, and hyphens in the username, followed by the "@" symbol, a domain name consisting of alphanumeric characters, periods, and hyphens, and finally a top-level domain with at least two alphabetical characters. <div class="toccolours mw-collapsible mw-collapsed"> '''Email address pattern''' Broken down step by step: <div class="mw-collapsible-content"> '''^''': This symbol indicates the start of the string. '''[a-zA-Z0-9._%+-]+''': This part matches one or more characters in the local part of the email address. :* '''a-zA-Z''': Any lowercase or uppercase letter. :* '''0-9''': Any digit. :* '''._%+-''': These are some special characters that can appear in the local part of an email address. :* The '''+''' following the square brackets means to match one or more of the characters within the square brackets. '''@''': This character matches the at symbol (@) separating the local part from the domain part of the email address. '''[a-zA-Z0-9.-]+''': This part matches one or more characters in the domain name. :* '''a-zA-Z''': Any lowercase or uppercase letter. :* '''0-9''': Any digit. :* '''.-''': Period and hyphen are allowed characters in a domain name. :* The '''+''' following the square brackets means to match one or more of the characters within the square brackets. '''\.''': This character matches a period (.) that separates the domain name from the top-level domain (TLD). '''[a-zA-Z]{2,}''': This part matches the TLD of the email address. :* '''a-zA-Z''': Any lowercase or uppercase letter. :* '''{2,}''': This quantifier indicates that the TLD must have at least 2 characters. '''$''': This symbol indicates the end of the string. So, in summary, this regex pattern matches an email address that starts with one or more alphanumeric or special characters, followed by the @ symbol, followed by one or more alphanumeric or special characters in the domain name, a period, and finally, a TLD containing at least two alphabetic characters. </div> </div> '''Phone number pattern''':<code>^\+?\d{1,4}?[-. ]?\(?\d{1,3}?\)?[-. ]?\d{1,4}[-. ]?\d{1,4}[-. ]?\d{1,9}$</code><br> This regex matches various phone number formats, including those with optional country codes (preceded by a plus sign), optional area codes (enclosed in parentheses), and different delimiters (such as spaces, periods, or hyphens). <div class="toccolours mw-collapsible mw-collapsed"> '''Phone number pattern''' step by step: <div class="mw-collapsible-content"> This regex pattern is used to match phone numbers with a variety of formats. Let's break it down step by step: : '''^''': This asserts the position at the start of the line. : '''\+?''': This matches an optional "+" sign at the beginning of the phone number (used for international numbers). : '''\d{1,4}?''': This matches between 1 and 4 digits (for the country code or area code). The ? makes it lazy, so it will match as few characters as possible. : '''[-. ]?''': This matches an optional separator, which can be a hyphen (-), a dot (.), or a space. : '''\(?\d{1,3}?\)?''': This matches an optional area code surrounded by parentheses. The area code consists of 1 to 3 digits. The \(? and \)? make the parentheses optional, and the ? after the digits makes it lazy. : '''[-. ]?''': This matches another optional separator (hyphen, dot, or space). : '''\d{1,4}''': This matches the next 1 to 4 digits in the phone number (typically the first part of the local number). : '''[-. ]?''': This matches yet another optional separator. : '''\d{1,4}''': This matches another set of 1 to 4 digits (typically the second part of the local number). : '''[-. ]?''': This matches the last optional separator. : '''\d{1,9}''': This matches the final set of 1 to 9 digits in the phone number (the remaining part of the local number). : '''$''': This asserts the position at the end of the line. This regex pattern is quite flexible and can match phone numbers in various formats. However, it may not be perfect for every situation, and you might need to adjust it depending on the specific phone number formats you are working with. </div> </div> '''URL pattern''': <code>^(https?:\/\/)?([\da-z.-]+)\.([a-z.]{2,6})([\/\w .-]*)*\/?$</code><br> This regex matches valid URLs, supporting both HTTP and HTTPS protocols, domain names with alphanumeric characters, periods, and hyphens, top-level domains with at least two alphabetical characters, and optional paths with alphanumeric characters, slashes, periods, spaces, and hyphens. <div class="toccolours mw-collapsible mw-collapsed"> '''URL pattern''' step by step: <div class="mw-collapsible-content"> This regex pattern is used to match URLs with a variety of formats. Let's break it down step by step: : '''^''': This asserts the position at the start of the line. : '''(https?:\/\/)?''': This matches the optional protocol part of the URL, either "http://" or "https://". The s? makes the "s" optional, and the \/\/ is used to escape and match the slashes. : '''([\da-z.-]+)''': This part of the pattern matches the domain name, which can contain digits, lowercase letters, hyphens, and dots. The + indicates that there must be at least one character present. : '''\.([a-z.]{2,6})''': This part matches the top-level domain, which is preceded by a dot. The top-level domain can contain lowercase letters and dots, with a length between 2 and 6 characters. : '''([\/\w .-]*)''': This part matches the optional path part of the URL. The path can contain slashes, word characters (letters, digits, and underscores), dots, spaces, and hyphens. The * indicates that the path can have zero or more characters. : '''*\/?''': This part matches an optional trailing slash at the end of the URL. The * and ? combined allow for zero or more trailing slashes. : '''$''': This asserts the position at the end of the line. This regex pattern is quite flexible and can match URLs in various formats. However, it may not be perfect for every situation, and you might need to adjust it depending on the specific URL formats you are working with. </div> </div> '''IP address pattern''':<code>^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</code><br> This regex matches valid IPv4 addresses, ensuring that each octet is a number between 0 and 255, separated by periods. <div class="toccolours mw-collapsible mw-collapsed"> '''IP address pattern regex''' Broken down step by step: <div class="mw-collapsible-content"> <code>^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</code> '''^''': This symbol marks the beginning of the regex pattern. It ensures that the pattern must match from the start of the input string. '''(''': This is the opening of a capturing group, which allows us to apply a quantifier to part of the pattern. Within the capturing group, we have three alternatives separated by the | (pipe) symbol: '''25[0-5]''': This pattern matches any number between 250 and 255. 25 matches the first two digits, and [0-5] matches the third digit between 0 and 5. '''2[0-4][0-9]''': This pattern matches any number between 200 and 249. 2 matches the first digit, [0-4] matches the second digit between 0 and 4, and [0-9] matches the third digit between 0 and 9. '''[01]?[0-9][0-9]?''': This pattern matches any number between 0 and 199. [01]? matches either 0, 1, or nothing (due to the ? quantifier). [0-9] matches any single digit between 0 and 9. The second [0-9]? also matches any single digit between 0 and 9, or nothing. ''')''': This is the closing of the capturing group. The group contains one of the three alternatives described above, followed by a period (\.). The period needs to be escaped with a backslash because it is a special character in regex syntax. '''{3}''': This quantifier specifies that the preceding capturing group must appear exactly three times. '''(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)''': This is the same pattern as the capturing group described earlier but without the period. It is used to match the last octet of the IP address. '''$''': This symbol marks the end of the regex pattern. It ensures that the pattern must match until the end of the input string. This regex pattern ensures that each octet of the IPv4 address is a number between 0 and 255 and that there are exactly four octets separated by periods. </div> </div> By combining these concepts and components, you can create complex regular expressions to match a wide range of patterns in your text data. As you gain experience working with regular expressions, you'll develop a deeper understanding of their capabilities and limitations, allowing you to tackle more advanced text processing tasks. gk1gg3fitx2st2kpw559zf1zi2zdvbq 0 86 334 2023-04-17T03:59:05Z imported>AwesomO 0 Created page with "== Understanding Users and Groups in Linux == In Linux, users and groups are essential concepts for managing system access and permissions. This guide will provide an in-depth explanation of users and groups in Linux, helping complete noobs to understand their roles and how they are used in the operating system. === Users === In Linux, a user is an entity that can log into the system and interact with it. Users can be either human beings or system processes that requi..." 334 wikitext text/x-wiki == Understanding Users and Groups in Linux == In Linux, users and groups are essential concepts for managing system access and permissions. This guide will provide an in-depth explanation of users and groups in Linux, helping complete noobs to understand their roles and how they are used in the operating system. === Users === In Linux, a user is an entity that can log into the system and interact with it. Users can be either human beings or system processes that require access to system resources. Each user has a unique identifier called a User ID (UID), which is a number assigned by the system. There are three types of users in Linux: :* '''Regular users''': Regular users are the most common type of user accounts. They have limited access to the system and are typically created for individuals who use the system for everyday tasks. :* '''System users''': System users are created for managing system processes and services. These users have limited access to the system and are not intended for human interaction. They are used to isolate and secure different system services. :* '''Superuser (root)''': The superuser, also known as the root user, has complete access to the entire system. The root user can perform any operation on the system, including modifying system files, installing software, and creating or deleting users. It is crucial to use the root user account sparingly and only when necessary, as it can potentially cause significant harm to the system if misused. === Groups === A group in Linux is a collection of users who share certain permissions and access rights. Groups are useful for managing multiple users who need similar access to resources or files. Each group has a unique identifier called a Group ID (GID), which is a number assigned by the system. Users can belong to one or more groups, and each group can have multiple members. By default, when a new user is created, a group with the same name as the user is also created. This group is referred to as the user's primary group. == Managing User and Group == ===Users=== [[Ubuntu_Users|More info and options for users can be found at the <b>Users</b> page]]<br> Managing users and groups in Linux typically involves the following tasks: :* '''Creating users''': To create a new user, you can use the useradd command followed by the username. This command creates a new user account and sets up the user's home directory, default shell, and primary group. <code>useradd newuser</code> :* ''Modifying users''': To modify an existing user's properties, you can use the usermod command. For example, you can add a user to a new group or change their primary group. <code>usermod -aG newgroup newuser</code> :* '''Deleting users''': To delete a user account, use the <b>userdel</b> command followed by the username. This command will remove the user from the system and, with the <b>-r</b> option, delete the user's home directory and mail spool. <code>userdel -r newuser</code> :* '''Changing user passwords''': To set or change a user's password, use the passwd command followed by the username. <code>passwd newuser</code> ===Group=== :* '''Creating groups''': To create a new group, use the groupadd command followed by the group name. <code>groupadd newgroup</code> :* '''Modifying groups''': To modify an existing group's properties, use the groupmod command. For example, you can change the group name or GID. <code>groupmod -n newgroupname oldgroupname</code> :* '''Deleting groups''': To delete a group, use the groupdel command followed by the group name. <code>groupdel newgroup</code> :* '''Listing users and groups''': To list all the users on the system, you can use the getent command with the passwd database: <code>getent passwd</code> Similarly, to list all the groups on the system, use the getent command with the group database: <code>getent group</code> Another way to list users and groups is by checking the /etc/passwd and /etc/group files, respectively. These files store user and group information in a human-readable format. == File Ownership and Permissions == Understanding users and groups is essential for managing file ownership and permissions. In Linux, each file and directory has an owner and a group associated with it. The owner is usually the user who created the file, and the group is the primary group of the owner. File permissions in Linux are defined for three categories of users: :* '''User (u)''': The owner of the file :* '''Group (g)''': The group associated with the file :* '''Other (o)''': All other users on the system For each category, there are three types of permissions: :* '''Read (r)''': The ability to read the contents of a file or list the contents of a directory :* '''Write (w)''': The ability to modify a file or create, modify, and delete files within a directory :* '''Execute (x)''': The ability to run a file as a program or access a directory You can view file ownership and permissions using the ls -l command. The output will display the permissions, owner, group, and other file information. To change file ownership, use the <b>chown</b> command: <code>chown newuser:newgroup filename</code> To modify file permissions, use the chmod command. Permissions can be specified using numeric or symbolic notation: <pre> chmod u+x filename # Adds execute permission for the user (owner) chmod 755 filename # Sets read, write, execute for the user, and read and execute for the group and others </pre> By understanding and effectively managing users, groups, and permissions in Linux, you can ensure a secure and well-organized system. ==Sudo and su commands== The sudo and su commands in Linux are used to perform tasks with elevated privileges, typically as the root user. These commands are essential for system administration tasks that require higher permissions. ===sudo=== :* '''Sudo''': The sudo command allows a permitted user to execute a command as the superuser or another user, as specified in the /etc/sudoers file. Some examples: :* Run a command as the root user: <code>sudo command</code> :* Update the package list and upgrade packages (requires root privileges): <code>sudo apt update && sudo apt upgrade</code> :* Edit a system configuration file using the nano text editor: <code>sudo nano /etc/hosts</code> Options: :* <b>-u</b>: Run the command as a specific user. Replace username with the desired user: <code>sudo -u username command</code> :* '''-k''': Invalidate the user's cached credentials: <code>sudo -k</code> :* '''-l''': List the commands the current user is allowed to run: <code>sudo -l</code> ===su=== :* '''Su''': The su command allows you to switch to another user's account or become the superuser (root). When used without any options or arguments, it defaults to switching to the root user. Examples: :* Switch to the root user: <code>su</code> :* Switch to another user account. Replace username with the desired user: <code>su username</code> Options: :* '''-c''': Run a single command as another user, then return to the original user. Replace username with the desired user, and command with the command to be executed: <code>su -c 'command' username</code> :* '''-l''' or '''--login''': Start a login shell, which simulates a full login as the specified user: <code>su -l username</code> Both sudo and su have their own benefits and use cases. Generally, sudo is preferred for its granular control over user permissions and auditability. The su command is useful for switching between user accounts or running a series of commands as another user. Always exercise caution when using these commands, as elevated privileges can lead to unintended system changes. m81b2g89qy4j71uhnlpvjfj2oacgzra 0 87 335 2023-04-17T04:00:04Z imported>AwesomO 0 Created page with "=Linux processes and services= Linux processes and services are essential components of the operating system that help manage the execution of tasks and the availability of system resources. == Understanding processes == In Linux, a process is an instance of a running program or application. Each process has a unique Process ID (PID) and is managed by the operating system. Understanding processes can help you monitor and manage your system effectively, optimize perfor..." 335 wikitext text/x-wiki =Linux processes and services= Linux processes and services are essential components of the operating system that help manage the execution of tasks and the availability of system resources. == Understanding processes == In Linux, a process is an instance of a running program or application. Each process has a unique Process ID (PID) and is managed by the operating system. Understanding processes can help you monitor and manage your system effectively, optimize performance, and troubleshoot issues. ''''Process States''''': Processes can have different states, which indicate their current status in the system: : Running: The process is either executing on the CPU or waiting for its turn to execute. : Sleeping: The process is waiting for an event to occur, such as user input or the completion of another process. : Stopped: The process has been paused, usually by a user command or a debugger. : Zombie: The process has terminated, but its entry still exists in the process table to provide its exit status to its parent process. '''''Process Hierarchy''''': Processes in Linux have a hierarchical relationship, with parent and child processes. When a process creates another process, the original process is the parent, and the new process is the child. The parent process typically waits for the child process to complete before resuming execution. The first process in the hierarchy is the "init" process, which has a PID of 1 and is responsible for starting other processes during system boot. '''''Process Attributes''''': Each process has a set of attributes associated with it, including: :* Process ID (PID): A unique identifier for the process. :* Parent Process ID (PPID): The PID of the process's parent. :* User ID (UID): The user who owns the process. :* Group ID (GID): The group to which the user belongs. :* Nice value: A priority value that affects the process's scheduling priority. Lower nice values correspond to higher priority. :* Environment variables: A set of key-value pairs that provide configuration information to the process. ==Process management commands (ps, top, htop, kill)== :1. '''''ps''''': The ps command displays information about currently running processes. By default, it shows processes associated with the current terminal session. The command has various options to filter and format the output. Examples: :* ps: Lists processes running in the current terminal session. :* ps -e: Lists all processes running on the system. :* ps -u <username>: Lists processes owned by a specific user. :* ps -ef: Provides a detailed, full-format listing of all processes. :* ps -ef | grep <process_name>: Searches for processes with a specific name. 2. '''''top''''': top is a real-time, dynamic process monitoring tool that provides an overview of system performance, resource usage, and process information. It displays a live, scrolling list of processes, sorted by their CPU usage. Examples: :* top: Starts the top command with default settings. :* Press '''u''' and enter a username to filter processes by a specific user. :* Press '''M''' to sort processes by memory usage. :* Press '''P''' to sort processes by CPU usage. :* Press '''k''' followed by the PID to send a signal (e.g., SIGTERM) to a process. 3. '''''htop''''': htop is an enhanced version of top, providing a more user-friendly interface and additional features, such as process tree view, easier navigation, and color-coding. It needs to be installed separately on some systems. Examples: :* htop: Starts the htop command with default settings. :* Use the arrow keys to navigate through the process list. :* Press F6 to sort processes by different criteria. :* Press F9 to send a signal (e.g., SIGTERM) to a selected process. 4. '''''kill''''': The kill command sends a signal to a specified process, typically to terminate it. The most common signals are SIGTERM (15) and SIGKILL (9). Examples: :* kill -15 <PID>: Sends the SIGTERM signal to a process with a specific PID, allowing it to perform cleanup operations before terminating. :* kill -9 <PID>: Sends the SIGKILL signal to a process with a specific PID, forcefully terminating it without any cleanup. ===Finding and Force Stopping a Buggy Program===: :( Identify the buggy program by using <b>top</b>, <b>htop</b>, or <b>ps</b>. You can spot a problematic process by observing high CPU or memory usage, unresponsive behavior, or other unusual activity. :* Note the PID (Process ID) of the buggy program. :* Use the kill command to send a signal to the process. Start with SIGTERM (15) to allow the process to perform cleanup operations: <code>kill -15 <PID></code> If the process does not respond to SIGTERM or if it is necessary to forcefully stop it, use SIGKILL (9): <code>kill -9 <PID></code> : Verify that the process has been terminated by checking the process list again with top, htop, or ps. By using these process management commands, you can effectively monitor, manage, and troubleshoot processes on your Linux system. ===What a process did and if it spawned another process=== To find what a process did and if it spawned another process, you can use various tools and methods. Here are some approaches to trace process behavior and examine process relationships: : '''''1. pstree''''': pstree displays the processes running on the system as a tree, showing parent-child relationships. By examining this tree, you can identify if a process has spawned other processes. Example: :* '''pstree''': Displays the process tree for the entire system. :* '''pstree -p <PID>''': Shows the process tree starting from a specific process ID. : '''''2. ps with --forest option''''': Using the ps command with the --forest option shows the process hierarchy as a tree structure. Example: : '''ps -ef --forest''': Provides a detailed, full-format listing of all processes, displayed as a tree. : '''''3. Tracing process activity with strace''''': strace is a powerful utility that allows you to trace system calls and signals for a specific process. It can help you understand what a process did and its interactions with the system. Example: : '''strace -f -p <PID>''': Attaches to a running process and traces its system calls, including those of any child processes (-f flag). Please note that strace can generate a lot of output, and you might need to redirect it to a file for further analysis. : '''''4. Auditd''''': auditd is the Linux Audit Daemon, which can monitor and log system activity. By configuring auditd to watch specific system calls, you can trace what a process did and if it spawned any new processes. To set up auditd for process monitoring, you can create rules in /etc/audit/rules.d/audit.rules (or a separate file in that directory) to define the system calls you want to monitor. For example, to monitor process creation, you can add: <code>-a always,exit -F arch=b64 -S clone,fork,vfork -k process_creation</code> After configuring the rules, restart the auditd service, and then you can use the ausearch utility to search the audit logs for process-related events: <code>ausearch -k process_creation</code> These methods will help you investigate what a process did, including whether it spawned other processes, and gain insight into its behavior. ==Background and foreground processes== Processes can run in the background or foreground. Understanding the difference between background and foreground processes is essential for effectively managing tasks and system resources. * Foreground Processes Foreground processes are those that run interactively in the same terminal session where they were started. When a foreground process is running, the terminal session is blocked, meaning you cannot enter any new commands until the process is complete or paused. For example, if you open a text editor from the command line, it runs in the foreground, and you won't be able to use the terminal for other tasks until you close the text editor. * Background Processes: Background processes, on the other hand, run independently of the terminal session where they were started, allowing you to continue using the terminal for other tasks. Background processes are particularly useful for long-running tasks, such as downloading large files or running a web server, which do not require user interaction. Managing Background and Foreground Processes: :* To start a process in the background, add an ampersand (&) at the end of the command: <code>command &</code> :* For example, to start a download in the background, you might use: <code>wget http://example.com/large-file.zip &</code> If a foreground process is running and you want to move it to the background, press Ctrl + Z to pause the process and then enter the bg command to resume it in the background. :* To bring a background process to the foreground, use the fg command followed by the job number: <code>fg %jobnumber</code> : You can find the job number by using the '''jobs''' command, which lists all background processes associated with the current terminal session. : To list all running processes, use the ps command. You can use various options, such as '''ps aux''', to show more detailed information about the processes. Remember that closing the terminal session will terminate any associated background processes. To avoid this, you can use the nohup command or run the process in a terminal multiplexer like tmux or screen. ====Example==== Let's say you've started a large file download using the '''wget''' command in the terminal, and you realize that it's running in the foreground, preventing you from entering any new commands in the terminal: <code>wget http://example.com/large-file.zip</code> While the download is in progress, you can't use the terminal to perform other tasks. To move the running foreground process to the background: : Press '''Ctrl + Z''' to pause the process. The terminal will display a message like: <pre>[1]+ Stopped wget http://example.com/large-file.zip</pre> Here, [1] is the job number, which you'll need to reference the process later. Enter the bg command to resume the paused process in the background: <code>bg %1</code> : The %1 refers to the job number, which was displayed when you paused the process. You can also use the jobs command to list the job numbers of all background processes associated with the current terminal session. Now the wget process is running in the background, and you can continue using the terminal for other tasks. If you want to bring the background process back to the foreground, use the fg command with the job number: <code>fg %1</code> This will bring the wget process back to the foreground, and you'll be able to see its progress in the terminal. ==System services and daemons== System services and daemons are background processes that run on a Linux system to provide essential functionality or perform specific tasks. These processes typically start at boot time and run continuously until the system is shut down. They're not associated with a specific user or terminal session and usually run with root or a dedicated system user's privileges. '''System services''' are programs that provide various functionalities required for the smooth operation of a Linux system. Examples of system services include: : '''SSH server (sshd)''': Allows secure remote access to the system. : '''Web server (Apache, Nginx)''': Serves web pages and handles HTTP requests. : '''Database server (MySQL, PostgreSQL)''': Manages and serves databases for various applications. : '''Print server (CUPS)''': Handles print jobs and manages printers. '''Daemons''' are specialized services that run in the background and perform specific tasks without user intervention. They usually have a name ending in "d" (for daemon). Examples of daemons include: : '''cron''': Executes scheduled tasks (known as cron jobs) at specified intervals. : '''syslogd''': Collects and manages system logs. : '''NetworkManager''': Handles network connections and configurations. ==systemd and systemctl== systemd is a system and service manager for Linux operating systems. It is designed to provide better performance and more advanced features compared to traditional init systems like System V init and Upstart. systemd is the default init system in most modern Linux distributions, such as Fedora, Debian, Ubuntu, and CentOS. '''systemd''' uses units to manage resources and services. Units are defined by unit files, which are text files with a specific structure and syntax. There are several types of units, including service, socket, device, mount, and target. '''systemctl''' is the primary command-line tool for interacting with systemd. It allows you to manage and control the state of units, as well as the system itself. Here are some common systemctl commands and their explanations: :* List all units: <code>systemctl list-units</code> : This command displays a list of all currently loaded units, their states, and descriptions. :* List all services: <code>systemctl list-unit-files --type=service</code> : This command shows a list of all available service unit files and their statuses (enabled, disabled, or static). :* Start a service: <code>sudo systemctl start service_name</code> : This command starts the specified service (replace service_name with the actual service name). :* Stop a service: <code>sudo systemctl stop service_name</code> : This command stops the specified service. :* Restart a service: <code>sudo systemctl restart service_name</code> : This command restarts the specified service. :* Reload a service: <code>sudo systemctl reload service_name</code> : This command reloads the configuration of the specified service without restarting it (if the service supports this feature). :* Enable a service: <code>sudo systemctl enable service_name</code> : This command enables the specified service to start automatically at boot time. :* Disable a service: <code>sudo systemctl disable service_name</code> : This command disables the specified service from starting automatically at boot time. :* Check the status of a service: <code>systemctl status service_name</code> : This command displays detailed information about the specified service, including its current state, main process ID, and recent log entries. :* Reboot the system: <code>sudo systemctl reboot</code> : This command reboots the system immediately. Example: Let's say you want to manage the Nginx web server on your Linux system. You can use systemctl to start, stop, and check its status: :* Start Nginx: <code>sudo systemctl start nginx</code> :* Stop Nginx: <code>sudo systemctl stop nginx</code> :* Check the status of Nginx: <code>systemctl status nginx</code> By understanding how to use systemd and systemctl, you can effectively manage services and resources on your Linux system. ===Example=== Creating a systemd service to start '''ipfs daemon''' at startup. <code>$EDITOR /etc/systemd/system/ipfs.service</code> <pre> [Unit] Description =Start ipfs daemon [Service] Type=simple ExecStart=/usr/local/bin/ipfs daemon [Install] WantedBy=multi-user.target </pre> <code>systemctl enable ipfs.service</code> <code>systemctl start ipfs</code> To create a systemd service, you need to create a unit file with a .service extension in the /etc/systemd/system/ directory. Here's a breakdown of the example unit file you provided for the IPFS service: <pre> [Unit] Description = Start ipfs daemon </pre> :* [Unit]: This section provides general information about the service, such as its description, dependencies, and behavior in case of a failure. :* Description: A brief description of the service. <pre> [Service] Type=simple ExecStart=/usr/local/bin/ipfs daemon </pre> :* [Service]: This section specifies how the service should be started, stopped, and its behavior during runtime. :* Type=simple: The service type. In this case, simple means that the process started by ExecStart is the main process of the service. :* ExecStart: The command to start the service. Here, it is starting the IPFS daemon using the ipfs binary located in /usr/local/bin. <pre> [Install] WantedBy=multi-user.target </pre> :* [Install]: This section provides information about how the service should be installed and enabled. :* WantedBy: Specifies the target (a collection of systemd units) that this service should be a part of when it is enabled. In this case, it's the multi-user.target, which means the service should be started when the system reaches the multi-user mode. To enable and start the service, you run the following commands: <code>systemctl enable ipfs.service</code><br> <code>systemctl start ipfs</code> :* systemctl enable: Enables the service so that it starts automatically at boot. :* systemctl start: Starts the service immediately. Keep in mind that you need root privileges to create and manage systemd services. Use '''sudo''' when necessary. 314t43frelvt73mrt2k10m3bvch7xp2 0 88 336 2023-04-17T04:00:38Z imported>AwesomO 0 Created page with "=Linux Networking= Linux networking is an essential aspect of system administration and daily operations, as it enables communication between systems and provides access to various network resources. ==Network configuration and troubleshooting== ===Configuring network interfaces=== On Ubuntu, the network configuration is usually handled by the netplan utility, which generates configuration files for the system's network manager (e.g., NetworkManager or systemd-netwo..." 336 wikitext text/x-wiki =Linux Networking= Linux networking is an essential aspect of system administration and daily operations, as it enables communication between systems and provides access to various network resources. ==Network configuration and troubleshooting== ===Configuring network interfaces=== On Ubuntu, the network configuration is usually handled by the netplan utility, which generates configuration files for the system's network manager (e.g., NetworkManager or systemd-networkd) based on YAML configuration files. These files are typically located in /etc/netplan/. To configure a static IP address, follow these steps: :* a. List available network interfaces: <code>ip link show</code> :* b. Create or edit the netplan configuration file (e.g., /etc/netplan/01-netcfg.yaml): <code>sudo $EDITOR /etc/netplan/01-netcfg.yaml</code> :* c. Add the following configuration, replacing INTERFACE_NAME with the appropriate interface name (e.g., eth0 or enp0s3) and adjusting the IP addresses and gateway as needed: <pre> network: version: 2 renderer: networkd ethernets: INTERFACE_NAME: dhcp4: no addresses: - 192.168.1.100/24 gateway4: 192.168.1.1 nameservers: addresses: [8.8.8.8, 8.8.4.4] </pre> <div class="toccolours mw-collapsible mw-collapsed"> <b>/etc/netplan/01-netcfg.yaml</b> line-by-line explanation: <div class="mw-collapsible-content"> : '''network''':: This is the root element of the configuration file. It defines the start of the network configuration. : '''version: 2''': This specifies the configuration format version. Netplan uses version 2 by default. : '''renderer: networkd''': This sets the backend renderer that Netplan will use to generate the configuration files. networkd is a system service provided by systemd for managing networks. The other common renderer is '''NetworkManager''', which is a more user-friendly network management tool. : '''ethernets''':: This is a key representing a dictionary of Ethernet devices. Each entry in the dictionary corresponds to a single network interface. : '''INTERFACE_NAME''':: This is a placeholder for the actual network interface name (e.g., '''eth0''', '''enp0s3'''). Replace it with the name of the network interface you want to configure. : '''dhcp4''': no: This disables DHCPv4 for the network interface. When set to "no," the interface will not request an IP address automatically from a DHCP server. Instead, you will have to set a static IP address. : '''addresses''':: This key represents a list of IP addresses to assign to the network interface. : '''- 192.168.1.100/24''': This is the static IP address assigned to the network interface. The '''/24''' notation represents the subnet mask, which is equivalent to 255.255.255.0. : '''gateway4: 192.168.1.1''': This sets the IPv4 gateway (default route) for the network interface. This is the address of the router that connects the local network to other networks, such as the internet. : '''nameservers''':: This key represents the DNS configuration for the network interface. : '''addresses: [8.8.8.8, 8.8.4.4]''': This is a list of DNS server addresses that the system will use for domain name resolution. In this example, Google's public DNS servers (8.8.8.8 and 8.8.4.4) are used. This configuration sets up a network interface with a static IP address, disables DHCP, configures the gateway and DNS servers, and uses networkd as the renderer. </div> </div> :* d. Apply the changes: <code>sudo netplan apply</code> ===Troubleshooting network issues=== To diagnose connectivity issues, use the ping, traceroute, and nslookup or dig commands: : a. Check if you can reach a specific IP address: <code>ping 8.8.8.8</code> : b. Check if you can resolve a domain name: <code>nslookup example.com</code> or <code>dig example.com</code> : c. Trace the network path to a destination: <code>traceroute example.com</code> If you have connectivity issues, you can try to restart the networking service or the specific network interface: : Restart the networking service: <code>sudo systemctl restart networking</code> : Restart a specific network interface: Replace INTERFACE_NAME with the appropriate interface name. <pre> sudo ip link set INTERFACE_NAME down sudo ip link set INTERFACE_NAME up </pre> ==Network protocols and services== ===TCP/IP=== TCP/IP (Transmission Control Protocol/Internet Protocol) is the foundation of the internet and the most commonly used protocol suite for networking. It consists of multiple protocols that facilitate communication between devices on a network. TCP: A connection-oriented protocol that ensures reliable and ordered delivery of data packets between devices on a network. It establishes a connection, maintains the data flow, and closes the connection once data transmission is complete. IP: A connectionless protocol responsible for addressing and routing data packets across networks. It encapsulates data into packets and sends them to their destination based on the IP addresses of the source and destination devices. ===DHCP (Dynamic Host Configuration Protocol)=== DHCP is a network protocol that automatically assigns IP addresses and other network configuration parameters to devices on a network. It helps to automate IP address allocation, reducing the need for manual configuration. Example: To install and configure a DHCP server on Ubuntu, follow these steps: : Install the DHCP server package: <pre> sudo apt update sudo apt install isc-dhcp-server </pre> : Configure the DHCP server by editing its configuration file: <code>sudo $EDITOR /etc/dhcp/dhcpd.conf</code> : Add the following example configuration to the file (adjust the values according to your network requirements): <pre> subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.100 192.168.1.200; option domain-name-servers 8.8.8.8, 8.8.4.4; option routers 192.168.1.1; option subnet-mask 255.255.255.0; default-lease-time 600; max-lease-time 7200; } </pre> <div class="toccolours mw-collapsible mw-collapsed"> <b>/etc/dhcp/dhcpd.conf</b> :Explanation <div class="mw-collapsible-content"> : '''subnet 192.168.1.0 netmask 255.255.255.0 {''': This line defines the subnet (192.168.1.0) and its netmask (255.255.255.0). The netmask denotes that the first three octets (192.168.1) are the network part, and the last octet is for host addresses. : '''range 192.168.1.100 192.168.1.200;''': This line specifies the range of IP addresses (from 192.168.1.100 to 192.168.1.200) that the DHCP server can assign to devices on the network. : '''option domain-name-servers 8.8.8.8, 8.8.4.4;''': This line sets the DNS servers (8.8.8.8 and 8.8.4.4, which are Google's public DNS servers) that the DHCP server will provide to the devices on the network. : '''option routers 192.168.1.1;''': This line specifies the default gateway (192.168.1.1) that the DHCP server will provide to devices on the network for routing traffic outside the local subnet. : '''option subnet-mask 255.255.255.0;''': This line sets the subnet mask (255.255.255.0) that the DHCP server will provide to devices on the network. : '''default-lease-time 600;''': This line defines the default lease time (600 seconds, or 10 minutes) for the IP addresses assigned by the DHCP server. The lease time is the duration for which a device holds an IP address before it needs to be renewed. : '''max-lease-time 7200;''': This line sets the maximum lease time (7200 seconds, or 2 hours) for the IP addresses assigned by the DHCP server. If a device requests a lease time longer than the maximum lease time, the server will assign it the maximum lease time instead. : '''}''': This line marks the end of the configuration block for the specified subnet. </div> </div> : Restart the DHCP server to apply the changes: <code>sudo systemctl restart isc-dhcp-server</code> ===DNS (Domain Name System)=== DNS is a system that translates human-friendly domain names (e.g., www.example.com) into IP addresses (e.g., 192.0.2.1) that computers can understand. It acts as a phone book for the internet, allowing users to access websites and resources using domain names instead of IP addresses. Example: To configure a DNS server on Ubuntu using BIND9, follow these steps: : Install the BIND9 package: <pre> sudo apt update sudo apt install bind9 </pre> : Configure the DNS server by editing its configuration file: <code>sudo $EDITOR /etc/bind/named.conf.options</code> : Add the following example configuration to the file (you can replace the forwarders with the DNS servers of your choice): <pre> options { directory "/var/cache/bind"; recursion yes; allow-query { any; }; forwarders { 8.8.8.8; 8.8.4.4; }; }; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <b>/etc/bind/named.conf.options</b> explanation of each line: <div class="mw-collapsible-content"> : '''options {''': This line marks the beginning of the options block, which contains various settings for the DNS server. : '''directory "/var/cache/bind";''': This line sets the working directory for the BIND server to "/var/cache/bind", which is where the server will store its cache and other working files. : '''recursion yes;''': This line enables recursive queries on the DNS server. Recursive queries allow the server to forward queries to other DNS servers if it doesn't have the requested information in its cache or zone files. : '''allow-query { any; };''': This line sets the allowed sources for DNS queries. In this case, the server is configured to accept queries from any IP address. : '''forwarders {''': This line marks the beginning of the forwarders block, which contains a list of DNS servers to which the BIND server will forward queries it cannot answer. : '''8.8.8.8;''': This line specifies one of the forwarder DNS servers (8.8.8.8), which is one of Google's public DNS servers. : '''8.8.4.4;''': This line specifies another forwarder DNS server (8.8.4.4), which is another one of Google's public DNS servers. : '''};''': This line marks the end of the forwarders block. : '''};''': This line marks the end of the options block. </div> </div> : Restart the BIND9 service to apply the changes: <code>sudo systemctl restart bind9</code> Now, your Ubuntu system is configured to use BIND9 as its local DNS server, forwarding DNS queries to the specified forwarders. ==Remote access and management (SSH, SCP, SFTP)== SSH (Secure Shell) is a protocol used to securely access and manage remote Linux systems over an unsecured network. It encrypts all data transmitted between the client and server, ensuring the confidentiality and integrity of the data. SSH can be used for executing commands, managing files, and launching applications on remote systems. ===SSH=== SSH: To connect to a remote server using SSH, you need to have the OpenSSH client installed on your local machine and the OpenSSH server installed on the remote machine. In Ubuntu, you can install them using the following commands: <pre> sudo apt-get update sudo apt-get install openssh-client </pre> On the remote machine: <pre> sudo apt-get update sudo apt-get install openssh-server </pre> To connect to the remote server, use the following command: <code>ssh username@remote_host</code> Replace "username" with the remote user's username and "remote_host" with the remote server's IP address or hostname. ===SCP (Secure Copy)=== : SCP (Secure Copy): SCP is a file transfer protocol that uses SSH for secure data transfer. It allows you to copy files between local and remote systems or between two remote systems. To copy a file from the local machine to a remote machine, use the following command: <code>scp /path/to/local/file username@remote_host:/path/to/remote/directory</code> To copy a file from a remote machine to the local machine, use the following command: <code>scp username@remote_host:/path/to/remote/file /path/to/local/directory</code> ===SFTP (Secure File Transfer Protocol)=== : SFTP (Secure File Transfer Protocol): SFTP is another secure file transfer protocol that uses SSH for secure data transfer. Unlike SCP, SFTP provides an interactive command-line interface, similar to FTP, for managing files on the remote system. To start an SFTP session with a remote server, use the following command: <code>sftp username@remote_host</code> Once connected, you can use commands like ls, cd, get, put, and mkdir to navigate and manage files on the remote system. To exit the SFTP session, type exit or bye. These protocols and tools are essential for securely managing remote Linux systems and transferring files between them. ==Network Security and Firewalls: iptables and ufw== Network security is crucial to protect your Linux system from malicious traffic and unauthorized access. Firewalls act as a barrier between your system and the external network, allowing or blocking network traffic based on predefined rules. In this tutorial, we will discuss how to configure and manage firewalls using iptables and ufw. ===iptables=== iptables is a powerful command-line utility for managing the Linux kernel's netfilter framework. It allows you to create, modify, and manage firewall rules to control incoming and outgoing network traffic. Installing iptables iptables comes pre-installed on most Linux distributions, including Ubuntu. You can verify its installation by running: <code>sudo iptables --version</code> Basic iptables commands :* List current rules: '''sudo iptables -L''' :* Flush/Delete all rules: '''sudo iptables -F''' :* Save current rules: '''sudo iptables-save > /path/to/backup/file''' :* Restore saved rules: '''sudo iptables-restore < /path/to/backup/file''' Creating rules iptables rules are based on chains (INPUT, OUTPUT, and FORWARD) and targets (ACCEPT, DROP, and REJECT). : Allow all incoming SSH traffic: <code>sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT</code> : Block all incoming traffic from a specific IP address: <code>sudo iptables -A INPUT -s <IP_ADDRESS> -j DROP</code> : Allow all outgoing HTTP traffic: <code>sudo iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT</code> : Block all incoming traffic on a specific port: <code>sudo iptables -A INPUT -p tcp --dport <PORT_NUMBER> -j DROP</code> ===ufw (Uncomplicated Firewall)=== ufw is a user-friendly frontend for iptables that simplifies the process of configuring and managing firewalls. It is recommended for beginners and users who prefer a straightforward approach to firewall management. Installing ufw On Ubuntu, ufw comes pre-installed. You can verify its installation by running: <code>sudo ufw version</code> Enabling and disabling ufw : Enable ufw: '''sudo ufw enable''' : Disable ufw: '''sudo ufw disable''' Basic ufw commands : Check ufw status and rules: '''sudo ufw status''' : Reset ufw to default settings: '''sudo ufw reset''' Creating rules : Allow incoming SSH traffic: '''sudo ufw allow ssh''' : Block incoming traffic from a specific IP address: '''sudo ufw deny from <IP_ADDRESS>''' : Allow outgoing HTTP traffic: '''sudo ufw allow out http''' : Block incoming traffic on a specific port: '''sudo ufw deny in <PORT_NUMBER>''' In summary, network security and firewalls play a crucial role in protecting your Linux system. iptables and ufw are two powerful tools that can help you configure and manage firewalls to safeguard your system from unauthorized access and malicious traffic. reeo5v43wbtqytr17e9ekd2w0a4nwpi 366 336 2023-04-27T20:07:51Z AwesomO 5 /* SSH */ 366 wikitext text/x-wiki =Linux Networking= Linux networking is an essential aspect of system administration and daily operations, as it enables communication between systems and provides access to various network resources. ==Network configuration and troubleshooting== ===Configuring network interfaces=== On Ubuntu, the network configuration is usually handled by the netplan utility, which generates configuration files for the system's network manager (e.g., NetworkManager or systemd-networkd) based on YAML configuration files. These files are typically located in /etc/netplan/. To configure a static IP address, follow these steps: :* a. List available network interfaces: <code>ip link show</code> :* b. Create or edit the netplan configuration file (e.g., /etc/netplan/01-netcfg.yaml): <code>sudo $EDITOR /etc/netplan/01-netcfg.yaml</code> :* c. Add the following configuration, replacing INTERFACE_NAME with the appropriate interface name (e.g., eth0 or enp0s3) and adjusting the IP addresses and gateway as needed: <pre> network: version: 2 renderer: networkd ethernets: INTERFACE_NAME: dhcp4: no addresses: - 192.168.1.100/24 gateway4: 192.168.1.1 nameservers: addresses: [8.8.8.8, 8.8.4.4] </pre> <div class="toccolours mw-collapsible mw-collapsed"> <b>/etc/netplan/01-netcfg.yaml</b> line-by-line explanation: <div class="mw-collapsible-content"> : '''network''':: This is the root element of the configuration file. It defines the start of the network configuration. : '''version: 2''': This specifies the configuration format version. Netplan uses version 2 by default. : '''renderer: networkd''': This sets the backend renderer that Netplan will use to generate the configuration files. networkd is a system service provided by systemd for managing networks. The other common renderer is '''NetworkManager''', which is a more user-friendly network management tool. : '''ethernets''':: This is a key representing a dictionary of Ethernet devices. Each entry in the dictionary corresponds to a single network interface. : '''INTERFACE_NAME''':: This is a placeholder for the actual network interface name (e.g., '''eth0''', '''enp0s3'''). Replace it with the name of the network interface you want to configure. : '''dhcp4''': no: This disables DHCPv4 for the network interface. When set to "no," the interface will not request an IP address automatically from a DHCP server. Instead, you will have to set a static IP address. : '''addresses''':: This key represents a list of IP addresses to assign to the network interface. : '''- 192.168.1.100/24''': This is the static IP address assigned to the network interface. The '''/24''' notation represents the subnet mask, which is equivalent to 255.255.255.0. : '''gateway4: 192.168.1.1''': This sets the IPv4 gateway (default route) for the network interface. This is the address of the router that connects the local network to other networks, such as the internet. : '''nameservers''':: This key represents the DNS configuration for the network interface. : '''addresses: [8.8.8.8, 8.8.4.4]''': This is a list of DNS server addresses that the system will use for domain name resolution. In this example, Google's public DNS servers (8.8.8.8 and 8.8.4.4) are used. This configuration sets up a network interface with a static IP address, disables DHCP, configures the gateway and DNS servers, and uses networkd as the renderer. </div> </div> :* d. Apply the changes: <code>sudo netplan apply</code> ===Troubleshooting network issues=== To diagnose connectivity issues, use the ping, traceroute, and nslookup or dig commands: : a. Check if you can reach a specific IP address: <code>ping 8.8.8.8</code> : b. Check if you can resolve a domain name: <code>nslookup example.com</code> or <code>dig example.com</code> : c. Trace the network path to a destination: <code>traceroute example.com</code> If you have connectivity issues, you can try to restart the networking service or the specific network interface: : Restart the networking service: <code>sudo systemctl restart networking</code> : Restart a specific network interface: Replace INTERFACE_NAME with the appropriate interface name. <pre> sudo ip link set INTERFACE_NAME down sudo ip link set INTERFACE_NAME up </pre> ==Network protocols and services== ===TCP/IP=== TCP/IP (Transmission Control Protocol/Internet Protocol) is the foundation of the internet and the most commonly used protocol suite for networking. It consists of multiple protocols that facilitate communication between devices on a network. TCP: A connection-oriented protocol that ensures reliable and ordered delivery of data packets between devices on a network. It establishes a connection, maintains the data flow, and closes the connection once data transmission is complete. IP: A connectionless protocol responsible for addressing and routing data packets across networks. It encapsulates data into packets and sends them to their destination based on the IP addresses of the source and destination devices. ===DHCP (Dynamic Host Configuration Protocol)=== DHCP is a network protocol that automatically assigns IP addresses and other network configuration parameters to devices on a network. It helps to automate IP address allocation, reducing the need for manual configuration. Example: To install and configure a DHCP server on Ubuntu, follow these steps: : Install the DHCP server package: <pre> sudo apt update sudo apt install isc-dhcp-server </pre> : Configure the DHCP server by editing its configuration file: <code>sudo $EDITOR /etc/dhcp/dhcpd.conf</code> : Add the following example configuration to the file (adjust the values according to your network requirements): <pre> subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.100 192.168.1.200; option domain-name-servers 8.8.8.8, 8.8.4.4; option routers 192.168.1.1; option subnet-mask 255.255.255.0; default-lease-time 600; max-lease-time 7200; } </pre> <div class="toccolours mw-collapsible mw-collapsed"> <b>/etc/dhcp/dhcpd.conf</b> :Explanation <div class="mw-collapsible-content"> : '''subnet 192.168.1.0 netmask 255.255.255.0 {''': This line defines the subnet (192.168.1.0) and its netmask (255.255.255.0). The netmask denotes that the first three octets (192.168.1) are the network part, and the last octet is for host addresses. : '''range 192.168.1.100 192.168.1.200;''': This line specifies the range of IP addresses (from 192.168.1.100 to 192.168.1.200) that the DHCP server can assign to devices on the network. : '''option domain-name-servers 8.8.8.8, 8.8.4.4;''': This line sets the DNS servers (8.8.8.8 and 8.8.4.4, which are Google's public DNS servers) that the DHCP server will provide to the devices on the network. : '''option routers 192.168.1.1;''': This line specifies the default gateway (192.168.1.1) that the DHCP server will provide to devices on the network for routing traffic outside the local subnet. : '''option subnet-mask 255.255.255.0;''': This line sets the subnet mask (255.255.255.0) that the DHCP server will provide to devices on the network. : '''default-lease-time 600;''': This line defines the default lease time (600 seconds, or 10 minutes) for the IP addresses assigned by the DHCP server. The lease time is the duration for which a device holds an IP address before it needs to be renewed. : '''max-lease-time 7200;''': This line sets the maximum lease time (7200 seconds, or 2 hours) for the IP addresses assigned by the DHCP server. If a device requests a lease time longer than the maximum lease time, the server will assign it the maximum lease time instead. : '''}''': This line marks the end of the configuration block for the specified subnet. </div> </div> : Restart the DHCP server to apply the changes: <code>sudo systemctl restart isc-dhcp-server</code> ===DNS (Domain Name System)=== DNS is a system that translates human-friendly domain names (e.g., www.example.com) into IP addresses (e.g., 192.0.2.1) that computers can understand. It acts as a phone book for the internet, allowing users to access websites and resources using domain names instead of IP addresses. Example: To configure a DNS server on Ubuntu using BIND9, follow these steps: : Install the BIND9 package: <pre> sudo apt update sudo apt install bind9 </pre> : Configure the DNS server by editing its configuration file: <code>sudo $EDITOR /etc/bind/named.conf.options</code> : Add the following example configuration to the file (you can replace the forwarders with the DNS servers of your choice): <pre> options { directory "/var/cache/bind"; recursion yes; allow-query { any; }; forwarders { 8.8.8.8; 8.8.4.4; }; }; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <b>/etc/bind/named.conf.options</b> explanation of each line: <div class="mw-collapsible-content"> : '''options {''': This line marks the beginning of the options block, which contains various settings for the DNS server. : '''directory "/var/cache/bind";''': This line sets the working directory for the BIND server to "/var/cache/bind", which is where the server will store its cache and other working files. : '''recursion yes;''': This line enables recursive queries on the DNS server. Recursive queries allow the server to forward queries to other DNS servers if it doesn't have the requested information in its cache or zone files. : '''allow-query { any; };''': This line sets the allowed sources for DNS queries. In this case, the server is configured to accept queries from any IP address. : '''forwarders {''': This line marks the beginning of the forwarders block, which contains a list of DNS servers to which the BIND server will forward queries it cannot answer. : '''8.8.8.8;''': This line specifies one of the forwarder DNS servers (8.8.8.8), which is one of Google's public DNS servers. : '''8.8.4.4;''': This line specifies another forwarder DNS server (8.8.4.4), which is another one of Google's public DNS servers. : '''};''': This line marks the end of the forwarders block. : '''};''': This line marks the end of the options block. </div> </div> : Restart the BIND9 service to apply the changes: <code>sudo systemctl restart bind9</code> Now, your Ubuntu system is configured to use BIND9 as its local DNS server, forwarding DNS queries to the specified forwarders. ==Remote access and management (SSH, SCP, SFTP)== SSH (Secure Shell) is a protocol used to securely access and manage remote Linux systems over an unsecured network. It encrypts all data transmitted between the client and server, ensuring the confidentiality and integrity of the data. SSH can be used for executing commands, managing files, and launching applications on remote systems. ===SSH=== [[SSH_and_How_to_Use_It|Main ssh and sshd page can be found here - '''SSH and How to Use It''']] : SSH: To connect to a remote server using SSH, you need to have the OpenSSH client installed on your local machine and the OpenSSH server installed on the remote machine. In Ubuntu, you can install them using the following commands: <pre> sudo apt-get update sudo apt-get install openssh-client </pre> On the remote machine: <pre> sudo apt-get update sudo apt-get install openssh-server </pre> To connect to the remote server, use the following command: <code>ssh username@remote_host</code> Replace "username" with the remote user's username and "remote_host" with the remote server's IP address or hostname. ===SCP (Secure Copy)=== : SCP (Secure Copy): SCP is a file transfer protocol that uses SSH for secure data transfer. It allows you to copy files between local and remote systems or between two remote systems. To copy a file from the local machine to a remote machine, use the following command: <code>scp /path/to/local/file username@remote_host:/path/to/remote/directory</code> To copy a file from a remote machine to the local machine, use the following command: <code>scp username@remote_host:/path/to/remote/file /path/to/local/directory</code> ===SFTP (Secure File Transfer Protocol)=== : SFTP (Secure File Transfer Protocol): SFTP is another secure file transfer protocol that uses SSH for secure data transfer. Unlike SCP, SFTP provides an interactive command-line interface, similar to FTP, for managing files on the remote system. To start an SFTP session with a remote server, use the following command: <code>sftp username@remote_host</code> Once connected, you can use commands like ls, cd, get, put, and mkdir to navigate and manage files on the remote system. To exit the SFTP session, type exit or bye. These protocols and tools are essential for securely managing remote Linux systems and transferring files between them. ==Network Security and Firewalls: iptables and ufw== Network security is crucial to protect your Linux system from malicious traffic and unauthorized access. Firewalls act as a barrier between your system and the external network, allowing or blocking network traffic based on predefined rules. In this tutorial, we will discuss how to configure and manage firewalls using iptables and ufw. ===iptables=== iptables is a powerful command-line utility for managing the Linux kernel's netfilter framework. It allows you to create, modify, and manage firewall rules to control incoming and outgoing network traffic. Installing iptables iptables comes pre-installed on most Linux distributions, including Ubuntu. You can verify its installation by running: <code>sudo iptables --version</code> Basic iptables commands :* List current rules: '''sudo iptables -L''' :* Flush/Delete all rules: '''sudo iptables -F''' :* Save current rules: '''sudo iptables-save > /path/to/backup/file''' :* Restore saved rules: '''sudo iptables-restore < /path/to/backup/file''' Creating rules iptables rules are based on chains (INPUT, OUTPUT, and FORWARD) and targets (ACCEPT, DROP, and REJECT). : Allow all incoming SSH traffic: <code>sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT</code> : Block all incoming traffic from a specific IP address: <code>sudo iptables -A INPUT -s <IP_ADDRESS> -j DROP</code> : Allow all outgoing HTTP traffic: <code>sudo iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT</code> : Block all incoming traffic on a specific port: <code>sudo iptables -A INPUT -p tcp --dport <PORT_NUMBER> -j DROP</code> ===ufw (Uncomplicated Firewall)=== ufw is a user-friendly frontend for iptables that simplifies the process of configuring and managing firewalls. It is recommended for beginners and users who prefer a straightforward approach to firewall management. Installing ufw On Ubuntu, ufw comes pre-installed. You can verify its installation by running: <code>sudo ufw version</code> Enabling and disabling ufw : Enable ufw: '''sudo ufw enable''' : Disable ufw: '''sudo ufw disable''' Basic ufw commands : Check ufw status and rules: '''sudo ufw status''' : Reset ufw to default settings: '''sudo ufw reset''' Creating rules : Allow incoming SSH traffic: '''sudo ufw allow ssh''' : Block incoming traffic from a specific IP address: '''sudo ufw deny from <IP_ADDRESS>''' : Allow outgoing HTTP traffic: '''sudo ufw allow out http''' : Block incoming traffic on a specific port: '''sudo ufw deny in <PORT_NUMBER>''' In summary, network security and firewalls play a crucial role in protecting your Linux system. iptables and ufw are two powerful tools that can help you configure and manage firewalls to safeguard your system from unauthorized access and malicious traffic. jvj50l6g3zuupaio9e8d79y7z6vqxt4 0 89 337 2023-04-17T04:01:40Z imported>AwesomO 0 Created page with "A package management system, also known as a package manager, is a set of tools and processes that automate the installation, upgrading, configuration, and removal of software packages on a computer system. Package management systems simplify the process of managing software by handling package dependencies, versioning, and distribution in a consistent and organized manner. In the context of operating systems like Linux and Unix, software packages are bundles of files,..." 337 wikitext text/x-wiki A package management system, also known as a package manager, is a set of tools and processes that automate the installation, upgrading, configuration, and removal of software packages on a computer system. Package management systems simplify the process of managing software by handling package dependencies, versioning, and distribution in a consistent and organized manner. In the context of operating systems like Linux and Unix, software packages are bundles of files, libraries, executables, and metadata that together comprise a complete application or software component. Package managers are designed to manage these packages by tracking and resolving their dependencies, which are other software components that a package requires to function properly. Key functions of package management systems include: :* Maintaining repositories: Package managers connect to repositories, which are remote servers that store packages and their metadata. Repositories provide a centralized location for users to find, download, and install software packages. :* Managing dependencies: When installing or upgrading a package, the package manager ensures that all required dependencies are also installed, updated, or removed as necessary. This helps maintain system stability and prevents conflicts or broken software. :* Versioning: Package managers track and manage different versions of software packages, allowing users to install, upgrade, or downgrade specific versions as needed. :* Handling package conflicts: Package managers can detect and resolve conflicts between packages, ensuring that the system remains in a consistent state even when multiple packages have overlapping or conflicting requirements. :* Streamlining software installation and removal: Package managers automate the process of installing, upgrading, or removing software, making it easy for users to manage software on their systems without manual intervention. Popular package managers include APT (used in Debian-based distributions), YUM and DNF (used in Red Hat-based distributions), and pacman (used in Arch Linux-based distributions). Each package manager is designed to work with specific package formats (such as .deb or .rpm) and may have its unique commands and features, but their overall purpose remains the same: to simplify and automate the process of managing software on a computer system. == Package managers == Ubuntu is a popular Linux-based operating system that offers a wide range of applications for users. To install these applications, Ubuntu provides several package managers such as APT, Snap, AppImage, and Flatpak. Each package manager has its own advantages and disadvantages, and it's important to understand how they work and what they offer in order to choose the best one for your needs. '''APT''' (Advanced Package Tool) is the default package manager for Ubuntu, and it uses a command-line interface to manage packages. APT offers a large selection of packages, and it's designed to be stable and reliable. '''Snap''', on the other hand, is a newer package manager that offers a more user-friendly interface and sandboxed apps. It also offers automatic updates and rollbacks, making it easy to manage and maintain applications. '''AppImage''' and '''Flatpak''' are containerized formats that allow applications to run on multiple Linux distributions without needing to install dependencies. AppImage is a self-contained format that includes all dependencies, making it easy to run on any Linux distribution without needing to install anything. Flatpak, on the other hand, allows for more fine-grained control over dependencies and offers sandboxing and automatic updates. By understanding the differences between these package managers, you can choose the best one for your needs and enjoy a wide range of applications on Ubuntu. == Installing and updating software == ===APT=== :* Update the package index: Before installing or updating software, it's essential to update the package index to ensure you have the latest information about available packages and their versions. Run the following command: <code>sudo apt update</code> This command will download package information from your configured repositories and update the local package index. :* Search APT for packages To search for packages in the Ubuntu repository using APT, you can use the apt-cache search command followed by a keyword. For example: <code>sudo apt-cache search <package-name></code> Replace <package-name> with the name or keyword related to the package you are looking for. Once you have found the package you want to install, you can install it using the apt-get install or apt install command. :* Install a new package: To install a new package, use the apt install command followed by the package name: <code>sudo apt install <package-name></code> Replace <package-name> with the name of the package you want to install. APT will automatically handle the package's dependencies, installing them if necessary. :* Update installed packages: To update all the installed packages to their latest available versions, run: <code>sudo apt upgrade</code> This command will upgrade packages based on the updated package index. It's a good practice to run this command regularly to keep your system up to date and secure. :* Update a specific package: If you want to update a specific package, use the apt install command again: <code>sudo apt install --only-upgrade <package-name></code> Replace <package-name> with the name of the package you want to update. This command will only upgrade the specified package if a newer version is available. :* Remove a package: If you want to remove a package, use the apt remove command followed by the package name: <code>sudo apt remove <package-name></code> Replace <package-name> with the name of the package you want to remove. Note that this command does not remove the package's configuration files. If you want to remove the package along with its configuration files, use the apt purge command instead: <code>sudo apt purge <package-name></code> :* Clean up unused dependencies: Over time, your system may accumulate unused dependency packages. You can clean up these packages using the apt autoremove command: <code>sudo apt autoremove</code> This command will remove any packages that were installed as dependencies but are no longer needed by any installed software. :* Install from a <b>.deb</b> file To install a .deb file that you have downloaded or obtained from an external source, you can use the dpkg command. First, navigate to the directory containing the .deb file using the cd command: <code>cd /path/to/directory</code> Then, install the .deb file using the dpkg -i command: <code>sudo dpkg -i <filename.deb></code> Replace <filename.deb> with the exact name of the .deb file you want to install. Note that you can also use <b>path</b> if you do not want to <b>cd</b>:<code>sudo dpkg -i /path/to/program.deb</code> Note that if the .deb package has any unmet dependencies, the installation may fail. To resolve this issue and automatically install any missing dependencies, you can run the following command: <code>sudo apt-get install -f</code> or <code>sudo apt install -f</code> This will install any missing dependencies and complete the installation of the .deb package. ===Managing Package Repositories=== :* Introduction to Package Repositories : Package repositories are online servers that store software packages for installation and updates on Ubuntu systems. Ubuntu uses the Advanced Package Tool (APT) to manage these repositories. The default repositories include Main, Universe, Restricted, and Multiverse. You can also add third-party repositories (PPAs) for additional software. Default Repositories :* Main: Officially supported, open-source software maintained by Canonical. :* Universe: Community-maintained open-source software. :* Restricted: Proprietary drivers and software required for hardware compatibility. :* Multiverse: Software not compliant with the Ubuntu licensing policies. :* Updating Package List : Before installing new packages, you should update the package list to fetch the latest information from the repositories. :* Open a terminal (Ctrl+Alt+T) :* Run the following command: <code>sudo apt update</code> : Adding a Personal Package Archive (PPA) : PPAs are third-party repositories that contain software not available in the default repositories. :* To add a PPA, open a terminal and type: <code>sudo add-apt-repository ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> Removing a PPA :* To remove a PPA, open a terminal and type: <code>sudo add-apt-repository --remove ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> Editing Repository Configuration Files The repository configuration files are stored in the '''/etc/apt/sources.list''' file and the files inside '''/etc/apt/sources.list.d/''' directory. :* To edit the sources.list file, open a terminal and type: <code>sudo nano /etc/apt/sources.list</code> Make the necessary changes, save (Ctrl+O), and exit (Ctrl+X). Update the package list: <code>sudo apt update</code> Managing Repositories with Software & Updates :* You can also manage repositories using the Software & Updates application. :* Open the application by searching "Software & Updates" in the applications menu. :* In the "Ubuntu Software" tab, you can enable or disable the default repositories. :* In the "Other Software" tab, you can add, edit, or remove third-party repositories. :* After making changes, click "Close" and then click "Reload" to update the package list. By following this tutorial, you'll be able to manage package repositories on your Ubuntu system, adding or removing PPAs as needed to install or update software. ====Dependency Management==== In Ubuntu, software packages often rely on other packages to function properly. These required packages are called dependencies. The Advanced Package Tool (APT) automatically handles dependency management, ensuring that all required packages are installed or updated when you install, update, or remove a package. :* Installing a Package and Its Dependencies : When you install a package using APT, it automatically resolves and installs the dependencies. :* Open a terminal (Ctrl+Alt+T) :* Install a package and its dependencies using the following command: <code>sudo apt install package-name</code> : Replace "package-name" with the appropriate package name. :* Updating Packages and Dependencies : APT also manages the dependencies while updating packages. :* To update all installed packages and their dependencies, run the following command: <code>sudo apt update && sudo apt upgrade</code> :* Removing a Package and Unused Dependencies : When you remove a package, APT will not automatically remove its dependencies if they are no longer required. To remove unused dependencies, use the 'autoremove' command. :* To remove a package and its unused dependencies, run: <code>sudo apt remove package-name && sudo apt autoremove</code> :* Replace "package-name" with the appropriate package name. :* Fixing Broken Dependencies : Sometimes, you may encounter broken dependencies due to various reasons, such as interrupted installations or package conflicts. You can use APT to fix these issues. :* To fix broken dependencies, run the following commands: <pre> sudo apt update sudo apt install -f </pre> :* Listing Dependencies of a Package : You can use the '''apt-cache''' command to list the dependencies of a specific package without installing it. :* To list the dependencies, run: <code>apt-cache depends package-name</code> :* Replace "package-name" with the appropriate package name. :* Listing Reverse Dependencies : Reverse dependencies are packages that depend on a specific package. You can list them using the 'apt-cache' command. :* To list reverse dependencies, run: <code>apt-cache rdepends package-name</code> Replace "package-name" with the appropriate package name. ====Create a deb package==== ====Create deb repository==== ===Snaps=== Ubuntu Snap packages are a universal packaging format designed to work across different Linux distributions. Snap packages are self-contained and automatically updated, which makes them a convenient choice for both sysadmins and new users. Here's an in-depth guide to help you understand and use Snap packages in Ubuntu: :* Installation of Snapd: Before you can manage Snap packages, you need to have the snapd service installed on your Ubuntu system. It usually comes pre-installed on recent versions of Ubuntu. Check <b>snapd</b> is installed on your system with:<br> <code>snap --version</code> However, if it's not installed, you can install it using the following command: <pre> sudo apt update sudo apt install snapd </pre> :* Searching for Snap packages: To search for available Snap packages, use the snap find command followed by a keyword: <code>snap find <keyword></code> Replace <keyword> with the name or keyword related to the package you are looking for. :* Installing Snap packages: To install a Snap package, use the snap install command: <code>sudo snap install <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to install. :* Listing installed Snap packages: To see a list of installed Snap packages on your system, use the snap list command: <code>snap list</code> :* Updating Snap packages: Snap packages are updated automatically by default. However, if you want to manually update a specific Snap package, you can use the snap refresh command: <code>sudo snap refresh <snap-package-name></code> To update all Snap packages on your system, simply run: <code>sudo snap refresh</code> :* Removing Snap packages: To remove an installed Snap package, use the snap remove command: <code>sudo snap remove <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to remove. :* Managing Snap package services: Some Snap packages provide system services. You can manage these services using the snap services command: <code>snap services</code> This will list all services provided by installed Snap packages. To start, stop, restart, or check the status of a Snap service, use the following commands: <pre> sudo snap start <snap-package-name> sudo snap stop <snap-package-name> sudo snap restart <snap-package-name> sudo snap status <snap-package-name> </pre> Replace <snap-package-name> with the exact name of the Snap package containing the service you want to manage. :* Snap package channels: Snap packages are distributed through different channels, such as stable, candidate, beta, and edge. By default, the stable channel is used. To install a Snap package from a specific channel, use the --channel option: <code>sudo snap install <snap-package-name> --channel=<channel-name></code> Replace <snap-package-name> with the name of the Snap package and <channel-name> with the desired channel (e.g., stable, candidate, beta, or edge). For more information and advanced options, you can refer to the official Snapcraft documentation: https://snapcraft.io/docs ====Create a snap package==== ===AppImage=== ===Flatpak=== nd6xshmr09nssfxwb76fm50sb2op034 338 337 2023-04-17T19:42:53Z imported>AwesomO 0 /* Snaps */ 338 wikitext text/x-wiki A package management system, also known as a package manager, is a set of tools and processes that automate the installation, upgrading, configuration, and removal of software packages on a computer system. Package management systems simplify the process of managing software by handling package dependencies, versioning, and distribution in a consistent and organized manner. In the context of operating systems like Linux and Unix, software packages are bundles of files, libraries, executables, and metadata that together comprise a complete application or software component. Package managers are designed to manage these packages by tracking and resolving their dependencies, which are other software components that a package requires to function properly. Key functions of package management systems include: :* Maintaining repositories: Package managers connect to repositories, which are remote servers that store packages and their metadata. Repositories provide a centralized location for users to find, download, and install software packages. :* Managing dependencies: When installing or upgrading a package, the package manager ensures that all required dependencies are also installed, updated, or removed as necessary. This helps maintain system stability and prevents conflicts or broken software. :* Versioning: Package managers track and manage different versions of software packages, allowing users to install, upgrade, or downgrade specific versions as needed. :* Handling package conflicts: Package managers can detect and resolve conflicts between packages, ensuring that the system remains in a consistent state even when multiple packages have overlapping or conflicting requirements. :* Streamlining software installation and removal: Package managers automate the process of installing, upgrading, or removing software, making it easy for users to manage software on their systems without manual intervention. Popular package managers include APT (used in Debian-based distributions), YUM and DNF (used in Red Hat-based distributions), and pacman (used in Arch Linux-based distributions). Each package manager is designed to work with specific package formats (such as .deb or .rpm) and may have its unique commands and features, but their overall purpose remains the same: to simplify and automate the process of managing software on a computer system. == Package managers == Ubuntu is a popular Linux-based operating system that offers a wide range of applications for users. To install these applications, Ubuntu provides several package managers such as APT, Snap, AppImage, and Flatpak. Each package manager has its own advantages and disadvantages, and it's important to understand how they work and what they offer in order to choose the best one for your needs. '''APT''' (Advanced Package Tool) is the default package manager for Ubuntu, and it uses a command-line interface to manage packages. APT offers a large selection of packages, and it's designed to be stable and reliable. '''Snap''', on the other hand, is a newer package manager that offers a more user-friendly interface and sandboxed apps. It also offers automatic updates and rollbacks, making it easy to manage and maintain applications. '''AppImage''' and '''Flatpak''' are containerized formats that allow applications to run on multiple Linux distributions without needing to install dependencies. AppImage is a self-contained format that includes all dependencies, making it easy to run on any Linux distribution without needing to install anything. Flatpak, on the other hand, allows for more fine-grained control over dependencies and offers sandboxing and automatic updates. By understanding the differences between these package managers, you can choose the best one for your needs and enjoy a wide range of applications on Ubuntu. == Installing and updating software == ===APT=== :* Update the package index: Before installing or updating software, it's essential to update the package index to ensure you have the latest information about available packages and their versions. Run the following command: <code>sudo apt update</code> This command will download package information from your configured repositories and update the local package index. :* Search APT for packages To search for packages in the Ubuntu repository using APT, you can use the apt-cache search command followed by a keyword. For example: <code>sudo apt-cache search <package-name></code> Replace <package-name> with the name or keyword related to the package you are looking for. Once you have found the package you want to install, you can install it using the apt-get install or apt install command. :* Install a new package: To install a new package, use the apt install command followed by the package name: <code>sudo apt install <package-name></code> Replace <package-name> with the name of the package you want to install. APT will automatically handle the package's dependencies, installing them if necessary. :* Update installed packages: To update all the installed packages to their latest available versions, run: <code>sudo apt upgrade</code> This command will upgrade packages based on the updated package index. It's a good practice to run this command regularly to keep your system up to date and secure. :* Update a specific package: If you want to update a specific package, use the apt install command again: <code>sudo apt install --only-upgrade <package-name></code> Replace <package-name> with the name of the package you want to update. This command will only upgrade the specified package if a newer version is available. :* Remove a package: If you want to remove a package, use the apt remove command followed by the package name: <code>sudo apt remove <package-name></code> Replace <package-name> with the name of the package you want to remove. Note that this command does not remove the package's configuration files. If you want to remove the package along with its configuration files, use the apt purge command instead: <code>sudo apt purge <package-name></code> :* Clean up unused dependencies: Over time, your system may accumulate unused dependency packages. You can clean up these packages using the apt autoremove command: <code>sudo apt autoremove</code> This command will remove any packages that were installed as dependencies but are no longer needed by any installed software. :* Install from a <b>.deb</b> file To install a .deb file that you have downloaded or obtained from an external source, you can use the dpkg command. First, navigate to the directory containing the .deb file using the cd command: <code>cd /path/to/directory</code> Then, install the .deb file using the dpkg -i command: <code>sudo dpkg -i <filename.deb></code> Replace <filename.deb> with the exact name of the .deb file you want to install. Note that you can also use <b>path</b> if you do not want to <b>cd</b>:<code>sudo dpkg -i /path/to/program.deb</code> Note that if the .deb package has any unmet dependencies, the installation may fail. To resolve this issue and automatically install any missing dependencies, you can run the following command: <code>sudo apt-get install -f</code> or <code>sudo apt install -f</code> This will install any missing dependencies and complete the installation of the .deb package. ===Managing Package Repositories=== :* Introduction to Package Repositories : Package repositories are online servers that store software packages for installation and updates on Ubuntu systems. Ubuntu uses the Advanced Package Tool (APT) to manage these repositories. The default repositories include Main, Universe, Restricted, and Multiverse. You can also add third-party repositories (PPAs) for additional software. Default Repositories :* Main: Officially supported, open-source software maintained by Canonical. :* Universe: Community-maintained open-source software. :* Restricted: Proprietary drivers and software required for hardware compatibility. :* Multiverse: Software not compliant with the Ubuntu licensing policies. :* Updating Package List : Before installing new packages, you should update the package list to fetch the latest information from the repositories. :* Open a terminal (Ctrl+Alt+T) :* Run the following command: <code>sudo apt update</code> : Adding a Personal Package Archive (PPA) : PPAs are third-party repositories that contain software not available in the default repositories. :* To add a PPA, open a terminal and type: <code>sudo add-apt-repository ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> Removing a PPA :* To remove a PPA, open a terminal and type: <code>sudo add-apt-repository --remove ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> Editing Repository Configuration Files The repository configuration files are stored in the '''/etc/apt/sources.list''' file and the files inside '''/etc/apt/sources.list.d/''' directory. :* To edit the sources.list file, open a terminal and type: <code>sudo nano /etc/apt/sources.list</code> Make the necessary changes, save (Ctrl+O), and exit (Ctrl+X). Update the package list: <code>sudo apt update</code> Managing Repositories with Software & Updates :* You can also manage repositories using the Software & Updates application. :* Open the application by searching "Software & Updates" in the applications menu. :* In the "Ubuntu Software" tab, you can enable or disable the default repositories. :* In the "Other Software" tab, you can add, edit, or remove third-party repositories. :* After making changes, click "Close" and then click "Reload" to update the package list. By following this tutorial, you'll be able to manage package repositories on your Ubuntu system, adding or removing PPAs as needed to install or update software. ====Dependency Management==== In Ubuntu, software packages often rely on other packages to function properly. These required packages are called dependencies. The Advanced Package Tool (APT) automatically handles dependency management, ensuring that all required packages are installed or updated when you install, update, or remove a package. :* Installing a Package and Its Dependencies : When you install a package using APT, it automatically resolves and installs the dependencies. :* Open a terminal (Ctrl+Alt+T) :* Install a package and its dependencies using the following command: <code>sudo apt install package-name</code> : Replace "package-name" with the appropriate package name. :* Updating Packages and Dependencies : APT also manages the dependencies while updating packages. :* To update all installed packages and their dependencies, run the following command: <code>sudo apt update && sudo apt upgrade</code> :* Removing a Package and Unused Dependencies : When you remove a package, APT will not automatically remove its dependencies if they are no longer required. To remove unused dependencies, use the 'autoremove' command. :* To remove a package and its unused dependencies, run: <code>sudo apt remove package-name && sudo apt autoremove</code> :* Replace "package-name" with the appropriate package name. :* Fixing Broken Dependencies : Sometimes, you may encounter broken dependencies due to various reasons, such as interrupted installations or package conflicts. You can use APT to fix these issues. :* To fix broken dependencies, run the following commands: <pre> sudo apt update sudo apt install -f </pre> :* Listing Dependencies of a Package : You can use the '''apt-cache''' command to list the dependencies of a specific package without installing it. :* To list the dependencies, run: <code>apt-cache depends package-name</code> :* Replace "package-name" with the appropriate package name. :* Listing Reverse Dependencies : Reverse dependencies are packages that depend on a specific package. You can list them using the 'apt-cache' command. :* To list reverse dependencies, run: <code>apt-cache rdepends package-name</code> Replace "package-name" with the appropriate package name. ====Create a deb package==== ====Create deb repository==== ===Snaps=== Ubuntu Snap packages are a universal packaging format designed to work across different Linux distributions. Snap packages are self-contained and automatically updated, which makes them a convenient choice for both sysadmins and new users. Here's an in-depth guide to help you understand and use Snap packages in Ubuntu: :* ''' Installation of Snapd:''' Before you can manage Snap packages, you need to have the snapd service installed on your Ubuntu system. It usually comes pre-installed on recent versions of Ubuntu. Check <b>snapd</b> is installed on your system with:<br> <code>snap --version</code> However, if it's not installed, you can install it using the following command: <pre> sudo apt update sudo apt install snapd </pre> :* '''Searching for Snap packages:''' To search for available Snap packages, use the snap find command followed by a keyword: <code>snap find <keyword></code> Replace <keyword> with the name or keyword related to the package you are looking for. :* '''Installing Snap packages:''' To install a Snap package, use the snap install command: <code>sudo snap install <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to install. :* '''Listing installed Snap packages:''' To see a list of installed Snap packages on your system, use the snap list command: <code>snap list</code> :* '''Updating Snap packages:''' Snap packages are updated automatically by default. However, if you want to manually update a specific Snap package, you can use the snap refresh command: <code>sudo snap refresh <snap-package-name></code> To update all Snap packages on your system, simply run: <code>sudo snap refresh</code> :* '''Removing Snap packages:''' To remove an installed Snap package, use the snap remove command: <code>sudo snap remove <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to remove. :* '''Removing Snap and also delete the package's data and configuration files.''' <code>snap remove --purge example_package</code> : The --purge option is used to specify that you not only want to remove the snap package, but also to delete its associated data and configuration files. This option helps ensure that all remnants of the package are removed from your system, providing a clean uninstall. :* '''Managing Snap package services:''' Some Snap packages provide system services. You can manage these services using the snap services command: <code>snap services</code> This will list all services provided by installed Snap packages. To start, stop, restart, or check the status of a Snap service, use the following commands: <pre> sudo snap start <snap-package-name> sudo snap stop <snap-package-name> sudo snap restart <snap-package-name> sudo snap status <snap-package-name> </pre> Replace <snap-package-name> with the exact name of the Snap package containing the service you want to manage. :* '''Snap package channels:''' Snap packages are distributed through different channels, such as stable, candidate, beta, and edge. By default, the stable channel is used. To install a Snap package from a specific channel, use the --channel option: <code>sudo snap install <snap-package-name> --channel=<channel-name></code> Replace <snap-package-name> with the name of the Snap package and <channel-name> with the desired channel (e.g., stable, candidate, beta, or edge). For more information and advanced options, you can refer to the official Snapcraft documentation: https://snapcraft.io/docs ====Create a snap package==== ===AppImage=== ===Flatpak=== jezla2a2b00oqcre32mdhcxyli9bp5g 339 338 2023-04-18T01:41:22Z imported>AwesomO 0 /* APT */ 339 wikitext text/x-wiki A package management system, also known as a package manager, is a set of tools and processes that automate the installation, upgrading, configuration, and removal of software packages on a computer system. Package management systems simplify the process of managing software by handling package dependencies, versioning, and distribution in a consistent and organized manner. In the context of operating systems like Linux and Unix, software packages are bundles of files, libraries, executables, and metadata that together comprise a complete application or software component. Package managers are designed to manage these packages by tracking and resolving their dependencies, which are other software components that a package requires to function properly. Key functions of package management systems include: :* Maintaining repositories: Package managers connect to repositories, which are remote servers that store packages and their metadata. Repositories provide a centralized location for users to find, download, and install software packages. :* Managing dependencies: When installing or upgrading a package, the package manager ensures that all required dependencies are also installed, updated, or removed as necessary. This helps maintain system stability and prevents conflicts or broken software. :* Versioning: Package managers track and manage different versions of software packages, allowing users to install, upgrade, or downgrade specific versions as needed. :* Handling package conflicts: Package managers can detect and resolve conflicts between packages, ensuring that the system remains in a consistent state even when multiple packages have overlapping or conflicting requirements. :* Streamlining software installation and removal: Package managers automate the process of installing, upgrading, or removing software, making it easy for users to manage software on their systems without manual intervention. Popular package managers include APT (used in Debian-based distributions), YUM and DNF (used in Red Hat-based distributions), and pacman (used in Arch Linux-based distributions). Each package manager is designed to work with specific package formats (such as .deb or .rpm) and may have its unique commands and features, but their overall purpose remains the same: to simplify and automate the process of managing software on a computer system. == Package managers == Ubuntu is a popular Linux-based operating system that offers a wide range of applications for users. To install these applications, Ubuntu provides several package managers such as APT, Snap, AppImage, and Flatpak. Each package manager has its own advantages and disadvantages, and it's important to understand how they work and what they offer in order to choose the best one for your needs. '''APT''' (Advanced Package Tool) is the default package manager for Ubuntu, and it uses a command-line interface to manage packages. APT offers a large selection of packages, and it's designed to be stable and reliable. '''Snap''', on the other hand, is a newer package manager that offers a more user-friendly interface and sandboxed apps. It also offers automatic updates and rollbacks, making it easy to manage and maintain applications. '''AppImage''' and '''Flatpak''' are containerized formats that allow applications to run on multiple Linux distributions without needing to install dependencies. AppImage is a self-contained format that includes all dependencies, making it easy to run on any Linux distribution without needing to install anything. Flatpak, on the other hand, allows for more fine-grained control over dependencies and offers sandboxing and automatic updates. By understanding the differences between these package managers, you can choose the best one for your needs and enjoy a wide range of applications on Ubuntu. == Installing and updating software == ===APT=== ==== Update the package index:==== Before installing or updating software, it's essential to update the package index to ensure you have the latest information about available packages and their versions. Run the following command: <code>sudo apt update</code> This command will download package information from your configured repositories and update the local package index. :* Search APT for packages To search for packages in the Ubuntu repository using APT, you can use the apt-cache search command followed by a keyword. For example: <code>sudo apt-cache search <package-name></code> Replace <package-name> with the name or keyword related to the package you are looking for. Once you have found the package you want to install, you can install it using the apt-get install or apt install command. :* Install a new package: To install a new package, use the apt install command followed by the package name: <code>sudo apt install <package-name></code> Replace <package-name> with the name of the package you want to install. APT will automatically handle the package's dependencies, installing them if necessary. ==== Update installed packages:==== To update all the installed packages to their latest available versions, run: <code>sudo apt upgrade</code> This command will upgrade packages based on the updated package index. It's a good practice to run this command regularly to keep your system up to date and secure. ==== Update a specific package:==== If you want to update a specific package, use the apt install command again: <code>sudo apt install --only-upgrade <package-name></code> Replace <package-name> with the name of the package you want to update. This command will only upgrade the specified package if a newer version is available. ==== Remove a package:==== If you want to remove a package, use the apt remove command followed by the package name: <code>sudo apt remove <package-name></code> Replace <package-name> with the name of the package you want to remove. Note that this command does not remove the package's configuration files. If you want to remove the package along with its configuration files, use the apt purge command instead: <code>sudo apt purge <package-name></code> ==== Clean up unused dependencies:==== Over time, your system may accumulate unused dependency packages. You can clean up these packages using the apt autoremove command: <code>sudo apt autoremove</code> This command will remove any packages that were installed as dependencies but are no longer needed by any installed software. ==== Install from a <b>.deb</b> file==== To install a .deb file that you have downloaded or obtained from an external source, you can use the dpkg command. First, navigate to the directory containing the .deb file using the cd command: <code>cd /path/to/directory</code> Then, install the .deb file using the dpkg -i command: <code>sudo dpkg -i <filename.deb></code> Replace <filename.deb> with the exact name of the .deb file you want to install. Note that you can also use <b>path</b> if you do not want to <b>cd</b>:<code>sudo dpkg -i /path/to/program.deb</code> Note that if the .deb package has any unmet dependencies, the installation may fail. To resolve this issue and automatically install any missing dependencies, you can run the following command: <code>sudo apt-get install -f</code> or <code>sudo apt install -f</code> This will install any missing dependencies and complete the installation of the .deb package. ===Managing Package Repositories=== :* Introduction to Package Repositories : Package repositories are online servers that store software packages for installation and updates on Ubuntu systems. Ubuntu uses the Advanced Package Tool (APT) to manage these repositories. The default repositories include Main, Universe, Restricted, and Multiverse. You can also add third-party repositories (PPAs) for additional software. Default Repositories :* Main: Officially supported, open-source software maintained by Canonical. :* Universe: Community-maintained open-source software. :* Restricted: Proprietary drivers and software required for hardware compatibility. :* Multiverse: Software not compliant with the Ubuntu licensing policies. :* Updating Package List : Before installing new packages, you should update the package list to fetch the latest information from the repositories. :* Open a terminal (Ctrl+Alt+T) :* Run the following command: <code>sudo apt update</code> : Adding a Personal Package Archive (PPA) : PPAs are third-party repositories that contain software not available in the default repositories. :* To add a PPA, open a terminal and type: <code>sudo add-apt-repository ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> Removing a PPA :* To remove a PPA, open a terminal and type: <code>sudo add-apt-repository --remove ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> Editing Repository Configuration Files The repository configuration files are stored in the '''/etc/apt/sources.list''' file and the files inside '''/etc/apt/sources.list.d/''' directory. :* To edit the sources.list file, open a terminal and type: <code>sudo nano /etc/apt/sources.list</code> Make the necessary changes, save (Ctrl+O), and exit (Ctrl+X). Update the package list: <code>sudo apt update</code> Managing Repositories with Software & Updates :* You can also manage repositories using the Software & Updates application. :* Open the application by searching "Software & Updates" in the applications menu. :* In the "Ubuntu Software" tab, you can enable or disable the default repositories. :* In the "Other Software" tab, you can add, edit, or remove third-party repositories. :* After making changes, click "Close" and then click "Reload" to update the package list. By following this tutorial, you'll be able to manage package repositories on your Ubuntu system, adding or removing PPAs as needed to install or update software. ====Dependency Management==== In Ubuntu, software packages often rely on other packages to function properly. These required packages are called dependencies. The Advanced Package Tool (APT) automatically handles dependency management, ensuring that all required packages are installed or updated when you install, update, or remove a package. :* Installing a Package and Its Dependencies : When you install a package using APT, it automatically resolves and installs the dependencies. :* Open a terminal (Ctrl+Alt+T) :* Install a package and its dependencies using the following command: <code>sudo apt install package-name</code> : Replace "package-name" with the appropriate package name. :* Updating Packages and Dependencies : APT also manages the dependencies while updating packages. :* To update all installed packages and their dependencies, run the following command: <code>sudo apt update && sudo apt upgrade</code> :* Removing a Package and Unused Dependencies : When you remove a package, APT will not automatically remove its dependencies if they are no longer required. To remove unused dependencies, use the 'autoremove' command. :* To remove a package and its unused dependencies, run: <code>sudo apt remove package-name && sudo apt autoremove</code> :* Replace "package-name" with the appropriate package name. :* Fixing Broken Dependencies : Sometimes, you may encounter broken dependencies due to various reasons, such as interrupted installations or package conflicts. You can use APT to fix these issues. :* To fix broken dependencies, run the following commands: <pre> sudo apt update sudo apt install -f </pre> :* Listing Dependencies of a Package : You can use the '''apt-cache''' command to list the dependencies of a specific package without installing it. :* To list the dependencies, run: <code>apt-cache depends package-name</code> :* Replace "package-name" with the appropriate package name. :* Listing Reverse Dependencies : Reverse dependencies are packages that depend on a specific package. You can list them using the 'apt-cache' command. :* To list reverse dependencies, run: <code>apt-cache rdepends package-name</code> Replace "package-name" with the appropriate package name. ====Create a deb package==== ====Create deb repository==== ===Snaps=== Ubuntu Snap packages are a universal packaging format designed to work across different Linux distributions. Snap packages are self-contained and automatically updated, which makes them a convenient choice for both sysadmins and new users. Here's an in-depth guide to help you understand and use Snap packages in Ubuntu: :* ''' Installation of Snapd:''' Before you can manage Snap packages, you need to have the snapd service installed on your Ubuntu system. It usually comes pre-installed on recent versions of Ubuntu. Check <b>snapd</b> is installed on your system with:<br> <code>snap --version</code> However, if it's not installed, you can install it using the following command: <pre> sudo apt update sudo apt install snapd </pre> :* '''Searching for Snap packages:''' To search for available Snap packages, use the snap find command followed by a keyword: <code>snap find <keyword></code> Replace <keyword> with the name or keyword related to the package you are looking for. :* '''Installing Snap packages:''' To install a Snap package, use the snap install command: <code>sudo snap install <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to install. :* '''Listing installed Snap packages:''' To see a list of installed Snap packages on your system, use the snap list command: <code>snap list</code> :* '''Updating Snap packages:''' Snap packages are updated automatically by default. However, if you want to manually update a specific Snap package, you can use the snap refresh command: <code>sudo snap refresh <snap-package-name></code> To update all Snap packages on your system, simply run: <code>sudo snap refresh</code> :* '''Removing Snap packages:''' To remove an installed Snap package, use the snap remove command: <code>sudo snap remove <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to remove. :* '''Removing Snap and also delete the package's data and configuration files.''' <code>snap remove --purge example_package</code> : The --purge option is used to specify that you not only want to remove the snap package, but also to delete its associated data and configuration files. This option helps ensure that all remnants of the package are removed from your system, providing a clean uninstall. :* '''Managing Snap package services:''' Some Snap packages provide system services. You can manage these services using the snap services command: <code>snap services</code> This will list all services provided by installed Snap packages. To start, stop, restart, or check the status of a Snap service, use the following commands: <pre> sudo snap start <snap-package-name> sudo snap stop <snap-package-name> sudo snap restart <snap-package-name> sudo snap status <snap-package-name> </pre> Replace <snap-package-name> with the exact name of the Snap package containing the service you want to manage. :* '''Snap package channels:''' Snap packages are distributed through different channels, such as stable, candidate, beta, and edge. By default, the stable channel is used. To install a Snap package from a specific channel, use the --channel option: <code>sudo snap install <snap-package-name> --channel=<channel-name></code> Replace <snap-package-name> with the name of the Snap package and <channel-name> with the desired channel (e.g., stable, candidate, beta, or edge). For more information and advanced options, you can refer to the official Snapcraft documentation: https://snapcraft.io/docs ====Create a snap package==== ===AppImage=== ===Flatpak=== gsmw2iwvdl8k7rqam0t5vte1hjb69qh 340 339 2023-04-18T01:41:56Z imported>AwesomO 0 /* Update the package index: */ 340 wikitext text/x-wiki A package management system, also known as a package manager, is a set of tools and processes that automate the installation, upgrading, configuration, and removal of software packages on a computer system. Package management systems simplify the process of managing software by handling package dependencies, versioning, and distribution in a consistent and organized manner. In the context of operating systems like Linux and Unix, software packages are bundles of files, libraries, executables, and metadata that together comprise a complete application or software component. Package managers are designed to manage these packages by tracking and resolving their dependencies, which are other software components that a package requires to function properly. Key functions of package management systems include: :* Maintaining repositories: Package managers connect to repositories, which are remote servers that store packages and their metadata. Repositories provide a centralized location for users to find, download, and install software packages. :* Managing dependencies: When installing or upgrading a package, the package manager ensures that all required dependencies are also installed, updated, or removed as necessary. This helps maintain system stability and prevents conflicts or broken software. :* Versioning: Package managers track and manage different versions of software packages, allowing users to install, upgrade, or downgrade specific versions as needed. :* Handling package conflicts: Package managers can detect and resolve conflicts between packages, ensuring that the system remains in a consistent state even when multiple packages have overlapping or conflicting requirements. :* Streamlining software installation and removal: Package managers automate the process of installing, upgrading, or removing software, making it easy for users to manage software on their systems without manual intervention. Popular package managers include APT (used in Debian-based distributions), YUM and DNF (used in Red Hat-based distributions), and pacman (used in Arch Linux-based distributions). Each package manager is designed to work with specific package formats (such as .deb or .rpm) and may have its unique commands and features, but their overall purpose remains the same: to simplify and automate the process of managing software on a computer system. == Package managers == Ubuntu is a popular Linux-based operating system that offers a wide range of applications for users. To install these applications, Ubuntu provides several package managers such as APT, Snap, AppImage, and Flatpak. Each package manager has its own advantages and disadvantages, and it's important to understand how they work and what they offer in order to choose the best one for your needs. '''APT''' (Advanced Package Tool) is the default package manager for Ubuntu, and it uses a command-line interface to manage packages. APT offers a large selection of packages, and it's designed to be stable and reliable. '''Snap''', on the other hand, is a newer package manager that offers a more user-friendly interface and sandboxed apps. It also offers automatic updates and rollbacks, making it easy to manage and maintain applications. '''AppImage''' and '''Flatpak''' are containerized formats that allow applications to run on multiple Linux distributions without needing to install dependencies. AppImage is a self-contained format that includes all dependencies, making it easy to run on any Linux distribution without needing to install anything. Flatpak, on the other hand, allows for more fine-grained control over dependencies and offers sandboxing and automatic updates. By understanding the differences between these package managers, you can choose the best one for your needs and enjoy a wide range of applications on Ubuntu. == Installing and updating software == ===APT=== ==== Update the package index:==== Before installing or updating software, it's essential to update the package index to ensure you have the latest information about available packages and their versions. Run the following command: <code>sudo apt update</code> This command will download package information from your configured repositories and update the local package index. ==== Search APT for packages==== To search for packages in the Ubuntu repository using APT, you can use the apt-cache search command followed by a keyword. For example: <code>sudo apt-cache search <package-name></code> Replace <package-name> with the name or keyword related to the package you are looking for. Once you have found the package you want to install, you can install it using the apt-get install or apt install command. ==== Install a new package:==== To install a new package, use the apt install command followed by the package name: <code>sudo apt install <package-name></code> Replace <package-name> with the name of the package you want to install. APT will automatically handle the package's dependencies, installing them if necessary. ==== Update installed packages:==== To update all the installed packages to their latest available versions, run: <code>sudo apt upgrade</code> This command will upgrade packages based on the updated package index. It's a good practice to run this command regularly to keep your system up to date and secure. ==== Update a specific package:==== If you want to update a specific package, use the apt install command again: <code>sudo apt install --only-upgrade <package-name></code> Replace <package-name> with the name of the package you want to update. This command will only upgrade the specified package if a newer version is available. ==== Remove a package:==== If you want to remove a package, use the apt remove command followed by the package name: <code>sudo apt remove <package-name></code> Replace <package-name> with the name of the package you want to remove. Note that this command does not remove the package's configuration files. If you want to remove the package along with its configuration files, use the apt purge command instead: <code>sudo apt purge <package-name></code> ==== Clean up unused dependencies:==== Over time, your system may accumulate unused dependency packages. You can clean up these packages using the apt autoremove command: <code>sudo apt autoremove</code> This command will remove any packages that were installed as dependencies but are no longer needed by any installed software. ==== Install from a <b>.deb</b> file==== To install a .deb file that you have downloaded or obtained from an external source, you can use the dpkg command. First, navigate to the directory containing the .deb file using the cd command: <code>cd /path/to/directory</code> Then, install the .deb file using the dpkg -i command: <code>sudo dpkg -i <filename.deb></code> Replace <filename.deb> with the exact name of the .deb file you want to install. Note that you can also use <b>path</b> if you do not want to <b>cd</b>:<code>sudo dpkg -i /path/to/program.deb</code> Note that if the .deb package has any unmet dependencies, the installation may fail. To resolve this issue and automatically install any missing dependencies, you can run the following command: <code>sudo apt-get install -f</code> or <code>sudo apt install -f</code> This will install any missing dependencies and complete the installation of the .deb package. ===Managing Package Repositories=== :* Introduction to Package Repositories : Package repositories are online servers that store software packages for installation and updates on Ubuntu systems. Ubuntu uses the Advanced Package Tool (APT) to manage these repositories. The default repositories include Main, Universe, Restricted, and Multiverse. You can also add third-party repositories (PPAs) for additional software. Default Repositories :* Main: Officially supported, open-source software maintained by Canonical. :* Universe: Community-maintained open-source software. :* Restricted: Proprietary drivers and software required for hardware compatibility. :* Multiverse: Software not compliant with the Ubuntu licensing policies. :* Updating Package List : Before installing new packages, you should update the package list to fetch the latest information from the repositories. :* Open a terminal (Ctrl+Alt+T) :* Run the following command: <code>sudo apt update</code> : Adding a Personal Package Archive (PPA) : PPAs are third-party repositories that contain software not available in the default repositories. :* To add a PPA, open a terminal and type: <code>sudo add-apt-repository ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> Removing a PPA :* To remove a PPA, open a terminal and type: <code>sudo add-apt-repository --remove ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> Editing Repository Configuration Files The repository configuration files are stored in the '''/etc/apt/sources.list''' file and the files inside '''/etc/apt/sources.list.d/''' directory. :* To edit the sources.list file, open a terminal and type: <code>sudo nano /etc/apt/sources.list</code> Make the necessary changes, save (Ctrl+O), and exit (Ctrl+X). Update the package list: <code>sudo apt update</code> Managing Repositories with Software & Updates :* You can also manage repositories using the Software & Updates application. :* Open the application by searching "Software & Updates" in the applications menu. :* In the "Ubuntu Software" tab, you can enable or disable the default repositories. :* In the "Other Software" tab, you can add, edit, or remove third-party repositories. :* After making changes, click "Close" and then click "Reload" to update the package list. By following this tutorial, you'll be able to manage package repositories on your Ubuntu system, adding or removing PPAs as needed to install or update software. ====Dependency Management==== In Ubuntu, software packages often rely on other packages to function properly. These required packages are called dependencies. The Advanced Package Tool (APT) automatically handles dependency management, ensuring that all required packages are installed or updated when you install, update, or remove a package. :* Installing a Package and Its Dependencies : When you install a package using APT, it automatically resolves and installs the dependencies. :* Open a terminal (Ctrl+Alt+T) :* Install a package and its dependencies using the following command: <code>sudo apt install package-name</code> : Replace "package-name" with the appropriate package name. :* Updating Packages and Dependencies : APT also manages the dependencies while updating packages. :* To update all installed packages and their dependencies, run the following command: <code>sudo apt update && sudo apt upgrade</code> :* Removing a Package and Unused Dependencies : When you remove a package, APT will not automatically remove its dependencies if they are no longer required. To remove unused dependencies, use the 'autoremove' command. :* To remove a package and its unused dependencies, run: <code>sudo apt remove package-name && sudo apt autoremove</code> :* Replace "package-name" with the appropriate package name. :* Fixing Broken Dependencies : Sometimes, you may encounter broken dependencies due to various reasons, such as interrupted installations or package conflicts. You can use APT to fix these issues. :* To fix broken dependencies, run the following commands: <pre> sudo apt update sudo apt install -f </pre> :* Listing Dependencies of a Package : You can use the '''apt-cache''' command to list the dependencies of a specific package without installing it. :* To list the dependencies, run: <code>apt-cache depends package-name</code> :* Replace "package-name" with the appropriate package name. :* Listing Reverse Dependencies : Reverse dependencies are packages that depend on a specific package. You can list them using the 'apt-cache' command. :* To list reverse dependencies, run: <code>apt-cache rdepends package-name</code> Replace "package-name" with the appropriate package name. ====Create a deb package==== ====Create deb repository==== ===Snaps=== Ubuntu Snap packages are a universal packaging format designed to work across different Linux distributions. Snap packages are self-contained and automatically updated, which makes them a convenient choice for both sysadmins and new users. Here's an in-depth guide to help you understand and use Snap packages in Ubuntu: :* ''' Installation of Snapd:''' Before you can manage Snap packages, you need to have the snapd service installed on your Ubuntu system. It usually comes pre-installed on recent versions of Ubuntu. Check <b>snapd</b> is installed on your system with:<br> <code>snap --version</code> However, if it's not installed, you can install it using the following command: <pre> sudo apt update sudo apt install snapd </pre> :* '''Searching for Snap packages:''' To search for available Snap packages, use the snap find command followed by a keyword: <code>snap find <keyword></code> Replace <keyword> with the name or keyword related to the package you are looking for. :* '''Installing Snap packages:''' To install a Snap package, use the snap install command: <code>sudo snap install <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to install. :* '''Listing installed Snap packages:''' To see a list of installed Snap packages on your system, use the snap list command: <code>snap list</code> :* '''Updating Snap packages:''' Snap packages are updated automatically by default. However, if you want to manually update a specific Snap package, you can use the snap refresh command: <code>sudo snap refresh <snap-package-name></code> To update all Snap packages on your system, simply run: <code>sudo snap refresh</code> :* '''Removing Snap packages:''' To remove an installed Snap package, use the snap remove command: <code>sudo snap remove <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to remove. :* '''Removing Snap and also delete the package's data and configuration files.''' <code>snap remove --purge example_package</code> : The --purge option is used to specify that you not only want to remove the snap package, but also to delete its associated data and configuration files. This option helps ensure that all remnants of the package are removed from your system, providing a clean uninstall. :* '''Managing Snap package services:''' Some Snap packages provide system services. You can manage these services using the snap services command: <code>snap services</code> This will list all services provided by installed Snap packages. To start, stop, restart, or check the status of a Snap service, use the following commands: <pre> sudo snap start <snap-package-name> sudo snap stop <snap-package-name> sudo snap restart <snap-package-name> sudo snap status <snap-package-name> </pre> Replace <snap-package-name> with the exact name of the Snap package containing the service you want to manage. :* '''Snap package channels:''' Snap packages are distributed through different channels, such as stable, candidate, beta, and edge. By default, the stable channel is used. To install a Snap package from a specific channel, use the --channel option: <code>sudo snap install <snap-package-name> --channel=<channel-name></code> Replace <snap-package-name> with the name of the Snap package and <channel-name> with the desired channel (e.g., stable, candidate, beta, or edge). For more information and advanced options, you can refer to the official Snapcraft documentation: https://snapcraft.io/docs ====Create a snap package==== ===AppImage=== ===Flatpak=== sfk12vbz2taild6o20e3tg884pxadrh 341 340 2023-04-18T01:45:27Z imported>AwesomO 0 /* Managing Package Repositories */ 341 wikitext text/x-wiki A package management system, also known as a package manager, is a set of tools and processes that automate the installation, upgrading, configuration, and removal of software packages on a computer system. Package management systems simplify the process of managing software by handling package dependencies, versioning, and distribution in a consistent and organized manner. In the context of operating systems like Linux and Unix, software packages are bundles of files, libraries, executables, and metadata that together comprise a complete application or software component. Package managers are designed to manage these packages by tracking and resolving their dependencies, which are other software components that a package requires to function properly. Key functions of package management systems include: :* Maintaining repositories: Package managers connect to repositories, which are remote servers that store packages and their metadata. Repositories provide a centralized location for users to find, download, and install software packages. :* Managing dependencies: When installing or upgrading a package, the package manager ensures that all required dependencies are also installed, updated, or removed as necessary. This helps maintain system stability and prevents conflicts or broken software. :* Versioning: Package managers track and manage different versions of software packages, allowing users to install, upgrade, or downgrade specific versions as needed. :* Handling package conflicts: Package managers can detect and resolve conflicts between packages, ensuring that the system remains in a consistent state even when multiple packages have overlapping or conflicting requirements. :* Streamlining software installation and removal: Package managers automate the process of installing, upgrading, or removing software, making it easy for users to manage software on their systems without manual intervention. Popular package managers include APT (used in Debian-based distributions), YUM and DNF (used in Red Hat-based distributions), and pacman (used in Arch Linux-based distributions). Each package manager is designed to work with specific package formats (such as .deb or .rpm) and may have its unique commands and features, but their overall purpose remains the same: to simplify and automate the process of managing software on a computer system. == Package managers == Ubuntu is a popular Linux-based operating system that offers a wide range of applications for users. To install these applications, Ubuntu provides several package managers such as APT, Snap, AppImage, and Flatpak. Each package manager has its own advantages and disadvantages, and it's important to understand how they work and what they offer in order to choose the best one for your needs. '''APT''' (Advanced Package Tool) is the default package manager for Ubuntu, and it uses a command-line interface to manage packages. APT offers a large selection of packages, and it's designed to be stable and reliable. '''Snap''', on the other hand, is a newer package manager that offers a more user-friendly interface and sandboxed apps. It also offers automatic updates and rollbacks, making it easy to manage and maintain applications. '''AppImage''' and '''Flatpak''' are containerized formats that allow applications to run on multiple Linux distributions without needing to install dependencies. AppImage is a self-contained format that includes all dependencies, making it easy to run on any Linux distribution without needing to install anything. Flatpak, on the other hand, allows for more fine-grained control over dependencies and offers sandboxing and automatic updates. By understanding the differences between these package managers, you can choose the best one for your needs and enjoy a wide range of applications on Ubuntu. == Installing and updating software == ===APT=== ==== Update the package index:==== Before installing or updating software, it's essential to update the package index to ensure you have the latest information about available packages and their versions. Run the following command: <code>sudo apt update</code> This command will download package information from your configured repositories and update the local package index. ==== Search APT for packages==== To search for packages in the Ubuntu repository using APT, you can use the apt-cache search command followed by a keyword. For example: <code>sudo apt-cache search <package-name></code> Replace <package-name> with the name or keyword related to the package you are looking for. Once you have found the package you want to install, you can install it using the apt-get install or apt install command. ==== Install a new package:==== To install a new package, use the apt install command followed by the package name: <code>sudo apt install <package-name></code> Replace <package-name> with the name of the package you want to install. APT will automatically handle the package's dependencies, installing them if necessary. ==== Update installed packages:==== To update all the installed packages to their latest available versions, run: <code>sudo apt upgrade</code> This command will upgrade packages based on the updated package index. It's a good practice to run this command regularly to keep your system up to date and secure. ==== Update a specific package:==== If you want to update a specific package, use the apt install command again: <code>sudo apt install --only-upgrade <package-name></code> Replace <package-name> with the name of the package you want to update. This command will only upgrade the specified package if a newer version is available. ==== Remove a package:==== If you want to remove a package, use the apt remove command followed by the package name: <code>sudo apt remove <package-name></code> Replace <package-name> with the name of the package you want to remove. Note that this command does not remove the package's configuration files. If you want to remove the package along with its configuration files, use the apt purge command instead: <code>sudo apt purge <package-name></code> ==== Clean up unused dependencies:==== Over time, your system may accumulate unused dependency packages. You can clean up these packages using the apt autoremove command: <code>sudo apt autoremove</code> This command will remove any packages that were installed as dependencies but are no longer needed by any installed software. ==== Install from a <b>.deb</b> file==== To install a .deb file that you have downloaded or obtained from an external source, you can use the dpkg command. First, navigate to the directory containing the .deb file using the cd command: <code>cd /path/to/directory</code> Then, install the .deb file using the dpkg -i command: <code>sudo dpkg -i <filename.deb></code> Replace <filename.deb> with the exact name of the .deb file you want to install. Note that you can also use <b>path</b> if you do not want to <b>cd</b>:<code>sudo dpkg -i /path/to/program.deb</code> Note that if the .deb package has any unmet dependencies, the installation may fail. To resolve this issue and automatically install any missing dependencies, you can run the following command: <code>sudo apt-get install -f</code> or <code>sudo apt install -f</code> This will install any missing dependencies and complete the installation of the .deb package. ===Managing Package Repositories=== :* Introduction to Package Repositories : Package repositories are online servers that store software packages for installation and updates on Ubuntu systems. Ubuntu uses the Advanced Package Tool (APT) to manage these repositories. The default repositories include Main, Universe, Restricted, and Multiverse. You can also add third-party repositories (PPAs) for additional software. Default Repositories :* Main: Officially supported, open-source software maintained by Canonical. :* Universe: Community-maintained open-source software. :* Restricted: Proprietary drivers and software required for hardware compatibility. :* Multiverse: Software not compliant with the Ubuntu licensing policies. :* Updating Package List : Before installing new packages, you should update the package list to fetch the latest information from the repositories. :* Open a terminal (Ctrl+Alt+T) :* Run the following command: <code>sudo apt update</code> : Adding a Personal Package Archive (PPA) : PPAs are third-party repositories that contain software not available in the default repositories. :* To add a PPA, open a terminal and type: <code>sudo add-apt-repository ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> ====Removing a PPA==== :* To remove a PPA, open a terminal and type: <code>sudo add-apt-repository --remove ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> ====Editing Repository Configuration Files==== The repository configuration files are stored in the '''/etc/apt/sources.list''' file and the files inside '''/etc/apt/sources.list.d/''' directory. :* To edit the sources.list file, open a terminal and type: <code>sudo nano /etc/apt/sources.list</code> Make the necessary changes, save (Ctrl+O), and exit (Ctrl+X). Update the package list: <code>sudo apt update</code> ====Managing Repositories with Software & Updates==== :* You can also manage repositories using the Software & Updates application. :* Open the application by searching "Software & Updates" in the applications menu. :* In the "Ubuntu Software" tab, you can enable or disable the default repositories. :* In the "Other Software" tab, you can add, edit, or remove third-party repositories. :* After making changes, click "Close" and then click "Reload" to update the package list. By following this tutorial, you'll be able to manage package repositories on your Ubuntu system, adding or removing PPAs as needed to install or update software. ====Dependency Management==== In Ubuntu, software packages often rely on other packages to function properly. These required packages are called dependencies. The Advanced Package Tool (APT) automatically handles dependency management, ensuring that all required packages are installed or updated when you install, update, or remove a package. ===== Installing a Package and Its Dependencies===== : When you install a package using APT, it automatically resolves and installs the dependencies. :* Open a terminal (Ctrl+Alt+T) :* Install a package and its dependencies using the following command: <code>sudo apt install package-name</code> : Replace "package-name" with the appropriate package name. :* Updating Packages and Dependencies : APT also manages the dependencies while updating packages. :* To update all installed packages and their dependencies, run the following command: <code>sudo apt update && sudo apt upgrade</code> ===== Removing a Package and Unused Dependencies===== : When you remove a package, APT will not automatically remove its dependencies if they are no longer required. To remove unused dependencies, use the 'autoremove' command. :* To remove a package and its unused dependencies, run: <code>sudo apt remove package-name && sudo apt autoremove</code> :* Replace "package-name" with the appropriate package name. :* Fixing Broken Dependencies : Sometimes, you may encounter broken dependencies due to various reasons, such as interrupted installations or package conflicts. You can use APT to fix these issues. :* To fix broken dependencies, run the following commands: <pre> sudo apt update sudo apt install -f </pre> ===== Listing Dependencies of a Package ===== : You can use the '''apt-cache''' command to list the dependencies of a specific package without installing it. :* To list the dependencies, run: <code>apt-cache depends package-name</code> :* Replace "package-name" with the appropriate package name. ===== Listing Reverse Dependencies===== : Reverse dependencies are packages that depend on a specific package. You can list them using the 'apt-cache' command. :* To list reverse dependencies, run: <code>apt-cache rdepends package-name</code> Replace "package-name" with the appropriate package name. ====Create a deb package==== ====Create deb repository==== ===Snaps=== Ubuntu Snap packages are a universal packaging format designed to work across different Linux distributions. Snap packages are self-contained and automatically updated, which makes them a convenient choice for both sysadmins and new users. Here's an in-depth guide to help you understand and use Snap packages in Ubuntu: :* ''' Installation of Snapd:''' Before you can manage Snap packages, you need to have the snapd service installed on your Ubuntu system. It usually comes pre-installed on recent versions of Ubuntu. Check <b>snapd</b> is installed on your system with:<br> <code>snap --version</code> However, if it's not installed, you can install it using the following command: <pre> sudo apt update sudo apt install snapd </pre> :* '''Searching for Snap packages:''' To search for available Snap packages, use the snap find command followed by a keyword: <code>snap find <keyword></code> Replace <keyword> with the name or keyword related to the package you are looking for. :* '''Installing Snap packages:''' To install a Snap package, use the snap install command: <code>sudo snap install <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to install. :* '''Listing installed Snap packages:''' To see a list of installed Snap packages on your system, use the snap list command: <code>snap list</code> :* '''Updating Snap packages:''' Snap packages are updated automatically by default. However, if you want to manually update a specific Snap package, you can use the snap refresh command: <code>sudo snap refresh <snap-package-name></code> To update all Snap packages on your system, simply run: <code>sudo snap refresh</code> :* '''Removing Snap packages:''' To remove an installed Snap package, use the snap remove command: <code>sudo snap remove <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to remove. :* '''Removing Snap and also delete the package's data and configuration files.''' <code>snap remove --purge example_package</code> : The --purge option is used to specify that you not only want to remove the snap package, but also to delete its associated data and configuration files. This option helps ensure that all remnants of the package are removed from your system, providing a clean uninstall. :* '''Managing Snap package services:''' Some Snap packages provide system services. You can manage these services using the snap services command: <code>snap services</code> This will list all services provided by installed Snap packages. To start, stop, restart, or check the status of a Snap service, use the following commands: <pre> sudo snap start <snap-package-name> sudo snap stop <snap-package-name> sudo snap restart <snap-package-name> sudo snap status <snap-package-name> </pre> Replace <snap-package-name> with the exact name of the Snap package containing the service you want to manage. :* '''Snap package channels:''' Snap packages are distributed through different channels, such as stable, candidate, beta, and edge. By default, the stable channel is used. To install a Snap package from a specific channel, use the --channel option: <code>sudo snap install <snap-package-name> --channel=<channel-name></code> Replace <snap-package-name> with the name of the Snap package and <channel-name> with the desired channel (e.g., stable, candidate, beta, or edge). For more information and advanced options, you can refer to the official Snapcraft documentation: https://snapcraft.io/docs ====Create a snap package==== ===AppImage=== ===Flatpak=== 352gm4kd0a9od629c4p8jd785q5ml9z 342 341 2023-04-18T01:48:50Z imported>AwesomO 0 /* Snaps */ 342 wikitext text/x-wiki A package management system, also known as a package manager, is a set of tools and processes that automate the installation, upgrading, configuration, and removal of software packages on a computer system. Package management systems simplify the process of managing software by handling package dependencies, versioning, and distribution in a consistent and organized manner. In the context of operating systems like Linux and Unix, software packages are bundles of files, libraries, executables, and metadata that together comprise a complete application or software component. Package managers are designed to manage these packages by tracking and resolving their dependencies, which are other software components that a package requires to function properly. Key functions of package management systems include: :* Maintaining repositories: Package managers connect to repositories, which are remote servers that store packages and their metadata. Repositories provide a centralized location for users to find, download, and install software packages. :* Managing dependencies: When installing or upgrading a package, the package manager ensures that all required dependencies are also installed, updated, or removed as necessary. This helps maintain system stability and prevents conflicts or broken software. :* Versioning: Package managers track and manage different versions of software packages, allowing users to install, upgrade, or downgrade specific versions as needed. :* Handling package conflicts: Package managers can detect and resolve conflicts between packages, ensuring that the system remains in a consistent state even when multiple packages have overlapping or conflicting requirements. :* Streamlining software installation and removal: Package managers automate the process of installing, upgrading, or removing software, making it easy for users to manage software on their systems without manual intervention. Popular package managers include APT (used in Debian-based distributions), YUM and DNF (used in Red Hat-based distributions), and pacman (used in Arch Linux-based distributions). Each package manager is designed to work with specific package formats (such as .deb or .rpm) and may have its unique commands and features, but their overall purpose remains the same: to simplify and automate the process of managing software on a computer system. == Package managers == Ubuntu is a popular Linux-based operating system that offers a wide range of applications for users. To install these applications, Ubuntu provides several package managers such as APT, Snap, AppImage, and Flatpak. Each package manager has its own advantages and disadvantages, and it's important to understand how they work and what they offer in order to choose the best one for your needs. '''APT''' (Advanced Package Tool) is the default package manager for Ubuntu, and it uses a command-line interface to manage packages. APT offers a large selection of packages, and it's designed to be stable and reliable. '''Snap''', on the other hand, is a newer package manager that offers a more user-friendly interface and sandboxed apps. It also offers automatic updates and rollbacks, making it easy to manage and maintain applications. '''AppImage''' and '''Flatpak''' are containerized formats that allow applications to run on multiple Linux distributions without needing to install dependencies. AppImage is a self-contained format that includes all dependencies, making it easy to run on any Linux distribution without needing to install anything. Flatpak, on the other hand, allows for more fine-grained control over dependencies and offers sandboxing and automatic updates. By understanding the differences between these package managers, you can choose the best one for your needs and enjoy a wide range of applications on Ubuntu. == Installing and updating software == ===APT=== ==== Update the package index:==== Before installing or updating software, it's essential to update the package index to ensure you have the latest information about available packages and their versions. Run the following command: <code>sudo apt update</code> This command will download package information from your configured repositories and update the local package index. ==== Search APT for packages==== To search for packages in the Ubuntu repository using APT, you can use the apt-cache search command followed by a keyword. For example: <code>sudo apt-cache search <package-name></code> Replace <package-name> with the name or keyword related to the package you are looking for. Once you have found the package you want to install, you can install it using the apt-get install or apt install command. ==== Install a new package:==== To install a new package, use the apt install command followed by the package name: <code>sudo apt install <package-name></code> Replace <package-name> with the name of the package you want to install. APT will automatically handle the package's dependencies, installing them if necessary. ==== Update installed packages:==== To update all the installed packages to their latest available versions, run: <code>sudo apt upgrade</code> This command will upgrade packages based on the updated package index. It's a good practice to run this command regularly to keep your system up to date and secure. ==== Update a specific package:==== If you want to update a specific package, use the apt install command again: <code>sudo apt install --only-upgrade <package-name></code> Replace <package-name> with the name of the package you want to update. This command will only upgrade the specified package if a newer version is available. ==== Remove a package:==== If you want to remove a package, use the apt remove command followed by the package name: <code>sudo apt remove <package-name></code> Replace <package-name> with the name of the package you want to remove. Note that this command does not remove the package's configuration files. If you want to remove the package along with its configuration files, use the apt purge command instead: <code>sudo apt purge <package-name></code> ==== Clean up unused dependencies:==== Over time, your system may accumulate unused dependency packages. You can clean up these packages using the apt autoremove command: <code>sudo apt autoremove</code> This command will remove any packages that were installed as dependencies but are no longer needed by any installed software. ==== Install from a <b>.deb</b> file==== To install a .deb file that you have downloaded or obtained from an external source, you can use the dpkg command. First, navigate to the directory containing the .deb file using the cd command: <code>cd /path/to/directory</code> Then, install the .deb file using the dpkg -i command: <code>sudo dpkg -i <filename.deb></code> Replace <filename.deb> with the exact name of the .deb file you want to install. Note that you can also use <b>path</b> if you do not want to <b>cd</b>:<code>sudo dpkg -i /path/to/program.deb</code> Note that if the .deb package has any unmet dependencies, the installation may fail. To resolve this issue and automatically install any missing dependencies, you can run the following command: <code>sudo apt-get install -f</code> or <code>sudo apt install -f</code> This will install any missing dependencies and complete the installation of the .deb package. ===Managing Package Repositories=== :* Introduction to Package Repositories : Package repositories are online servers that store software packages for installation and updates on Ubuntu systems. Ubuntu uses the Advanced Package Tool (APT) to manage these repositories. The default repositories include Main, Universe, Restricted, and Multiverse. You can also add third-party repositories (PPAs) for additional software. Default Repositories :* Main: Officially supported, open-source software maintained by Canonical. :* Universe: Community-maintained open-source software. :* Restricted: Proprietary drivers and software required for hardware compatibility. :* Multiverse: Software not compliant with the Ubuntu licensing policies. :* Updating Package List : Before installing new packages, you should update the package list to fetch the latest information from the repositories. :* Open a terminal (Ctrl+Alt+T) :* Run the following command: <code>sudo apt update</code> : Adding a Personal Package Archive (PPA) : PPAs are third-party repositories that contain software not available in the default repositories. :* To add a PPA, open a terminal and type: <code>sudo add-apt-repository ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> ====Removing a PPA==== :* To remove a PPA, open a terminal and type: <code>sudo add-apt-repository --remove ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> ====Editing Repository Configuration Files==== The repository configuration files are stored in the '''/etc/apt/sources.list''' file and the files inside '''/etc/apt/sources.list.d/''' directory. :* To edit the sources.list file, open a terminal and type: <code>sudo nano /etc/apt/sources.list</code> Make the necessary changes, save (Ctrl+O), and exit (Ctrl+X). Update the package list: <code>sudo apt update</code> ====Managing Repositories with Software & Updates==== :* You can also manage repositories using the Software & Updates application. :* Open the application by searching "Software & Updates" in the applications menu. :* In the "Ubuntu Software" tab, you can enable or disable the default repositories. :* In the "Other Software" tab, you can add, edit, or remove third-party repositories. :* After making changes, click "Close" and then click "Reload" to update the package list. By following this tutorial, you'll be able to manage package repositories on your Ubuntu system, adding or removing PPAs as needed to install or update software. ====Dependency Management==== In Ubuntu, software packages often rely on other packages to function properly. These required packages are called dependencies. The Advanced Package Tool (APT) automatically handles dependency management, ensuring that all required packages are installed or updated when you install, update, or remove a package. ===== Installing a Package and Its Dependencies===== : When you install a package using APT, it automatically resolves and installs the dependencies. :* Open a terminal (Ctrl+Alt+T) :* Install a package and its dependencies using the following command: <code>sudo apt install package-name</code> : Replace "package-name" with the appropriate package name. :* Updating Packages and Dependencies : APT also manages the dependencies while updating packages. :* To update all installed packages and their dependencies, run the following command: <code>sudo apt update && sudo apt upgrade</code> ===== Removing a Package and Unused Dependencies===== : When you remove a package, APT will not automatically remove its dependencies if they are no longer required. To remove unused dependencies, use the 'autoremove' command. :* To remove a package and its unused dependencies, run: <code>sudo apt remove package-name && sudo apt autoremove</code> :* Replace "package-name" with the appropriate package name. :* Fixing Broken Dependencies : Sometimes, you may encounter broken dependencies due to various reasons, such as interrupted installations or package conflicts. You can use APT to fix these issues. :* To fix broken dependencies, run the following commands: <pre> sudo apt update sudo apt install -f </pre> ===== Listing Dependencies of a Package ===== : You can use the '''apt-cache''' command to list the dependencies of a specific package without installing it. :* To list the dependencies, run: <code>apt-cache depends package-name</code> :* Replace "package-name" with the appropriate package name. ===== Listing Reverse Dependencies===== : Reverse dependencies are packages that depend on a specific package. You can list them using the 'apt-cache' command. :* To list reverse dependencies, run: <code>apt-cache rdepends package-name</code> Replace "package-name" with the appropriate package name. ====Create a deb package==== ====Create deb repository==== ===Snaps=== Ubuntu Snap packages are a universal packaging format designed to work across different Linux distributions. Snap packages are self-contained and automatically updated, which makes them a convenient choice for both sysadmins and new users. Here's an in-depth guide to help you understand and use Snap packages in Ubuntu: ==== Installation of Snapd:==== Before you can manage Snap packages, you need to have the snapd service installed on your Ubuntu system. It usually comes pre-installed on recent versions of Ubuntu. Check <b>snapd</b> is installed on your system with:<br> <code>snap --version</code> However, if it's not installed, you can install it using the following command: <pre> sudo apt update sudo apt install snapd </pre> ==== Searching for Snap packages:==== To search for available Snap packages, use the snap find command followed by a keyword: <code>snap find <keyword></code> Replace <keyword> with the name or keyword related to the package you are looking for. ==== Installing Snap packages:==== To install a Snap package, use the snap install command: <code>sudo snap install <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to install. ==== Listing installed Snap packages:==== To see a list of installed Snap packages on your system, use the snap list command: <code>snap list</code> ==== Updating Snap packages==== Snap packages are updated automatically by default. However, if you want to manually update a specific Snap package, you can use the snap refresh command: <code>sudo snap refresh <snap-package-name></code> To update all Snap packages on your system, simply run: <code>sudo snap refresh</code> ==== Removing Snap packages==== To remove an installed Snap package, use the snap remove command: <code>sudo snap remove <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to remove. ==== Removing Snap and also delete the package's data and configuration files==== <code>snap remove --purge example_package</code> : The --purge option is used to specify that you not only want to remove the snap package, but also to delete its associated data and configuration files. This option helps ensure that all remnants of the package are removed from your system, providing a clean uninstall. ====Managing Snap package services==== Some Snap packages provide system services. You can manage these services using the snap services command: <code>snap services</code> This will list all services provided by installed Snap packages. To start, stop, restart, or check the status of a Snap service, use the following commands: <pre> sudo snap start <snap-package-name> sudo snap stop <snap-package-name> sudo snap restart <snap-package-name> sudo snap status <snap-package-name> </pre> Replace <snap-package-name> with the exact name of the Snap package containing the service you want to manage. ====Snap package channels==== Snap packages are distributed through different channels, such as stable, candidate, beta, and edge. By default, the stable channel is used. To install a Snap package from a specific channel, use the --channel option: <code>sudo snap install <snap-package-name> --channel=<channel-name></code> Replace <snap-package-name> with the name of the Snap package and <channel-name> with the desired channel (e.g., stable, candidate, beta, or edge). For more information and advanced options, you can refer to the official Snapcraft documentation: https://snapcraft.io/docs ====Create a snap package==== ===AppImage=== ===Flatpak=== cumj722q2uwyg17nwzazbqbtg8c09nh 375 342 2023-05-03T11:41:25Z AwesomO 5 /* Removing a PPA */ 375 wikitext text/x-wiki A package management system, also known as a package manager, is a set of tools and processes that automate the installation, upgrading, configuration, and removal of software packages on a computer system. Package management systems simplify the process of managing software by handling package dependencies, versioning, and distribution in a consistent and organized manner. In the context of operating systems like Linux and Unix, software packages are bundles of files, libraries, executables, and metadata that together comprise a complete application or software component. Package managers are designed to manage these packages by tracking and resolving their dependencies, which are other software components that a package requires to function properly. Key functions of package management systems include: :* Maintaining repositories: Package managers connect to repositories, which are remote servers that store packages and their metadata. Repositories provide a centralized location for users to find, download, and install software packages. :* Managing dependencies: When installing or upgrading a package, the package manager ensures that all required dependencies are also installed, updated, or removed as necessary. This helps maintain system stability and prevents conflicts or broken software. :* Versioning: Package managers track and manage different versions of software packages, allowing users to install, upgrade, or downgrade specific versions as needed. :* Handling package conflicts: Package managers can detect and resolve conflicts between packages, ensuring that the system remains in a consistent state even when multiple packages have overlapping or conflicting requirements. :* Streamlining software installation and removal: Package managers automate the process of installing, upgrading, or removing software, making it easy for users to manage software on their systems without manual intervention. Popular package managers include APT (used in Debian-based distributions), YUM and DNF (used in Red Hat-based distributions), and pacman (used in Arch Linux-based distributions). Each package manager is designed to work with specific package formats (such as .deb or .rpm) and may have its unique commands and features, but their overall purpose remains the same: to simplify and automate the process of managing software on a computer system. == Package managers == Ubuntu is a popular Linux-based operating system that offers a wide range of applications for users. To install these applications, Ubuntu provides several package managers such as APT, Snap, AppImage, and Flatpak. Each package manager has its own advantages and disadvantages, and it's important to understand how they work and what they offer in order to choose the best one for your needs. '''APT''' (Advanced Package Tool) is the default package manager for Ubuntu, and it uses a command-line interface to manage packages. APT offers a large selection of packages, and it's designed to be stable and reliable. '''Snap''', on the other hand, is a newer package manager that offers a more user-friendly interface and sandboxed apps. It also offers automatic updates and rollbacks, making it easy to manage and maintain applications. '''AppImage''' and '''Flatpak''' are containerized formats that allow applications to run on multiple Linux distributions without needing to install dependencies. AppImage is a self-contained format that includes all dependencies, making it easy to run on any Linux distribution without needing to install anything. Flatpak, on the other hand, allows for more fine-grained control over dependencies and offers sandboxing and automatic updates. By understanding the differences between these package managers, you can choose the best one for your needs and enjoy a wide range of applications on Ubuntu. == Installing and updating software == ===APT=== ==== Update the package index:==== Before installing or updating software, it's essential to update the package index to ensure you have the latest information about available packages and their versions. Run the following command: <code>sudo apt update</code> This command will download package information from your configured repositories and update the local package index. ==== Search APT for packages==== To search for packages in the Ubuntu repository using APT, you can use the apt-cache search command followed by a keyword. For example: <code>sudo apt-cache search <package-name></code> Replace <package-name> with the name or keyword related to the package you are looking for. Once you have found the package you want to install, you can install it using the apt-get install or apt install command. ==== Install a new package:==== To install a new package, use the apt install command followed by the package name: <code>sudo apt install <package-name></code> Replace <package-name> with the name of the package you want to install. APT will automatically handle the package's dependencies, installing them if necessary. ==== Update installed packages:==== To update all the installed packages to their latest available versions, run: <code>sudo apt upgrade</code> This command will upgrade packages based on the updated package index. It's a good practice to run this command regularly to keep your system up to date and secure. ==== Update a specific package:==== If you want to update a specific package, use the apt install command again: <code>sudo apt install --only-upgrade <package-name></code> Replace <package-name> with the name of the package you want to update. This command will only upgrade the specified package if a newer version is available. ==== Remove a package:==== If you want to remove a package, use the apt remove command followed by the package name: <code>sudo apt remove <package-name></code> Replace <package-name> with the name of the package you want to remove. Note that this command does not remove the package's configuration files. If you want to remove the package along with its configuration files, use the apt purge command instead: <code>sudo apt purge <package-name></code> ==== Clean up unused dependencies:==== Over time, your system may accumulate unused dependency packages. You can clean up these packages using the apt autoremove command: <code>sudo apt autoremove</code> This command will remove any packages that were installed as dependencies but are no longer needed by any installed software. ==== Install from a <b>.deb</b> file==== To install a .deb file that you have downloaded or obtained from an external source, you can use the dpkg command. First, navigate to the directory containing the .deb file using the cd command: <code>cd /path/to/directory</code> Then, install the .deb file using the dpkg -i command: <code>sudo dpkg -i <filename.deb></code> Replace <filename.deb> with the exact name of the .deb file you want to install. Note that you can also use <b>path</b> if you do not want to <b>cd</b>:<code>sudo dpkg -i /path/to/program.deb</code> Note that if the .deb package has any unmet dependencies, the installation may fail. To resolve this issue and automatically install any missing dependencies, you can run the following command: <code>sudo apt-get install -f</code> or <code>sudo apt install -f</code> This will install any missing dependencies and complete the installation of the .deb package. ===Managing Package Repositories=== :* Introduction to Package Repositories : Package repositories are online servers that store software packages for installation and updates on Ubuntu systems. Ubuntu uses the Advanced Package Tool (APT) to manage these repositories. The default repositories include Main, Universe, Restricted, and Multiverse. You can also add third-party repositories (PPAs) for additional software. Default Repositories :* Main: Officially supported, open-source software maintained by Canonical. :* Universe: Community-maintained open-source software. :* Restricted: Proprietary drivers and software required for hardware compatibility. :* Multiverse: Software not compliant with the Ubuntu licensing policies. :* Updating Package List : Before installing new packages, you should update the package list to fetch the latest information from the repositories. :* Open a terminal (Ctrl+Alt+T) :* Run the following command: <code>sudo apt update</code> : Adding a Personal Package Archive (PPA) : PPAs are third-party repositories that contain software not available in the default repositories. :* To add a PPA, open a terminal and type: <code>sudo add-apt-repository ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> ====Removing a PPA==== :* To remove a PPA, open a terminal and type: <code>sudo add-apt-repository --remove ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> <div class="toccolours mw-collapsible mw-collapsed"> Example: Finding the '''ppa:user/ppa-name''' to remove: <div class="mw-collapsible-content"> * when i try an '''apt update''' <pre> The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 Reading package lists... Done W: GPG error: https://repo.steampowered.com/steam stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 E: The repository 'https://repo.steampowered.com/steam stable InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. </pre> * Finding the '''package's''' and the '''repository''' : Check which packages are installed from the repository with the following command: <code>dpkg --list | grep steam</code> : Remove any packages that are installed from the repository with the following command: <code>sudo apt-get remove --purge <package-name></code> : Find repository's <code>ls -l /etc/apt/sources.list.d/</code> * Returns: <pre> -rw-r--r-- 1 root root 296 Mar 1 18:55 steam-beta.list -rw-r--r-- 1 root root 228 Mar 1 18:55 steam-stable.list </pre> <code>cat /etc/apt/sources.list.d/steam-stable.list</code> * returns: <pre> deb [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ stable steam deb-src [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ stable steam </pre> <code>cat /etc/apt/sources.list.d/steam-beta.list</code> * returns: <pre> # Uncomment these lines to try the beta version of the Steam launcher #deb [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ beta steam #deb-src [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ beta steam </pre> * Note: In '''steam-beta.list''' the lines are commented out with '''#''' at the beginning of the line. * You can comment out the lines in '''steam-stable.list''' and '''sudo apt update''' * Or you can delete the file '''steam-stable.list''' and '''sudo apt update''' </div> </div> ====Editing Repository Configuration Files==== The repository configuration files are stored in the '''/etc/apt/sources.list''' file and the files inside '''/etc/apt/sources.list.d/''' directory. :* To edit the sources.list file, open a terminal and type: <code>sudo nano /etc/apt/sources.list</code> Make the necessary changes, save (Ctrl+O), and exit (Ctrl+X). Update the package list: <code>sudo apt update</code> ====Managing Repositories with Software & Updates==== :* You can also manage repositories using the Software & Updates application. :* Open the application by searching "Software & Updates" in the applications menu. :* In the "Ubuntu Software" tab, you can enable or disable the default repositories. :* In the "Other Software" tab, you can add, edit, or remove third-party repositories. :* After making changes, click "Close" and then click "Reload" to update the package list. By following this tutorial, you'll be able to manage package repositories on your Ubuntu system, adding or removing PPAs as needed to install or update software. ====Dependency Management==== In Ubuntu, software packages often rely on other packages to function properly. These required packages are called dependencies. The Advanced Package Tool (APT) automatically handles dependency management, ensuring that all required packages are installed or updated when you install, update, or remove a package. ===== Installing a Package and Its Dependencies===== : When you install a package using APT, it automatically resolves and installs the dependencies. :* Open a terminal (Ctrl+Alt+T) :* Install a package and its dependencies using the following command: <code>sudo apt install package-name</code> : Replace "package-name" with the appropriate package name. :* Updating Packages and Dependencies : APT also manages the dependencies while updating packages. :* To update all installed packages and their dependencies, run the following command: <code>sudo apt update && sudo apt upgrade</code> ===== Removing a Package and Unused Dependencies===== : When you remove a package, APT will not automatically remove its dependencies if they are no longer required. To remove unused dependencies, use the 'autoremove' command. :* To remove a package and its unused dependencies, run: <code>sudo apt remove package-name && sudo apt autoremove</code> :* Replace "package-name" with the appropriate package name. :* Fixing Broken Dependencies : Sometimes, you may encounter broken dependencies due to various reasons, such as interrupted installations or package conflicts. You can use APT to fix these issues. :* To fix broken dependencies, run the following commands: <pre> sudo apt update sudo apt install -f </pre> ===== Listing Dependencies of a Package ===== : You can use the '''apt-cache''' command to list the dependencies of a specific package without installing it. :* To list the dependencies, run: <code>apt-cache depends package-name</code> :* Replace "package-name" with the appropriate package name. ===== Listing Reverse Dependencies===== : Reverse dependencies are packages that depend on a specific package. You can list them using the 'apt-cache' command. :* To list reverse dependencies, run: <code>apt-cache rdepends package-name</code> Replace "package-name" with the appropriate package name. ====Create a deb package==== ====Create deb repository==== ===Snaps=== Ubuntu Snap packages are a universal packaging format designed to work across different Linux distributions. Snap packages are self-contained and automatically updated, which makes them a convenient choice for both sysadmins and new users. Here's an in-depth guide to help you understand and use Snap packages in Ubuntu: ==== Installation of Snapd:==== Before you can manage Snap packages, you need to have the snapd service installed on your Ubuntu system. It usually comes pre-installed on recent versions of Ubuntu. Check <b>snapd</b> is installed on your system with:<br> <code>snap --version</code> However, if it's not installed, you can install it using the following command: <pre> sudo apt update sudo apt install snapd </pre> ==== Searching for Snap packages:==== To search for available Snap packages, use the snap find command followed by a keyword: <code>snap find <keyword></code> Replace <keyword> with the name or keyword related to the package you are looking for. ==== Installing Snap packages:==== To install a Snap package, use the snap install command: <code>sudo snap install <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to install. ==== Listing installed Snap packages:==== To see a list of installed Snap packages on your system, use the snap list command: <code>snap list</code> ==== Updating Snap packages==== Snap packages are updated automatically by default. However, if you want to manually update a specific Snap package, you can use the snap refresh command: <code>sudo snap refresh <snap-package-name></code> To update all Snap packages on your system, simply run: <code>sudo snap refresh</code> ==== Removing Snap packages==== To remove an installed Snap package, use the snap remove command: <code>sudo snap remove <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to remove. ==== Removing Snap and also delete the package's data and configuration files==== <code>snap remove --purge example_package</code> : The --purge option is used to specify that you not only want to remove the snap package, but also to delete its associated data and configuration files. This option helps ensure that all remnants of the package are removed from your system, providing a clean uninstall. ====Managing Snap package services==== Some Snap packages provide system services. You can manage these services using the snap services command: <code>snap services</code> This will list all services provided by installed Snap packages. To start, stop, restart, or check the status of a Snap service, use the following commands: <pre> sudo snap start <snap-package-name> sudo snap stop <snap-package-name> sudo snap restart <snap-package-name> sudo snap status <snap-package-name> </pre> Replace <snap-package-name> with the exact name of the Snap package containing the service you want to manage. ====Snap package channels==== Snap packages are distributed through different channels, such as stable, candidate, beta, and edge. By default, the stable channel is used. To install a Snap package from a specific channel, use the --channel option: <code>sudo snap install <snap-package-name> --channel=<channel-name></code> Replace <snap-package-name> with the name of the Snap package and <channel-name> with the desired channel (e.g., stable, candidate, beta, or edge). For more information and advanced options, you can refer to the official Snapcraft documentation: https://snapcraft.io/docs ====Create a snap package==== ===AppImage=== ===Flatpak=== jpnbe65if5srb5grnig2cacnp21tggq 376 375 2023-05-03T11:49:57Z AwesomO 5 /* Remove a package: */ 376 wikitext text/x-wiki A package management system, also known as a package manager, is a set of tools and processes that automate the installation, upgrading, configuration, and removal of software packages on a computer system. Package management systems simplify the process of managing software by handling package dependencies, versioning, and distribution in a consistent and organized manner. In the context of operating systems like Linux and Unix, software packages are bundles of files, libraries, executables, and metadata that together comprise a complete application or software component. Package managers are designed to manage these packages by tracking and resolving their dependencies, which are other software components that a package requires to function properly. Key functions of package management systems include: :* Maintaining repositories: Package managers connect to repositories, which are remote servers that store packages and their metadata. Repositories provide a centralized location for users to find, download, and install software packages. :* Managing dependencies: When installing or upgrading a package, the package manager ensures that all required dependencies are also installed, updated, or removed as necessary. This helps maintain system stability and prevents conflicts or broken software. :* Versioning: Package managers track and manage different versions of software packages, allowing users to install, upgrade, or downgrade specific versions as needed. :* Handling package conflicts: Package managers can detect and resolve conflicts between packages, ensuring that the system remains in a consistent state even when multiple packages have overlapping or conflicting requirements. :* Streamlining software installation and removal: Package managers automate the process of installing, upgrading, or removing software, making it easy for users to manage software on their systems without manual intervention. Popular package managers include APT (used in Debian-based distributions), YUM and DNF (used in Red Hat-based distributions), and pacman (used in Arch Linux-based distributions). Each package manager is designed to work with specific package formats (such as .deb or .rpm) and may have its unique commands and features, but their overall purpose remains the same: to simplify and automate the process of managing software on a computer system. == Package managers == Ubuntu is a popular Linux-based operating system that offers a wide range of applications for users. To install these applications, Ubuntu provides several package managers such as APT, Snap, AppImage, and Flatpak. Each package manager has its own advantages and disadvantages, and it's important to understand how they work and what they offer in order to choose the best one for your needs. '''APT''' (Advanced Package Tool) is the default package manager for Ubuntu, and it uses a command-line interface to manage packages. APT offers a large selection of packages, and it's designed to be stable and reliable. '''Snap''', on the other hand, is a newer package manager that offers a more user-friendly interface and sandboxed apps. It also offers automatic updates and rollbacks, making it easy to manage and maintain applications. '''AppImage''' and '''Flatpak''' are containerized formats that allow applications to run on multiple Linux distributions without needing to install dependencies. AppImage is a self-contained format that includes all dependencies, making it easy to run on any Linux distribution without needing to install anything. Flatpak, on the other hand, allows for more fine-grained control over dependencies and offers sandboxing and automatic updates. By understanding the differences between these package managers, you can choose the best one for your needs and enjoy a wide range of applications on Ubuntu. == Installing and updating software == ===APT=== ==== Update the package index:==== Before installing or updating software, it's essential to update the package index to ensure you have the latest information about available packages and their versions. Run the following command: <code>sudo apt update</code> This command will download package information from your configured repositories and update the local package index. ==== Search APT for packages==== To search for packages in the Ubuntu repository using APT, you can use the apt-cache search command followed by a keyword. For example: <code>sudo apt-cache search <package-name></code> Replace <package-name> with the name or keyword related to the package you are looking for. Once you have found the package you want to install, you can install it using the apt-get install or apt install command. ==== Install a new package:==== To install a new package, use the apt install command followed by the package name: <code>sudo apt install <package-name></code> Replace <package-name> with the name of the package you want to install. APT will automatically handle the package's dependencies, installing them if necessary. ==== Update installed packages:==== To update all the installed packages to their latest available versions, run: <code>sudo apt upgrade</code> This command will upgrade packages based on the updated package index. It's a good practice to run this command regularly to keep your system up to date and secure. ==== Update a specific package:==== If you want to update a specific package, use the apt install command again: <code>sudo apt install --only-upgrade <package-name></code> Replace <package-name> with the name of the package you want to update. This command will only upgrade the specified package if a newer version is available. ==== Remove a package:==== If you want to remove a package, use the apt remove command followed by the package name: <code>sudo apt remove <package-name></code> Replace <package-name> with the name of the package you want to remove. Note that this command does not remove the package's configuration files. If you want to remove the package along with its configuration files, use the apt purge command instead: <code>sudo apt purge <package-name></code> ===== '''dpkg''' remove===== <code>dpkg -l | grep steam</core> * returns/output <pre> rc steam:i386 1:1.0.0.74-1ubuntu2 i386 Valve's Steam digital software delivery system rc steam-launcher 1:1.0.0.76 all Launcher for the Steam software distribution service </pre> <code>apt remove steam:i386</core> * return output <pre>Package 'steam:i386' is not installed, so not removed</core> The '''dpkg -l | grep steam''' command shows that the '''steam:i386''' and '''steam-launcher''' packages are installed on your system, but when you try to remove them using the '''apt remove''' command, you get a message that the packages are not installed. This can happen if the packages were installed manually using a different method than the standard apt package manager. In this case, the packages were likely installed manually by downloading and installing the Steam installer from the Steam website. To remove the Steam packages that are installed manually, you can run the following commands: <code>sudo dpkg -r steam:i386</code> <code>sudo dpkg -r steam-launcher</code> Use '''--purge''' to remove '''config files''' <code>sudo dpkg --purge steam:i386</code> ==== Clean up unused dependencies:==== Over time, your system may accumulate unused dependency packages. You can clean up these packages using the apt autoremove command: <code>sudo apt autoremove</code> This command will remove any packages that were installed as dependencies but are no longer needed by any installed software. ==== Install from a <b>.deb</b> file==== To install a .deb file that you have downloaded or obtained from an external source, you can use the dpkg command. First, navigate to the directory containing the .deb file using the cd command: <code>cd /path/to/directory</code> Then, install the .deb file using the dpkg -i command: <code>sudo dpkg -i <filename.deb></code> Replace <filename.deb> with the exact name of the .deb file you want to install. Note that you can also use <b>path</b> if you do not want to <b>cd</b>:<code>sudo dpkg -i /path/to/program.deb</code> Note that if the .deb package has any unmet dependencies, the installation may fail. To resolve this issue and automatically install any missing dependencies, you can run the following command: <code>sudo apt-get install -f</code> or <code>sudo apt install -f</code> This will install any missing dependencies and complete the installation of the .deb package. ===Managing Package Repositories=== :* Introduction to Package Repositories : Package repositories are online servers that store software packages for installation and updates on Ubuntu systems. Ubuntu uses the Advanced Package Tool (APT) to manage these repositories. The default repositories include Main, Universe, Restricted, and Multiverse. You can also add third-party repositories (PPAs) for additional software. Default Repositories :* Main: Officially supported, open-source software maintained by Canonical. :* Universe: Community-maintained open-source software. :* Restricted: Proprietary drivers and software required for hardware compatibility. :* Multiverse: Software not compliant with the Ubuntu licensing policies. :* Updating Package List : Before installing new packages, you should update the package list to fetch the latest information from the repositories. :* Open a terminal (Ctrl+Alt+T) :* Run the following command: <code>sudo apt update</code> : Adding a Personal Package Archive (PPA) : PPAs are third-party repositories that contain software not available in the default repositories. :* To add a PPA, open a terminal and type: <code>sudo add-apt-repository ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> ====Removing a PPA==== :* To remove a PPA, open a terminal and type: <code>sudo add-apt-repository --remove ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> <div class="toccolours mw-collapsible mw-collapsed"> Example: Finding the '''ppa:user/ppa-name''' to remove: <div class="mw-collapsible-content"> * when i try an '''apt update''' <pre> The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 Reading package lists... Done W: GPG error: https://repo.steampowered.com/steam stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 E: The repository 'https://repo.steampowered.com/steam stable InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. </pre> * Finding the '''package's''' and the '''repository''' : Check which packages are installed from the repository with the following command: <code>dpkg --list | grep steam</code> : Remove any packages that are installed from the repository with the following command: <code>sudo apt-get remove --purge <package-name></code> : Find repository's <code>ls -l /etc/apt/sources.list.d/</code> * Returns: <pre> -rw-r--r-- 1 root root 296 Mar 1 18:55 steam-beta.list -rw-r--r-- 1 root root 228 Mar 1 18:55 steam-stable.list </pre> <code>cat /etc/apt/sources.list.d/steam-stable.list</code> * returns: <pre> deb [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ stable steam deb-src [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ stable steam </pre> <code>cat /etc/apt/sources.list.d/steam-beta.list</code> * returns: <pre> # Uncomment these lines to try the beta version of the Steam launcher #deb [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ beta steam #deb-src [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ beta steam </pre> * Note: In '''steam-beta.list''' the lines are commented out with '''#''' at the beginning of the line. * You can comment out the lines in '''steam-stable.list''' and '''sudo apt update''' * Or you can delete the file '''steam-stable.list''' and '''sudo apt update''' </div> </div> ====Editing Repository Configuration Files==== The repository configuration files are stored in the '''/etc/apt/sources.list''' file and the files inside '''/etc/apt/sources.list.d/''' directory. :* To edit the sources.list file, open a terminal and type: <code>sudo nano /etc/apt/sources.list</code> Make the necessary changes, save (Ctrl+O), and exit (Ctrl+X). Update the package list: <code>sudo apt update</code> ====Managing Repositories with Software & Updates==== :* You can also manage repositories using the Software & Updates application. :* Open the application by searching "Software & Updates" in the applications menu. :* In the "Ubuntu Software" tab, you can enable or disable the default repositories. :* In the "Other Software" tab, you can add, edit, or remove third-party repositories. :* After making changes, click "Close" and then click "Reload" to update the package list. By following this tutorial, you'll be able to manage package repositories on your Ubuntu system, adding or removing PPAs as needed to install or update software. ====Dependency Management==== In Ubuntu, software packages often rely on other packages to function properly. These required packages are called dependencies. The Advanced Package Tool (APT) automatically handles dependency management, ensuring that all required packages are installed or updated when you install, update, or remove a package. ===== Installing a Package and Its Dependencies===== : When you install a package using APT, it automatically resolves and installs the dependencies. :* Open a terminal (Ctrl+Alt+T) :* Install a package and its dependencies using the following command: <code>sudo apt install package-name</code> : Replace "package-name" with the appropriate package name. :* Updating Packages and Dependencies : APT also manages the dependencies while updating packages. :* To update all installed packages and their dependencies, run the following command: <code>sudo apt update && sudo apt upgrade</code> ===== Removing a Package and Unused Dependencies===== : When you remove a package, APT will not automatically remove its dependencies if they are no longer required. To remove unused dependencies, use the 'autoremove' command. :* To remove a package and its unused dependencies, run: <code>sudo apt remove package-name && sudo apt autoremove</code> :* Replace "package-name" with the appropriate package name. :* Fixing Broken Dependencies : Sometimes, you may encounter broken dependencies due to various reasons, such as interrupted installations or package conflicts. You can use APT to fix these issues. :* To fix broken dependencies, run the following commands: <pre> sudo apt update sudo apt install -f </pre> ===== Listing Dependencies of a Package ===== : You can use the '''apt-cache''' command to list the dependencies of a specific package without installing it. :* To list the dependencies, run: <code>apt-cache depends package-name</code> :* Replace "package-name" with the appropriate package name. ===== Listing Reverse Dependencies===== : Reverse dependencies are packages that depend on a specific package. You can list them using the 'apt-cache' command. :* To list reverse dependencies, run: <code>apt-cache rdepends package-name</code> Replace "package-name" with the appropriate package name. ====Create a deb package==== ====Create deb repository==== ===Snaps=== Ubuntu Snap packages are a universal packaging format designed to work across different Linux distributions. Snap packages are self-contained and automatically updated, which makes them a convenient choice for both sysadmins and new users. Here's an in-depth guide to help you understand and use Snap packages in Ubuntu: ==== Installation of Snapd:==== Before you can manage Snap packages, you need to have the snapd service installed on your Ubuntu system. It usually comes pre-installed on recent versions of Ubuntu. Check <b>snapd</b> is installed on your system with:<br> <code>snap --version</code> However, if it's not installed, you can install it using the following command: <pre> sudo apt update sudo apt install snapd </pre> ==== Searching for Snap packages:==== To search for available Snap packages, use the snap find command followed by a keyword: <code>snap find <keyword></code> Replace <keyword> with the name or keyword related to the package you are looking for. ==== Installing Snap packages:==== To install a Snap package, use the snap install command: <code>sudo snap install <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to install. ==== Listing installed Snap packages:==== To see a list of installed Snap packages on your system, use the snap list command: <code>snap list</code> ==== Updating Snap packages==== Snap packages are updated automatically by default. However, if you want to manually update a specific Snap package, you can use the snap refresh command: <code>sudo snap refresh <snap-package-name></code> To update all Snap packages on your system, simply run: <code>sudo snap refresh</code> ==== Removing Snap packages==== To remove an installed Snap package, use the snap remove command: <code>sudo snap remove <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to remove. ==== Removing Snap and also delete the package's data and configuration files==== <code>snap remove --purge example_package</code> : The --purge option is used to specify that you not only want to remove the snap package, but also to delete its associated data and configuration files. This option helps ensure that all remnants of the package are removed from your system, providing a clean uninstall. ====Managing Snap package services==== Some Snap packages provide system services. You can manage these services using the snap services command: <code>snap services</code> This will list all services provided by installed Snap packages. To start, stop, restart, or check the status of a Snap service, use the following commands: <pre> sudo snap start <snap-package-name> sudo snap stop <snap-package-name> sudo snap restart <snap-package-name> sudo snap status <snap-package-name> </pre> Replace <snap-package-name> with the exact name of the Snap package containing the service you want to manage. ====Snap package channels==== Snap packages are distributed through different channels, such as stable, candidate, beta, and edge. By default, the stable channel is used. To install a Snap package from a specific channel, use the --channel option: <code>sudo snap install <snap-package-name> --channel=<channel-name></code> Replace <snap-package-name> with the name of the Snap package and <channel-name> with the desired channel (e.g., stable, candidate, beta, or edge). For more information and advanced options, you can refer to the official Snapcraft documentation: https://snapcraft.io/docs ====Create a snap package==== ===AppImage=== ===Flatpak=== lcfyazf4znauxw5im0puxi5opy9r6rv 377 376 2023-05-03T11:50:54Z AwesomO 5 /* dpkg remove */ 377 wikitext text/x-wiki A package management system, also known as a package manager, is a set of tools and processes that automate the installation, upgrading, configuration, and removal of software packages on a computer system. Package management systems simplify the process of managing software by handling package dependencies, versioning, and distribution in a consistent and organized manner. In the context of operating systems like Linux and Unix, software packages are bundles of files, libraries, executables, and metadata that together comprise a complete application or software component. Package managers are designed to manage these packages by tracking and resolving their dependencies, which are other software components that a package requires to function properly. Key functions of package management systems include: :* Maintaining repositories: Package managers connect to repositories, which are remote servers that store packages and their metadata. Repositories provide a centralized location for users to find, download, and install software packages. :* Managing dependencies: When installing or upgrading a package, the package manager ensures that all required dependencies are also installed, updated, or removed as necessary. This helps maintain system stability and prevents conflicts or broken software. :* Versioning: Package managers track and manage different versions of software packages, allowing users to install, upgrade, or downgrade specific versions as needed. :* Handling package conflicts: Package managers can detect and resolve conflicts between packages, ensuring that the system remains in a consistent state even when multiple packages have overlapping or conflicting requirements. :* Streamlining software installation and removal: Package managers automate the process of installing, upgrading, or removing software, making it easy for users to manage software on their systems without manual intervention. Popular package managers include APT (used in Debian-based distributions), YUM and DNF (used in Red Hat-based distributions), and pacman (used in Arch Linux-based distributions). Each package manager is designed to work with specific package formats (such as .deb or .rpm) and may have its unique commands and features, but their overall purpose remains the same: to simplify and automate the process of managing software on a computer system. == Package managers == Ubuntu is a popular Linux-based operating system that offers a wide range of applications for users. To install these applications, Ubuntu provides several package managers such as APT, Snap, AppImage, and Flatpak. Each package manager has its own advantages and disadvantages, and it's important to understand how they work and what they offer in order to choose the best one for your needs. '''APT''' (Advanced Package Tool) is the default package manager for Ubuntu, and it uses a command-line interface to manage packages. APT offers a large selection of packages, and it's designed to be stable and reliable. '''Snap''', on the other hand, is a newer package manager that offers a more user-friendly interface and sandboxed apps. It also offers automatic updates and rollbacks, making it easy to manage and maintain applications. '''AppImage''' and '''Flatpak''' are containerized formats that allow applications to run on multiple Linux distributions without needing to install dependencies. AppImage is a self-contained format that includes all dependencies, making it easy to run on any Linux distribution without needing to install anything. Flatpak, on the other hand, allows for more fine-grained control over dependencies and offers sandboxing and automatic updates. By understanding the differences between these package managers, you can choose the best one for your needs and enjoy a wide range of applications on Ubuntu. == Installing and updating software == ===APT=== ==== Update the package index:==== Before installing or updating software, it's essential to update the package index to ensure you have the latest information about available packages and their versions. Run the following command: <code>sudo apt update</code> This command will download package information from your configured repositories and update the local package index. ==== Search APT for packages==== To search for packages in the Ubuntu repository using APT, you can use the apt-cache search command followed by a keyword. For example: <code>sudo apt-cache search <package-name></code> Replace <package-name> with the name or keyword related to the package you are looking for. Once you have found the package you want to install, you can install it using the apt-get install or apt install command. ==== Install a new package:==== To install a new package, use the apt install command followed by the package name: <code>sudo apt install <package-name></code> Replace <package-name> with the name of the package you want to install. APT will automatically handle the package's dependencies, installing them if necessary. ==== Update installed packages:==== To update all the installed packages to their latest available versions, run: <code>sudo apt upgrade</code> This command will upgrade packages based on the updated package index. It's a good practice to run this command regularly to keep your system up to date and secure. ==== Update a specific package:==== If you want to update a specific package, use the apt install command again: <code>sudo apt install --only-upgrade <package-name></code> Replace <package-name> with the name of the package you want to update. This command will only upgrade the specified package if a newer version is available. ==== Remove a package:==== If you want to remove a package, use the apt remove command followed by the package name: <code>sudo apt remove <package-name></code> Replace <package-name> with the name of the package you want to remove. Note that this command does not remove the package's configuration files. If you want to remove the package along with its configuration files, use the apt purge command instead: <code>sudo apt purge <package-name></code> ===== '''dpkg''' remove===== <code>dpkg -l | grep steam</core> * returns/output <pre> rc steam:i386 1:1.0.0.74-1ubuntu2 i386 Valve's Steam digital software delivery system rc steam-launcher 1:1.0.0.76 all Launcher for the Steam software distribution service </pre> <code>apt remove steam:i386</code> * return output <pre>Package 'steam:i386' is not installed, so not removed</pre> The '''dpkg -l | grep steam''' command shows that the '''steam:i386''' and '''steam-launcher''' packages are installed on your system, but when you try to remove them using the '''apt remove''' command, you get a message that the packages are not installed. This can happen if the packages were installed manually using a different method than the standard apt package manager. In this case, the packages were likely installed manually by downloading and installing the Steam installer from the Steam website. To remove the Steam packages that are installed manually, you can run the following commands: <code>sudo dpkg -r steam:i386</code> <code>sudo dpkg -r steam-launcher</code> Use '''--purge''' to remove '''config files''' <code>sudo dpkg --purge steam:i386</code> ==== Clean up unused dependencies:==== Over time, your system may accumulate unused dependency packages. You can clean up these packages using the apt autoremove command: <code>sudo apt autoremove</code> This command will remove any packages that were installed as dependencies but are no longer needed by any installed software. ==== Install from a <b>.deb</b> file==== To install a .deb file that you have downloaded or obtained from an external source, you can use the dpkg command. First, navigate to the directory containing the .deb file using the cd command: <code>cd /path/to/directory</code> Then, install the .deb file using the dpkg -i command: <code>sudo dpkg -i <filename.deb></code> Replace <filename.deb> with the exact name of the .deb file you want to install. Note that you can also use <b>path</b> if you do not want to <b>cd</b>:<code>sudo dpkg -i /path/to/program.deb</code> Note that if the .deb package has any unmet dependencies, the installation may fail. To resolve this issue and automatically install any missing dependencies, you can run the following command: <code>sudo apt-get install -f</code> or <code>sudo apt install -f</code> This will install any missing dependencies and complete the installation of the .deb package. ===Managing Package Repositories=== :* Introduction to Package Repositories : Package repositories are online servers that store software packages for installation and updates on Ubuntu systems. Ubuntu uses the Advanced Package Tool (APT) to manage these repositories. The default repositories include Main, Universe, Restricted, and Multiverse. You can also add third-party repositories (PPAs) for additional software. Default Repositories :* Main: Officially supported, open-source software maintained by Canonical. :* Universe: Community-maintained open-source software. :* Restricted: Proprietary drivers and software required for hardware compatibility. :* Multiverse: Software not compliant with the Ubuntu licensing policies. :* Updating Package List : Before installing new packages, you should update the package list to fetch the latest information from the repositories. :* Open a terminal (Ctrl+Alt+T) :* Run the following command: <code>sudo apt update</code> : Adding a Personal Package Archive (PPA) : PPAs are third-party repositories that contain software not available in the default repositories. :* To add a PPA, open a terminal and type: <code>sudo add-apt-repository ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> ====Removing a PPA==== :* To remove a PPA, open a terminal and type: <code>sudo add-apt-repository --remove ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> <div class="toccolours mw-collapsible mw-collapsed"> Example: Finding the '''ppa:user/ppa-name''' to remove: <div class="mw-collapsible-content"> * when i try an '''apt update''' <pre> The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 Reading package lists... Done W: GPG error: https://repo.steampowered.com/steam stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 E: The repository 'https://repo.steampowered.com/steam stable InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. </pre> * Finding the '''package's''' and the '''repository''' : Check which packages are installed from the repository with the following command: <code>dpkg --list | grep steam</code> : Remove any packages that are installed from the repository with the following command: <code>sudo apt-get remove --purge <package-name></code> : Find repository's <code>ls -l /etc/apt/sources.list.d/</code> * Returns: <pre> -rw-r--r-- 1 root root 296 Mar 1 18:55 steam-beta.list -rw-r--r-- 1 root root 228 Mar 1 18:55 steam-stable.list </pre> <code>cat /etc/apt/sources.list.d/steam-stable.list</code> * returns: <pre> deb [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ stable steam deb-src [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ stable steam </pre> <code>cat /etc/apt/sources.list.d/steam-beta.list</code> * returns: <pre> # Uncomment these lines to try the beta version of the Steam launcher #deb [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ beta steam #deb-src [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ beta steam </pre> * Note: In '''steam-beta.list''' the lines are commented out with '''#''' at the beginning of the line. * You can comment out the lines in '''steam-stable.list''' and '''sudo apt update''' * Or you can delete the file '''steam-stable.list''' and '''sudo apt update''' </div> </div> ====Editing Repository Configuration Files==== The repository configuration files are stored in the '''/etc/apt/sources.list''' file and the files inside '''/etc/apt/sources.list.d/''' directory. :* To edit the sources.list file, open a terminal and type: <code>sudo nano /etc/apt/sources.list</code> Make the necessary changes, save (Ctrl+O), and exit (Ctrl+X). Update the package list: <code>sudo apt update</code> ====Managing Repositories with Software & Updates==== :* You can also manage repositories using the Software & Updates application. :* Open the application by searching "Software & Updates" in the applications menu. :* In the "Ubuntu Software" tab, you can enable or disable the default repositories. :* In the "Other Software" tab, you can add, edit, or remove third-party repositories. :* After making changes, click "Close" and then click "Reload" to update the package list. By following this tutorial, you'll be able to manage package repositories on your Ubuntu system, adding or removing PPAs as needed to install or update software. ====Dependency Management==== In Ubuntu, software packages often rely on other packages to function properly. These required packages are called dependencies. The Advanced Package Tool (APT) automatically handles dependency management, ensuring that all required packages are installed or updated when you install, update, or remove a package. ===== Installing a Package and Its Dependencies===== : When you install a package using APT, it automatically resolves and installs the dependencies. :* Open a terminal (Ctrl+Alt+T) :* Install a package and its dependencies using the following command: <code>sudo apt install package-name</code> : Replace "package-name" with the appropriate package name. :* Updating Packages and Dependencies : APT also manages the dependencies while updating packages. :* To update all installed packages and their dependencies, run the following command: <code>sudo apt update && sudo apt upgrade</code> ===== Removing a Package and Unused Dependencies===== : When you remove a package, APT will not automatically remove its dependencies if they are no longer required. To remove unused dependencies, use the 'autoremove' command. :* To remove a package and its unused dependencies, run: <code>sudo apt remove package-name && sudo apt autoremove</code> :* Replace "package-name" with the appropriate package name. :* Fixing Broken Dependencies : Sometimes, you may encounter broken dependencies due to various reasons, such as interrupted installations or package conflicts. You can use APT to fix these issues. :* To fix broken dependencies, run the following commands: <pre> sudo apt update sudo apt install -f </pre> ===== Listing Dependencies of a Package ===== : You can use the '''apt-cache''' command to list the dependencies of a specific package without installing it. :* To list the dependencies, run: <code>apt-cache depends package-name</code> :* Replace "package-name" with the appropriate package name. ===== Listing Reverse Dependencies===== : Reverse dependencies are packages that depend on a specific package. You can list them using the 'apt-cache' command. :* To list reverse dependencies, run: <code>apt-cache rdepends package-name</code> Replace "package-name" with the appropriate package name. ====Create a deb package==== ====Create deb repository==== ===Snaps=== Ubuntu Snap packages are a universal packaging format designed to work across different Linux distributions. Snap packages are self-contained and automatically updated, which makes them a convenient choice for both sysadmins and new users. Here's an in-depth guide to help you understand and use Snap packages in Ubuntu: ==== Installation of Snapd:==== Before you can manage Snap packages, you need to have the snapd service installed on your Ubuntu system. It usually comes pre-installed on recent versions of Ubuntu. Check <b>snapd</b> is installed on your system with:<br> <code>snap --version</code> However, if it's not installed, you can install it using the following command: <pre> sudo apt update sudo apt install snapd </pre> ==== Searching for Snap packages:==== To search for available Snap packages, use the snap find command followed by a keyword: <code>snap find <keyword></code> Replace <keyword> with the name or keyword related to the package you are looking for. ==== Installing Snap packages:==== To install a Snap package, use the snap install command: <code>sudo snap install <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to install. ==== Listing installed Snap packages:==== To see a list of installed Snap packages on your system, use the snap list command: <code>snap list</code> ==== Updating Snap packages==== Snap packages are updated automatically by default. However, if you want to manually update a specific Snap package, you can use the snap refresh command: <code>sudo snap refresh <snap-package-name></code> To update all Snap packages on your system, simply run: <code>sudo snap refresh</code> ==== Removing Snap packages==== To remove an installed Snap package, use the snap remove command: <code>sudo snap remove <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to remove. ==== Removing Snap and also delete the package's data and configuration files==== <code>snap remove --purge example_package</code> : The --purge option is used to specify that you not only want to remove the snap package, but also to delete its associated data and configuration files. This option helps ensure that all remnants of the package are removed from your system, providing a clean uninstall. ====Managing Snap package services==== Some Snap packages provide system services. You can manage these services using the snap services command: <code>snap services</code> This will list all services provided by installed Snap packages. To start, stop, restart, or check the status of a Snap service, use the following commands: <pre> sudo snap start <snap-package-name> sudo snap stop <snap-package-name> sudo snap restart <snap-package-name> sudo snap status <snap-package-name> </pre> Replace <snap-package-name> with the exact name of the Snap package containing the service you want to manage. ====Snap package channels==== Snap packages are distributed through different channels, such as stable, candidate, beta, and edge. By default, the stable channel is used. To install a Snap package from a specific channel, use the --channel option: <code>sudo snap install <snap-package-name> --channel=<channel-name></code> Replace <snap-package-name> with the name of the Snap package and <channel-name> with the desired channel (e.g., stable, candidate, beta, or edge). For more information and advanced options, you can refer to the official Snapcraft documentation: https://snapcraft.io/docs ====Create a snap package==== ===AppImage=== ===Flatpak=== rc303ipd24u0typhyndpcwo90wvqe1s 378 377 2023-05-03T11:51:16Z AwesomO 5 /* dpkg remove */ 378 wikitext text/x-wiki A package management system, also known as a package manager, is a set of tools and processes that automate the installation, upgrading, configuration, and removal of software packages on a computer system. Package management systems simplify the process of managing software by handling package dependencies, versioning, and distribution in a consistent and organized manner. In the context of operating systems like Linux and Unix, software packages are bundles of files, libraries, executables, and metadata that together comprise a complete application or software component. Package managers are designed to manage these packages by tracking and resolving their dependencies, which are other software components that a package requires to function properly. Key functions of package management systems include: :* Maintaining repositories: Package managers connect to repositories, which are remote servers that store packages and their metadata. Repositories provide a centralized location for users to find, download, and install software packages. :* Managing dependencies: When installing or upgrading a package, the package manager ensures that all required dependencies are also installed, updated, or removed as necessary. This helps maintain system stability and prevents conflicts or broken software. :* Versioning: Package managers track and manage different versions of software packages, allowing users to install, upgrade, or downgrade specific versions as needed. :* Handling package conflicts: Package managers can detect and resolve conflicts between packages, ensuring that the system remains in a consistent state even when multiple packages have overlapping or conflicting requirements. :* Streamlining software installation and removal: Package managers automate the process of installing, upgrading, or removing software, making it easy for users to manage software on their systems without manual intervention. Popular package managers include APT (used in Debian-based distributions), YUM and DNF (used in Red Hat-based distributions), and pacman (used in Arch Linux-based distributions). Each package manager is designed to work with specific package formats (such as .deb or .rpm) and may have its unique commands and features, but their overall purpose remains the same: to simplify and automate the process of managing software on a computer system. == Package managers == Ubuntu is a popular Linux-based operating system that offers a wide range of applications for users. To install these applications, Ubuntu provides several package managers such as APT, Snap, AppImage, and Flatpak. Each package manager has its own advantages and disadvantages, and it's important to understand how they work and what they offer in order to choose the best one for your needs. '''APT''' (Advanced Package Tool) is the default package manager for Ubuntu, and it uses a command-line interface to manage packages. APT offers a large selection of packages, and it's designed to be stable and reliable. '''Snap''', on the other hand, is a newer package manager that offers a more user-friendly interface and sandboxed apps. It also offers automatic updates and rollbacks, making it easy to manage and maintain applications. '''AppImage''' and '''Flatpak''' are containerized formats that allow applications to run on multiple Linux distributions without needing to install dependencies. AppImage is a self-contained format that includes all dependencies, making it easy to run on any Linux distribution without needing to install anything. Flatpak, on the other hand, allows for more fine-grained control over dependencies and offers sandboxing and automatic updates. By understanding the differences between these package managers, you can choose the best one for your needs and enjoy a wide range of applications on Ubuntu. == Installing and updating software == ===APT=== ==== Update the package index:==== Before installing or updating software, it's essential to update the package index to ensure you have the latest information about available packages and their versions. Run the following command: <code>sudo apt update</code> This command will download package information from your configured repositories and update the local package index. ==== Search APT for packages==== To search for packages in the Ubuntu repository using APT, you can use the apt-cache search command followed by a keyword. For example: <code>sudo apt-cache search <package-name></code> Replace <package-name> with the name or keyword related to the package you are looking for. Once you have found the package you want to install, you can install it using the apt-get install or apt install command. ==== Install a new package:==== To install a new package, use the apt install command followed by the package name: <code>sudo apt install <package-name></code> Replace <package-name> with the name of the package you want to install. APT will automatically handle the package's dependencies, installing them if necessary. ==== Update installed packages:==== To update all the installed packages to their latest available versions, run: <code>sudo apt upgrade</code> This command will upgrade packages based on the updated package index. It's a good practice to run this command regularly to keep your system up to date and secure. ==== Update a specific package:==== If you want to update a specific package, use the apt install command again: <code>sudo apt install --only-upgrade <package-name></code> Replace <package-name> with the name of the package you want to update. This command will only upgrade the specified package if a newer version is available. ==== Remove a package:==== If you want to remove a package, use the apt remove command followed by the package name: <code>sudo apt remove <package-name></code> Replace <package-name> with the name of the package you want to remove. Note that this command does not remove the package's configuration files. If you want to remove the package along with its configuration files, use the apt purge command instead: <code>sudo apt purge <package-name></code> ===== '''dpkg''' remove===== <code>dpkg -l | grep steam</code> * returns/output <pre> rc steam:i386 1:1.0.0.74-1ubuntu2 i386 Valve's Steam digital software delivery system rc steam-launcher 1:1.0.0.76 all Launcher for the Steam software distribution service </pre> <code>apt remove steam:i386</code> * return output <pre>Package 'steam:i386' is not installed, so not removed</pre> The '''dpkg -l | grep steam''' command shows that the '''steam:i386''' and '''steam-launcher''' packages are installed on your system, but when you try to remove them using the '''apt remove''' command, you get a message that the packages are not installed. This can happen if the packages were installed manually using a different method than the standard apt package manager. In this case, the packages were likely installed manually by downloading and installing the Steam installer from the Steam website. To remove the Steam packages that are installed manually, you can run the following commands: <code>sudo dpkg -r steam:i386</code> <code>sudo dpkg -r steam-launcher</code> Use '''--purge''' to remove '''config files''' <code>sudo dpkg --purge steam:i386</code> ==== Clean up unused dependencies:==== Over time, your system may accumulate unused dependency packages. You can clean up these packages using the apt autoremove command: <code>sudo apt autoremove</code> This command will remove any packages that were installed as dependencies but are no longer needed by any installed software. ==== Install from a <b>.deb</b> file==== To install a .deb file that you have downloaded or obtained from an external source, you can use the dpkg command. First, navigate to the directory containing the .deb file using the cd command: <code>cd /path/to/directory</code> Then, install the .deb file using the dpkg -i command: <code>sudo dpkg -i <filename.deb></code> Replace <filename.deb> with the exact name of the .deb file you want to install. Note that you can also use <b>path</b> if you do not want to <b>cd</b>:<code>sudo dpkg -i /path/to/program.deb</code> Note that if the .deb package has any unmet dependencies, the installation may fail. To resolve this issue and automatically install any missing dependencies, you can run the following command: <code>sudo apt-get install -f</code> or <code>sudo apt install -f</code> This will install any missing dependencies and complete the installation of the .deb package. ===Managing Package Repositories=== :* Introduction to Package Repositories : Package repositories are online servers that store software packages for installation and updates on Ubuntu systems. Ubuntu uses the Advanced Package Tool (APT) to manage these repositories. The default repositories include Main, Universe, Restricted, and Multiverse. You can also add third-party repositories (PPAs) for additional software. Default Repositories :* Main: Officially supported, open-source software maintained by Canonical. :* Universe: Community-maintained open-source software. :* Restricted: Proprietary drivers and software required for hardware compatibility. :* Multiverse: Software not compliant with the Ubuntu licensing policies. :* Updating Package List : Before installing new packages, you should update the package list to fetch the latest information from the repositories. :* Open a terminal (Ctrl+Alt+T) :* Run the following command: <code>sudo apt update</code> : Adding a Personal Package Archive (PPA) : PPAs are third-party repositories that contain software not available in the default repositories. :* To add a PPA, open a terminal and type: <code>sudo add-apt-repository ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> ====Removing a PPA==== :* To remove a PPA, open a terminal and type: <code>sudo add-apt-repository --remove ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> <div class="toccolours mw-collapsible mw-collapsed"> Example: Finding the '''ppa:user/ppa-name''' to remove: <div class="mw-collapsible-content"> * when i try an '''apt update''' <pre> The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 Reading package lists... Done W: GPG error: https://repo.steampowered.com/steam stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 E: The repository 'https://repo.steampowered.com/steam stable InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. </pre> * Finding the '''package's''' and the '''repository''' : Check which packages are installed from the repository with the following command: <code>dpkg --list | grep steam</code> : Remove any packages that are installed from the repository with the following command: <code>sudo apt-get remove --purge <package-name></code> : Find repository's <code>ls -l /etc/apt/sources.list.d/</code> * Returns: <pre> -rw-r--r-- 1 root root 296 Mar 1 18:55 steam-beta.list -rw-r--r-- 1 root root 228 Mar 1 18:55 steam-stable.list </pre> <code>cat /etc/apt/sources.list.d/steam-stable.list</code> * returns: <pre> deb [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ stable steam deb-src [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ stable steam </pre> <code>cat /etc/apt/sources.list.d/steam-beta.list</code> * returns: <pre> # Uncomment these lines to try the beta version of the Steam launcher #deb [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ beta steam #deb-src [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ beta steam </pre> * Note: In '''steam-beta.list''' the lines are commented out with '''#''' at the beginning of the line. * You can comment out the lines in '''steam-stable.list''' and '''sudo apt update''' * Or you can delete the file '''steam-stable.list''' and '''sudo apt update''' </div> </div> ====Editing Repository Configuration Files==== The repository configuration files are stored in the '''/etc/apt/sources.list''' file and the files inside '''/etc/apt/sources.list.d/''' directory. :* To edit the sources.list file, open a terminal and type: <code>sudo nano /etc/apt/sources.list</code> Make the necessary changes, save (Ctrl+O), and exit (Ctrl+X). Update the package list: <code>sudo apt update</code> ====Managing Repositories with Software & Updates==== :* You can also manage repositories using the Software & Updates application. :* Open the application by searching "Software & Updates" in the applications menu. :* In the "Ubuntu Software" tab, you can enable or disable the default repositories. :* In the "Other Software" tab, you can add, edit, or remove third-party repositories. :* After making changes, click "Close" and then click "Reload" to update the package list. By following this tutorial, you'll be able to manage package repositories on your Ubuntu system, adding or removing PPAs as needed to install or update software. ====Dependency Management==== In Ubuntu, software packages often rely on other packages to function properly. These required packages are called dependencies. The Advanced Package Tool (APT) automatically handles dependency management, ensuring that all required packages are installed or updated when you install, update, or remove a package. ===== Installing a Package and Its Dependencies===== : When you install a package using APT, it automatically resolves and installs the dependencies. :* Open a terminal (Ctrl+Alt+T) :* Install a package and its dependencies using the following command: <code>sudo apt install package-name</code> : Replace "package-name" with the appropriate package name. :* Updating Packages and Dependencies : APT also manages the dependencies while updating packages. :* To update all installed packages and their dependencies, run the following command: <code>sudo apt update && sudo apt upgrade</code> ===== Removing a Package and Unused Dependencies===== : When you remove a package, APT will not automatically remove its dependencies if they are no longer required. To remove unused dependencies, use the 'autoremove' command. :* To remove a package and its unused dependencies, run: <code>sudo apt remove package-name && sudo apt autoremove</code> :* Replace "package-name" with the appropriate package name. :* Fixing Broken Dependencies : Sometimes, you may encounter broken dependencies due to various reasons, such as interrupted installations or package conflicts. You can use APT to fix these issues. :* To fix broken dependencies, run the following commands: <pre> sudo apt update sudo apt install -f </pre> ===== Listing Dependencies of a Package ===== : You can use the '''apt-cache''' command to list the dependencies of a specific package without installing it. :* To list the dependencies, run: <code>apt-cache depends package-name</code> :* Replace "package-name" with the appropriate package name. ===== Listing Reverse Dependencies===== : Reverse dependencies are packages that depend on a specific package. You can list them using the 'apt-cache' command. :* To list reverse dependencies, run: <code>apt-cache rdepends package-name</code> Replace "package-name" with the appropriate package name. ====Create a deb package==== ====Create deb repository==== ===Snaps=== Ubuntu Snap packages are a universal packaging format designed to work across different Linux distributions. Snap packages are self-contained and automatically updated, which makes them a convenient choice for both sysadmins and new users. Here's an in-depth guide to help you understand and use Snap packages in Ubuntu: ==== Installation of Snapd:==== Before you can manage Snap packages, you need to have the snapd service installed on your Ubuntu system. It usually comes pre-installed on recent versions of Ubuntu. Check <b>snapd</b> is installed on your system with:<br> <code>snap --version</code> However, if it's not installed, you can install it using the following command: <pre> sudo apt update sudo apt install snapd </pre> ==== Searching for Snap packages:==== To search for available Snap packages, use the snap find command followed by a keyword: <code>snap find <keyword></code> Replace <keyword> with the name or keyword related to the package you are looking for. ==== Installing Snap packages:==== To install a Snap package, use the snap install command: <code>sudo snap install <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to install. ==== Listing installed Snap packages:==== To see a list of installed Snap packages on your system, use the snap list command: <code>snap list</code> ==== Updating Snap packages==== Snap packages are updated automatically by default. However, if you want to manually update a specific Snap package, you can use the snap refresh command: <code>sudo snap refresh <snap-package-name></code> To update all Snap packages on your system, simply run: <code>sudo snap refresh</code> ==== Removing Snap packages==== To remove an installed Snap package, use the snap remove command: <code>sudo snap remove <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to remove. ==== Removing Snap and also delete the package's data and configuration files==== <code>snap remove --purge example_package</code> : The --purge option is used to specify that you not only want to remove the snap package, but also to delete its associated data and configuration files. This option helps ensure that all remnants of the package are removed from your system, providing a clean uninstall. ====Managing Snap package services==== Some Snap packages provide system services. You can manage these services using the snap services command: <code>snap services</code> This will list all services provided by installed Snap packages. To start, stop, restart, or check the status of a Snap service, use the following commands: <pre> sudo snap start <snap-package-name> sudo snap stop <snap-package-name> sudo snap restart <snap-package-name> sudo snap status <snap-package-name> </pre> Replace <snap-package-name> with the exact name of the Snap package containing the service you want to manage. ====Snap package channels==== Snap packages are distributed through different channels, such as stable, candidate, beta, and edge. By default, the stable channel is used. To install a Snap package from a specific channel, use the --channel option: <code>sudo snap install <snap-package-name> --channel=<channel-name></code> Replace <snap-package-name> with the name of the Snap package and <channel-name> with the desired channel (e.g., stable, candidate, beta, or edge). For more information and advanced options, you can refer to the official Snapcraft documentation: https://snapcraft.io/docs ====Create a snap package==== ===AppImage=== ===Flatpak=== lvejlznvoul2bhx0xhxtlo5m5y1wdcj 487 378 2025-03-19T17:31:29Z Test1 7 /* AppImage */ 487 wikitext text/x-wiki A package management system, also known as a package manager, is a set of tools and processes that automate the installation, upgrading, configuration, and removal of software packages on a computer system. Package management systems simplify the process of managing software by handling package dependencies, versioning, and distribution in a consistent and organized manner. In the context of operating systems like Linux and Unix, software packages are bundles of files, libraries, executables, and metadata that together comprise a complete application or software component. Package managers are designed to manage these packages by tracking and resolving their dependencies, which are other software components that a package requires to function properly. Key functions of package management systems include: :* Maintaining repositories: Package managers connect to repositories, which are remote servers that store packages and their metadata. Repositories provide a centralized location for users to find, download, and install software packages. :* Managing dependencies: When installing or upgrading a package, the package manager ensures that all required dependencies are also installed, updated, or removed as necessary. This helps maintain system stability and prevents conflicts or broken software. :* Versioning: Package managers track and manage different versions of software packages, allowing users to install, upgrade, or downgrade specific versions as needed. :* Handling package conflicts: Package managers can detect and resolve conflicts between packages, ensuring that the system remains in a consistent state even when multiple packages have overlapping or conflicting requirements. :* Streamlining software installation and removal: Package managers automate the process of installing, upgrading, or removing software, making it easy for users to manage software on their systems without manual intervention. Popular package managers include APT (used in Debian-based distributions), YUM and DNF (used in Red Hat-based distributions), and pacman (used in Arch Linux-based distributions). Each package manager is designed to work with specific package formats (such as .deb or .rpm) and may have its unique commands and features, but their overall purpose remains the same: to simplify and automate the process of managing software on a computer system. == Package managers == Ubuntu is a popular Linux-based operating system that offers a wide range of applications for users. To install these applications, Ubuntu provides several package managers such as APT, Snap, AppImage, and Flatpak. Each package manager has its own advantages and disadvantages, and it's important to understand how they work and what they offer in order to choose the best one for your needs. '''APT''' (Advanced Package Tool) is the default package manager for Ubuntu, and it uses a command-line interface to manage packages. APT offers a large selection of packages, and it's designed to be stable and reliable. '''Snap''', on the other hand, is a newer package manager that offers a more user-friendly interface and sandboxed apps. It also offers automatic updates and rollbacks, making it easy to manage and maintain applications. '''AppImage''' and '''Flatpak''' are containerized formats that allow applications to run on multiple Linux distributions without needing to install dependencies. AppImage is a self-contained format that includes all dependencies, making it easy to run on any Linux distribution without needing to install anything. Flatpak, on the other hand, allows for more fine-grained control over dependencies and offers sandboxing and automatic updates. By understanding the differences between these package managers, you can choose the best one for your needs and enjoy a wide range of applications on Ubuntu. == Installing and updating software == ===APT=== ==== Update the package index:==== Before installing or updating software, it's essential to update the package index to ensure you have the latest information about available packages and their versions. Run the following command: <code>sudo apt update</code> This command will download package information from your configured repositories and update the local package index. ==== Search APT for packages==== To search for packages in the Ubuntu repository using APT, you can use the apt-cache search command followed by a keyword. For example: <code>sudo apt-cache search <package-name></code> Replace <package-name> with the name or keyword related to the package you are looking for. Once you have found the package you want to install, you can install it using the apt-get install or apt install command. ==== Install a new package:==== To install a new package, use the apt install command followed by the package name: <code>sudo apt install <package-name></code> Replace <package-name> with the name of the package you want to install. APT will automatically handle the package's dependencies, installing them if necessary. ==== Update installed packages:==== To update all the installed packages to their latest available versions, run: <code>sudo apt upgrade</code> This command will upgrade packages based on the updated package index. It's a good practice to run this command regularly to keep your system up to date and secure. ==== Update a specific package:==== If you want to update a specific package, use the apt install command again: <code>sudo apt install --only-upgrade <package-name></code> Replace <package-name> with the name of the package you want to update. This command will only upgrade the specified package if a newer version is available. ==== Remove a package:==== If you want to remove a package, use the apt remove command followed by the package name: <code>sudo apt remove <package-name></code> Replace <package-name> with the name of the package you want to remove. Note that this command does not remove the package's configuration files. If you want to remove the package along with its configuration files, use the apt purge command instead: <code>sudo apt purge <package-name></code> ===== '''dpkg''' remove===== <code>dpkg -l | grep steam</code> * returns/output <pre> rc steam:i386 1:1.0.0.74-1ubuntu2 i386 Valve's Steam digital software delivery system rc steam-launcher 1:1.0.0.76 all Launcher for the Steam software distribution service </pre> <code>apt remove steam:i386</code> * return output <pre>Package 'steam:i386' is not installed, so not removed</pre> The '''dpkg -l | grep steam''' command shows that the '''steam:i386''' and '''steam-launcher''' packages are installed on your system, but when you try to remove them using the '''apt remove''' command, you get a message that the packages are not installed. This can happen if the packages were installed manually using a different method than the standard apt package manager. In this case, the packages were likely installed manually by downloading and installing the Steam installer from the Steam website. To remove the Steam packages that are installed manually, you can run the following commands: <code>sudo dpkg -r steam:i386</code> <code>sudo dpkg -r steam-launcher</code> Use '''--purge''' to remove '''config files''' <code>sudo dpkg --purge steam:i386</code> ==== Clean up unused dependencies:==== Over time, your system may accumulate unused dependency packages. You can clean up these packages using the apt autoremove command: <code>sudo apt autoremove</code> This command will remove any packages that were installed as dependencies but are no longer needed by any installed software. ==== Install from a <b>.deb</b> file==== To install a .deb file that you have downloaded or obtained from an external source, you can use the dpkg command. First, navigate to the directory containing the .deb file using the cd command: <code>cd /path/to/directory</code> Then, install the .deb file using the dpkg -i command: <code>sudo dpkg -i <filename.deb></code> Replace <filename.deb> with the exact name of the .deb file you want to install. Note that you can also use <b>path</b> if you do not want to <b>cd</b>:<code>sudo dpkg -i /path/to/program.deb</code> Note that if the .deb package has any unmet dependencies, the installation may fail. To resolve this issue and automatically install any missing dependencies, you can run the following command: <code>sudo apt-get install -f</code> or <code>sudo apt install -f</code> This will install any missing dependencies and complete the installation of the .deb package. ===Managing Package Repositories=== :* Introduction to Package Repositories : Package repositories are online servers that store software packages for installation and updates on Ubuntu systems. Ubuntu uses the Advanced Package Tool (APT) to manage these repositories. The default repositories include Main, Universe, Restricted, and Multiverse. You can also add third-party repositories (PPAs) for additional software. Default Repositories :* Main: Officially supported, open-source software maintained by Canonical. :* Universe: Community-maintained open-source software. :* Restricted: Proprietary drivers and software required for hardware compatibility. :* Multiverse: Software not compliant with the Ubuntu licensing policies. :* Updating Package List : Before installing new packages, you should update the package list to fetch the latest information from the repositories. :* Open a terminal (Ctrl+Alt+T) :* Run the following command: <code>sudo apt update</code> : Adding a Personal Package Archive (PPA) : PPAs are third-party repositories that contain software not available in the default repositories. :* To add a PPA, open a terminal and type: <code>sudo add-apt-repository ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> ====Removing a PPA==== :* To remove a PPA, open a terminal and type: <code>sudo add-apt-repository --remove ppa:user/ppa-name</code> Replace "user" and "ppa-name" with the appropriate values. Update the package list: <code>sudo apt update</code> <div class="toccolours mw-collapsible mw-collapsed"> Example: Finding the '''ppa:user/ppa-name''' to remove: <div class="mw-collapsible-content"> * when i try an '''apt update''' <pre> The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 Reading package lists... Done W: GPG error: https://repo.steampowered.com/steam stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 E: The repository 'https://repo.steampowered.com/steam stable InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. </pre> * Finding the '''package's''' and the '''repository''' : Check which packages are installed from the repository with the following command: <code>dpkg --list | grep steam</code> : Remove any packages that are installed from the repository with the following command: <code>sudo apt-get remove --purge <package-name></code> : Find repository's <code>ls -l /etc/apt/sources.list.d/</code> * Returns: <pre> -rw-r--r-- 1 root root 296 Mar 1 18:55 steam-beta.list -rw-r--r-- 1 root root 228 Mar 1 18:55 steam-stable.list </pre> <code>cat /etc/apt/sources.list.d/steam-stable.list</code> * returns: <pre> deb [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ stable steam deb-src [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ stable steam </pre> <code>cat /etc/apt/sources.list.d/steam-beta.list</code> * returns: <pre> # Uncomment these lines to try the beta version of the Steam launcher #deb [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ beta steam #deb-src [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ beta steam </pre> * Note: In '''steam-beta.list''' the lines are commented out with '''#''' at the beginning of the line. * You can comment out the lines in '''steam-stable.list''' and '''sudo apt update''' * Or you can delete the file '''steam-stable.list''' and '''sudo apt update''' </div> </div> ====Editing Repository Configuration Files==== The repository configuration files are stored in the '''/etc/apt/sources.list''' file and the files inside '''/etc/apt/sources.list.d/''' directory. :* To edit the sources.list file, open a terminal and type: <code>sudo nano /etc/apt/sources.list</code> Make the necessary changes, save (Ctrl+O), and exit (Ctrl+X). Update the package list: <code>sudo apt update</code> ====Managing Repositories with Software & Updates==== :* You can also manage repositories using the Software & Updates application. :* Open the application by searching "Software & Updates" in the applications menu. :* In the "Ubuntu Software" tab, you can enable or disable the default repositories. :* In the "Other Software" tab, you can add, edit, or remove third-party repositories. :* After making changes, click "Close" and then click "Reload" to update the package list. By following this tutorial, you'll be able to manage package repositories on your Ubuntu system, adding or removing PPAs as needed to install or update software. ====Dependency Management==== In Ubuntu, software packages often rely on other packages to function properly. These required packages are called dependencies. The Advanced Package Tool (APT) automatically handles dependency management, ensuring that all required packages are installed or updated when you install, update, or remove a package. ===== Installing a Package and Its Dependencies===== : When you install a package using APT, it automatically resolves and installs the dependencies. :* Open a terminal (Ctrl+Alt+T) :* Install a package and its dependencies using the following command: <code>sudo apt install package-name</code> : Replace "package-name" with the appropriate package name. :* Updating Packages and Dependencies : APT also manages the dependencies while updating packages. :* To update all installed packages and their dependencies, run the following command: <code>sudo apt update && sudo apt upgrade</code> ===== Removing a Package and Unused Dependencies===== : When you remove a package, APT will not automatically remove its dependencies if they are no longer required. To remove unused dependencies, use the 'autoremove' command. :* To remove a package and its unused dependencies, run: <code>sudo apt remove package-name && sudo apt autoremove</code> :* Replace "package-name" with the appropriate package name. :* Fixing Broken Dependencies : Sometimes, you may encounter broken dependencies due to various reasons, such as interrupted installations or package conflicts. You can use APT to fix these issues. :* To fix broken dependencies, run the following commands: <pre> sudo apt update sudo apt install -f </pre> ===== Listing Dependencies of a Package ===== : You can use the '''apt-cache''' command to list the dependencies of a specific package without installing it. :* To list the dependencies, run: <code>apt-cache depends package-name</code> :* Replace "package-name" with the appropriate package name. ===== Listing Reverse Dependencies===== : Reverse dependencies are packages that depend on a specific package. You can list them using the 'apt-cache' command. :* To list reverse dependencies, run: <code>apt-cache rdepends package-name</code> Replace "package-name" with the appropriate package name. ====Create a deb package==== ====Create deb repository==== ===Snaps=== Ubuntu Snap packages are a universal packaging format designed to work across different Linux distributions. Snap packages are self-contained and automatically updated, which makes them a convenient choice for both sysadmins and new users. Here's an in-depth guide to help you understand and use Snap packages in Ubuntu: ==== Installation of Snapd:==== Before you can manage Snap packages, you need to have the snapd service installed on your Ubuntu system. It usually comes pre-installed on recent versions of Ubuntu. Check <b>snapd</b> is installed on your system with:<br> <code>snap --version</code> However, if it's not installed, you can install it using the following command: <pre> sudo apt update sudo apt install snapd </pre> ==== Searching for Snap packages:==== To search for available Snap packages, use the snap find command followed by a keyword: <code>snap find <keyword></code> Replace <keyword> with the name or keyword related to the package you are looking for. ==== Installing Snap packages:==== To install a Snap package, use the snap install command: <code>sudo snap install <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to install. ==== Listing installed Snap packages:==== To see a list of installed Snap packages on your system, use the snap list command: <code>snap list</code> ==== Updating Snap packages==== Snap packages are updated automatically by default. However, if you want to manually update a specific Snap package, you can use the snap refresh command: <code>sudo snap refresh <snap-package-name></code> To update all Snap packages on your system, simply run: <code>sudo snap refresh</code> ==== Removing Snap packages==== To remove an installed Snap package, use the snap remove command: <code>sudo snap remove <snap-package-name></code> Replace <snap-package-name> with the exact name of the Snap package you want to remove. ==== Removing Snap and also delete the package's data and configuration files==== <code>snap remove --purge example_package</code> : The --purge option is used to specify that you not only want to remove the snap package, but also to delete its associated data and configuration files. This option helps ensure that all remnants of the package are removed from your system, providing a clean uninstall. ====Managing Snap package services==== Some Snap packages provide system services. You can manage these services using the snap services command: <code>snap services</code> This will list all services provided by installed Snap packages. To start, stop, restart, or check the status of a Snap service, use the following commands: <pre> sudo snap start <snap-package-name> sudo snap stop <snap-package-name> sudo snap restart <snap-package-name> sudo snap status <snap-package-name> </pre> Replace <snap-package-name> with the exact name of the Snap package containing the service you want to manage. ====Snap package channels==== Snap packages are distributed through different channels, such as stable, candidate, beta, and edge. By default, the stable channel is used. To install a Snap package from a specific channel, use the --channel option: <code>sudo snap install <snap-package-name> --channel=<channel-name></code> Replace <snap-package-name> with the name of the Snap package and <channel-name> with the desired channel (e.g., stable, candidate, beta, or edge). For more information and advanced options, you can refer to the official Snapcraft documentation: https://snapcraft.io/docs ====Create a snap package==== ===AppImage=== ====Using Terminal==== * Make executable <code>chmod +x program.AppImage</code> * Run <code>./program.AppImage</code> ===Flatpak=== rbkethdvh9vdebe1ag0u7s1a6z2vi97 0 92 345 2023-04-19T23:20:21Z imported>AwesomO 0 Created page with " :'''Setting up Nginx for File Sharing''' ::*[[Nginx_File_Sharing_Ubuntu_with_DNS|Nginx setup for file sharing if you have a DNS Domain]]<br> ::*[[Nginx_File_Sharing_Ubuntu_without_DNS|Nginx setup for file sharing if you do not have a DNS Domain and will use the IP Address]]<br>" 345 wikitext text/x-wiki :'''Setting up Nginx for File Sharing''' ::*[[Nginx_File_Sharing_Ubuntu_with_DNS|Nginx setup for file sharing if you have a DNS Domain]]<br> ::*[[Nginx_File_Sharing_Ubuntu_without_DNS|Nginx setup for file sharing if you do not have a DNS Domain and will use the IP Address]]<br> 8x3z3t3ikinkkf0rf9qlq2h2eowps5s 0 94 347 2023-04-20T02:27:42Z imported>AwesomO 0 Created page with " The square root of a number is a value that, when multiplied by itself, gives the original number. In mathematical terms, the square root of a number x is denoted as √x or x^(1/2). For example, the square root of 9 is 3 because 3 * 3 = 9. In this tutorial, we will cover the concept of square roots, different methods to find the square root of a number, examples, and exam-style questions with answers. Methods to Find the Square Root ==1. Prime Factorization== To fin..." 347 wikitext text/x-wiki The square root of a number is a value that, when multiplied by itself, gives the original number. In mathematical terms, the square root of a number x is denoted as √x or x^(1/2). For example, the square root of 9 is 3 because 3 * 3 = 9. In this tutorial, we will cover the concept of square roots, different methods to find the square root of a number, examples, and exam-style questions with answers. Methods to Find the Square Root ==1. Prime Factorization== To find the square root of a number using prime factorization, follow these steps: :* Find the prime factors of the given number. :* Pair the prime factors in groups of two identical factors. :* Multiply one factor from each pair to find the square root. Example: Find the square root of 36. :* Prime factors of 36: 2 * 2 * 3 * 3 :* Pair the prime factors: (2 * 2) * (3 * 3) :* Multiply one factor from each pair: 2 * 3 = 6 So, the square root of 36 is 6. ==2. Long Division Method== The long division method is a technique used to find the square root of a number with decimal places. Example: Find the square root of 50. :* Pair the digits from the right: (50) :* Find the largest number whose square is less than or equal to 50: 7 (7 * 7 = 49) :* Subtract the result from 50: 50 - 49 = 1 :* Bring down the next pair of digits (if any) and repeat the process. So, the square root of 50 is approximately 7. <div class="toccolours mw-collapsible mw-collapsed"> Finding the square root of 50 using the long division method: <div class="mw-collapsible-content"> :* Step 1: Write the number 50 and separate the digits into pairs starting from the right. Since there are no decimal places, we only have one pair (50). <pre> 50 </pre> :* Step 2: Find the largest number whose square is less than or equal to the first pair (50). In this case, the largest number is 7, as 7 * 7 = 49, which is less than or equal to 50. Write 7 above the pair and write 49 below the pair. <pre> 7 ------- | 50 49 ------- </pre> :* Step 3: Subtract 49 from 50 and write the remainder below. <pre> 7 ------- | 50 49 ------- 1 </pre> :* Step 4: Since there are no more digits to bring down, we can proceed to calculate the decimal places. Add a decimal point to the quotient (7), and add a pair of zeros to the remainder. Bring down the pair of zeros. <pre> 7. ------- | 50.00 49 ------- 1 00 </pre> :* Step 5: Double the quotient (7) and write it to the left of the remainder. Treat this doubled value as a single entity (in this case, 14). Find a digit (x) that, when combined with the doubled value (14), creates a number (14x) that can be multiplied by x to get a product less than or equal to the remainder (100). In this case, x = 1, as 141 * 1 = 141, which is less than or equal to 100. Write the 1 in the quotient after the decimal point and write 141 below the 100. <pre> 7.1 ------- | 50.00 49 ------- 1 00 141 ------- </pre> :* Step 6: Subtract 141 from 100 and write the remainder below. <pre> 7.1 ------- | 50.00 49 ------- 1 00 141 ------- 59 </pre> :* Step 7: Bring down the next pair of zeros (if necessary) and continue the process to find more decimal places. In this example, we will stop at one decimal place. So, the square root of 50 is approximately 7.1 using the long division method. You can continue this process to find more decimal places if needed. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Finding the square root of 33 using the long division method: <div class="mw-collapsible-content"> :* Step 1: Write the number 33 and separate the digits into pairs starting from the right. Since there are no decimal places, we only have one pair (33). <pre> 33 </pre> :* Step 2: Find the largest number whose square is less than or equal to the first pair (33). In this case, the largest number is 5, as 5 * 5 = 25, which is less than or equal to 33. Write 5 above the pair and write 25 below the pair. <pre> 5 ------- | 33 25 ------- </pre> :* Step 3: Subtract 25 from 33 and write the remainder below. <pre> 5 ------- | 33 25 ------- 8 </pre> :* Step 4: Since there are no more digits to bring down, we can proceed to calculate the decimal places. Add a decimal point to the quotient (5), and add a pair of zeros to the remainder. Bring down the pair of zeros. <pre> 5. ------- | 33.00 25 ------- 8 00 </pre> :* Step 5: Double the quotient (5) and write it to the left of the remainder. Treat this doubled value as a single entity (in this case, 10). Find a digit (x) that, when combined with the doubled value (10), creates a number (10x) that can be multiplied by x to get a product less than or equal to the remainder (800). In this case, x = 7, as 107 * 7 = 749, which is less than or equal to 800. Write the 7 in the quotient after the decimal point and write 749 below the 800. <pre> 5.7 ------- | 33.00 25 ------- 8 00 749 ------- </pre> :* Step 6: Subtract 749 from 800 and write the remainder below. <pre> 5.7 ------- | 33.00 25 ------- 8 00 749 ------- 51 </pre> :* Step 7: Bring down the next pair of zeros and continue the process to find more decimal places. In this example, we will find 2 more decimal places. <pre> 5.7 ------- | 33.00 25 ------- 8 00 749 ------- 51 00 </pre> :* Step 8: Double the quotient without the decimal (57) and write it to the left of the remainder. Treat this doubled value as a single entity (in this case, 114). Find a digit (x) that, when combined with the doubled value (114), creates a number (114x) that can be multiplied by x to get a product less than or equal to the remainder (5100). In this case, x = 4, as 1144 * 4 = 4576, which is less than or equal to 5100. Write the 4 in the quotient after the 7 and write 4576 below the 5100. <pre> 5.74 ------- | 33.00 25 ------- 8 00 749 ------- 51 00 4576 ------- </pre> :* 9: Subtract 4576 from 5100 and write the remainder below. <pre> 5.74 ------- | 33.00 25 ------- 8 00 749 ------- 51 00 4576 ------- 524 </pre> :* Step 10: Bring down the next pair of zeros and continue the process to find more decimal places. In this example, we will find 1 more decimal place. <pre> 5.74 ------- | 33.00 25 ------- 8 00 749 ------- 51 00 4576 ------- 524 00 </pre> :* Step 11: Double the quotient without the decimal (574) and write it to the left of the remainder. Treat this doubled value as a single entity (in this case, 1148). Find a digit (x) that, when combined with the doubled value (1148), creates a number (1148x) that can be multiplied by x to get a product less than or equal to the remainder (52400). In this case, x = 4, as 11484 * 4 = 45936, which is less than or equal to 52400. Write the 4 in the quotient after the second 4 and write 45936 below the 52400. <pre> 5.744 ------- | 33.00 25 ------- 8 00 749 ------- 51 00 4576 ------- 524 00 45936 ------- </pre> :* Step 12: Subtract 45936 from 52400 and write the remainder below. <pre> 5.744 ------- | 33.00 25 ------- 8 00 749 ------- 51 00 4576 ------- 524 00 45936 ------- 6464 </pre> Now we have calculated the square root of 33 with three decimal places (5.744). </div> </div> 42s0lt2h8r0of82srog7g73v4pkti4t 434 347 2023-05-16T11:42:47Z Noob 1 Noob moved page [[Square root]] to [[DICTIONARY Square root]] without leaving a redirect 347 wikitext text/x-wiki The square root of a number is a value that, when multiplied by itself, gives the original number. In mathematical terms, the square root of a number x is denoted as √x or x^(1/2). For example, the square root of 9 is 3 because 3 * 3 = 9. In this tutorial, we will cover the concept of square roots, different methods to find the square root of a number, examples, and exam-style questions with answers. Methods to Find the Square Root ==1. Prime Factorization== To find the square root of a number using prime factorization, follow these steps: :* Find the prime factors of the given number. :* Pair the prime factors in groups of two identical factors. :* Multiply one factor from each pair to find the square root. Example: Find the square root of 36. :* Prime factors of 36: 2 * 2 * 3 * 3 :* Pair the prime factors: (2 * 2) * (3 * 3) :* Multiply one factor from each pair: 2 * 3 = 6 So, the square root of 36 is 6. ==2. Long Division Method== The long division method is a technique used to find the square root of a number with decimal places. Example: Find the square root of 50. :* Pair the digits from the right: (50) :* Find the largest number whose square is less than or equal to 50: 7 (7 * 7 = 49) :* Subtract the result from 50: 50 - 49 = 1 :* Bring down the next pair of digits (if any) and repeat the process. So, the square root of 50 is approximately 7. <div class="toccolours mw-collapsible mw-collapsed"> Finding the square root of 50 using the long division method: <div class="mw-collapsible-content"> :* Step 1: Write the number 50 and separate the digits into pairs starting from the right. Since there are no decimal places, we only have one pair (50). <pre> 50 </pre> :* Step 2: Find the largest number whose square is less than or equal to the first pair (50). In this case, the largest number is 7, as 7 * 7 = 49, which is less than or equal to 50. Write 7 above the pair and write 49 below the pair. <pre> 7 ------- | 50 49 ------- </pre> :* Step 3: Subtract 49 from 50 and write the remainder below. <pre> 7 ------- | 50 49 ------- 1 </pre> :* Step 4: Since there are no more digits to bring down, we can proceed to calculate the decimal places. Add a decimal point to the quotient (7), and add a pair of zeros to the remainder. Bring down the pair of zeros. <pre> 7. ------- | 50.00 49 ------- 1 00 </pre> :* Step 5: Double the quotient (7) and write it to the left of the remainder. Treat this doubled value as a single entity (in this case, 14). Find a digit (x) that, when combined with the doubled value (14), creates a number (14x) that can be multiplied by x to get a product less than or equal to the remainder (100). In this case, x = 1, as 141 * 1 = 141, which is less than or equal to 100. Write the 1 in the quotient after the decimal point and write 141 below the 100. <pre> 7.1 ------- | 50.00 49 ------- 1 00 141 ------- </pre> :* Step 6: Subtract 141 from 100 and write the remainder below. <pre> 7.1 ------- | 50.00 49 ------- 1 00 141 ------- 59 </pre> :* Step 7: Bring down the next pair of zeros (if necessary) and continue the process to find more decimal places. In this example, we will stop at one decimal place. So, the square root of 50 is approximately 7.1 using the long division method. You can continue this process to find more decimal places if needed. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Finding the square root of 33 using the long division method: <div class="mw-collapsible-content"> :* Step 1: Write the number 33 and separate the digits into pairs starting from the right. Since there are no decimal places, we only have one pair (33). <pre> 33 </pre> :* Step 2: Find the largest number whose square is less than or equal to the first pair (33). In this case, the largest number is 5, as 5 * 5 = 25, which is less than or equal to 33. Write 5 above the pair and write 25 below the pair. <pre> 5 ------- | 33 25 ------- </pre> :* Step 3: Subtract 25 from 33 and write the remainder below. <pre> 5 ------- | 33 25 ------- 8 </pre> :* Step 4: Since there are no more digits to bring down, we can proceed to calculate the decimal places. Add a decimal point to the quotient (5), and add a pair of zeros to the remainder. Bring down the pair of zeros. <pre> 5. ------- | 33.00 25 ------- 8 00 </pre> :* Step 5: Double the quotient (5) and write it to the left of the remainder. Treat this doubled value as a single entity (in this case, 10). Find a digit (x) that, when combined with the doubled value (10), creates a number (10x) that can be multiplied by x to get a product less than or equal to the remainder (800). In this case, x = 7, as 107 * 7 = 749, which is less than or equal to 800. Write the 7 in the quotient after the decimal point and write 749 below the 800. <pre> 5.7 ------- | 33.00 25 ------- 8 00 749 ------- </pre> :* Step 6: Subtract 749 from 800 and write the remainder below. <pre> 5.7 ------- | 33.00 25 ------- 8 00 749 ------- 51 </pre> :* Step 7: Bring down the next pair of zeros and continue the process to find more decimal places. In this example, we will find 2 more decimal places. <pre> 5.7 ------- | 33.00 25 ------- 8 00 749 ------- 51 00 </pre> :* Step 8: Double the quotient without the decimal (57) and write it to the left of the remainder. Treat this doubled value as a single entity (in this case, 114). Find a digit (x) that, when combined with the doubled value (114), creates a number (114x) that can be multiplied by x to get a product less than or equal to the remainder (5100). In this case, x = 4, as 1144 * 4 = 4576, which is less than or equal to 5100. Write the 4 in the quotient after the 7 and write 4576 below the 5100. <pre> 5.74 ------- | 33.00 25 ------- 8 00 749 ------- 51 00 4576 ------- </pre> :* 9: Subtract 4576 from 5100 and write the remainder below. <pre> 5.74 ------- | 33.00 25 ------- 8 00 749 ------- 51 00 4576 ------- 524 </pre> :* Step 10: Bring down the next pair of zeros and continue the process to find more decimal places. In this example, we will find 1 more decimal place. <pre> 5.74 ------- | 33.00 25 ------- 8 00 749 ------- 51 00 4576 ------- 524 00 </pre> :* Step 11: Double the quotient without the decimal (574) and write it to the left of the remainder. Treat this doubled value as a single entity (in this case, 1148). Find a digit (x) that, when combined with the doubled value (1148), creates a number (1148x) that can be multiplied by x to get a product less than or equal to the remainder (52400). In this case, x = 4, as 11484 * 4 = 45936, which is less than or equal to 52400. Write the 4 in the quotient after the second 4 and write 45936 below the 52400. <pre> 5.744 ------- | 33.00 25 ------- 8 00 749 ------- 51 00 4576 ------- 524 00 45936 ------- </pre> :* Step 12: Subtract 45936 from 52400 and write the remainder below. <pre> 5.744 ------- | 33.00 25 ------- 8 00 749 ------- 51 00 4576 ------- 524 00 45936 ------- 6464 </pre> Now we have calculated the square root of 33 with three decimal places (5.744). </div> </div> 42s0lt2h8r0of82srog7g73v4pkti4t 0 95 348 2023-04-20T02:37:42Z imported>AwesomO 0 Created page with "To concatenate means to join two or more strings, arrays, or other data structures together to form a single, combined unit. This action is frequently employed in programming languages and software applications when working with text or data. For example, consider the two strings "Hello" and "World". When concatenated, they form a new string: "HelloWorld". In many programming languages, the '+' operator or specific functions are used to concatenate strings or arrays." 348 wikitext text/x-wiki To concatenate means to join two or more strings, arrays, or other data structures together to form a single, combined unit. This action is frequently employed in programming languages and software applications when working with text or data. For example, consider the two strings "Hello" and "World". When concatenated, they form a new string: "HelloWorld". In many programming languages, the '+' operator or specific functions are used to concatenate strings or arrays. 3nk4ca83or97j8n6y9h4kgz57i5398g 419 348 2023-05-11T19:06:55Z Noob 1 Noob moved page [[Dictionary concatenate]] to [[DICTIONARY concatenate]] without leaving a redirect 348 wikitext text/x-wiki To concatenate means to join two or more strings, arrays, or other data structures together to form a single, combined unit. This action is frequently employed in programming languages and software applications when working with text or data. For example, consider the two strings "Hello" and "World". When concatenated, they form a new string: "HelloWorld". In many programming languages, the '+' operator or specific functions are used to concatenate strings or arrays. 3nk4ca83or97j8n6y9h4kgz57i5398g 0 96 349 2023-04-20T02:41:03Z imported>AwesomO 0 Created page with "SIGHUP, or Signal Hangup, is a signal used in Unix and Unix-like operating systems to indicate that a controlling terminal or process has been disconnected. The term "hangup" comes from the days of dial-up modems when a user would physically hang up the phone to disconnect from a remote system. In the context of modern operating systems, SIGHUP is used for various purposes, including process control, configuration updates, and the proper termination of processes when the..." 349 wikitext text/x-wiki SIGHUP, or Signal Hangup, is a signal used in Unix and Unix-like operating systems to indicate that a controlling terminal or process has been disconnected. The term "hangup" comes from the days of dial-up modems when a user would physically hang up the phone to disconnect from a remote system. In the context of modern operating systems, SIGHUP is used for various purposes, including process control, configuration updates, and the proper termination of processes when the controlling terminal is closed. When a process receives a SIGHUP signal, it usually indicates that the controlling terminal or parent process has been closed or terminated. By default, when a process receives a SIGHUP signal, it will terminate itself. However, processes can be programmed to catch and handle the SIGHUP signal in a specific way, such as re-reading their configuration files or performing a graceful shutdown. This allows developers to ensure that important data is saved, resources are released, or any other necessary cleanup is performed before the process exits. For example, many Unix daemons (background processes) use SIGHUP to trigger a reload of their configuration files. When the daemon receives a SIGHUP signal, it reads the updated configuration without needing to be restarted. This is useful for making changes to a running system without disrupting its operation. To send a SIGHUP signal to a process, you can use the '''kill''' command with the '''-HUP''' or '''-1''' option, followed by the process ID (PID) of the target process: <code>kill -HUP <PID></code> In summary, SIGHUP is a signal in Unix and Unix-like operating systems used to notify a process that its controlling terminal or parent process has been disconnected. It can be used for process control, configuration updates, and proper termination of processes. While the default behavior is to terminate the process upon receiving a SIGHUP signal, developers can program processes to handle the signal in a custom manner. q6l642pqbpefqsn49igq3vmn9etjsoh 420 349 2023-05-11T19:07:36Z Noob 1 420 wikitext text/x-wiki '''SIGHUP''', or '''Signal Hangup''', is a signal used in Unix and Unix-like operating systems to indicate that a controlling terminal or process has been disconnected. The term "hangup" comes from the days of dial-up modems when a user would physically hang up the phone to disconnect from a remote system. In the context of modern operating systems, SIGHUP is used for various purposes, including process control, configuration updates, and the proper termination of processes when the controlling terminal is closed. When a process receives a SIGHUP signal, it usually indicates that the controlling terminal or parent process has been closed or terminated. By default, when a process receives a SIGHUP signal, it will terminate itself. However, processes can be programmed to catch and handle the SIGHUP signal in a specific way, such as re-reading their configuration files or performing a graceful shutdown. This allows developers to ensure that important data is saved, resources are released, or any other necessary cleanup is performed before the process exits. For example, many Unix daemons (background processes) use SIGHUP to trigger a reload of their configuration files. When the daemon receives a SIGHUP signal, it reads the updated configuration without needing to be restarted. This is useful for making changes to a running system without disrupting its operation. To send a SIGHUP signal to a process, you can use the '''kill''' command with the '''-HUP''' or '''-1''' option, followed by the process ID (PID) of the target process: <code>kill -HUP <PID></code> In summary, SIGHUP is a signal in Unix and Unix-like operating systems used to notify a process that its controlling terminal or parent process has been disconnected. It can be used for process control, configuration updates, and proper termination of processes. While the default behavior is to terminate the process upon receiving a SIGHUP signal, developers can program processes to handle the signal in a custom manner. bleh8yk3stey2347teljv13hef46la0 421 420 2023-05-11T19:08:00Z Noob 1 Noob moved page [[SIGHUP]] to [[DICTIONARY SIGHUP]] 420 wikitext text/x-wiki '''SIGHUP''', or '''Signal Hangup''', is a signal used in Unix and Unix-like operating systems to indicate that a controlling terminal or process has been disconnected. The term "hangup" comes from the days of dial-up modems when a user would physically hang up the phone to disconnect from a remote system. In the context of modern operating systems, SIGHUP is used for various purposes, including process control, configuration updates, and the proper termination of processes when the controlling terminal is closed. When a process receives a SIGHUP signal, it usually indicates that the controlling terminal or parent process has been closed or terminated. By default, when a process receives a SIGHUP signal, it will terminate itself. However, processes can be programmed to catch and handle the SIGHUP signal in a specific way, such as re-reading their configuration files or performing a graceful shutdown. This allows developers to ensure that important data is saved, resources are released, or any other necessary cleanup is performed before the process exits. For example, many Unix daemons (background processes) use SIGHUP to trigger a reload of their configuration files. When the daemon receives a SIGHUP signal, it reads the updated configuration without needing to be restarted. This is useful for making changes to a running system without disrupting its operation. To send a SIGHUP signal to a process, you can use the '''kill''' command with the '''-HUP''' or '''-1''' option, followed by the process ID (PID) of the target process: <code>kill -HUP <PID></code> In summary, SIGHUP is a signal in Unix and Unix-like operating systems used to notify a process that its controlling terminal or parent process has been disconnected. It can be used for process control, configuration updates, and proper termination of processes. While the default behavior is to terminate the process upon receiving a SIGHUP signal, developers can program processes to handle the signal in a custom manner. bleh8yk3stey2347teljv13hef46la0 0 97 350 2023-04-23T22:21:37Z AwesomO 5 Created page with "[[todo|Host your Wiki on Ubuntu 22.04]] [[todo|Host your Wiki in a Ubuntu 22.04 LXC Container]]" 350 wikitext text/x-wiki [[todo|Host your Wiki on Ubuntu 22.04]] [[todo|Host your Wiki in a Ubuntu 22.04 LXC Container]] 4dmunfq2up0iumxg7xf45l2rol1djwk 355 350 2023-04-23T22:28:17Z AwesomO 5 355 wikitext text/x-wiki [[todo|Host your Wiki on Ubuntu 22.04]] [[Host_Your_Own_Mediawiki_Online_-_In_Ubuntu_22.04_LXC_Container|Host your Wiki in a Ubuntu 22.04 LXC Container]] i8gpll0op3d6cjjm12h6ljkadcu1tg3 356 355 2023-04-23T22:29:13Z AwesomO 5 356 wikitext text/x-wiki :*[[Host_Your_Own_Mediawiki_Online_Ubuntu_22.04|Host your Wiki on Ubuntu 22.04]] :*[[Host_Your_Own_Mediawiki_Online_-_In_Ubuntu_22.04_LXC_Container|Host your Wiki in a Ubuntu 22.04 LXC Container]] c5ng5ppisn6817zx1pnejuu3cup8rk2 362 356 2023-04-26T01:34:55Z AwesomO 5 362 wikitext text/x-wiki :*[[Host_Your_Own_Mediawiki_Online_Ubuntu_22.04|Host your Wiki: Ubuntu 20.04 - MediaWiki 1.39 Installation and Apache2 Configuration with SSL]] :*[[Host_Your_Own_Mediawiki_Online_-_In_Ubuntu_22.04_LXC_Container|Host your Wiki in a Ubuntu 22.04 LXC Container]] ewdthokupt861c0rpmz1boh7r742jg6 363 362 2023-04-26T01:38:47Z AwesomO 5 363 wikitext text/x-wiki :*[[Host_Your_Own_Mediawiki_Online_Ubuntu_22.04|Host your Wiki: Ubuntu 20.04 - MediaWiki 1.39 Installation and Apache2 Configuration with SSL]] :*[[Host_Your_Own_Mediawiki_Online_-_In_Ubuntu_22.04_LXC_Container|Host your Wiki - Ubuntu 22.04 with LXD 5.13 - Setting Up an LXC Ubuntu 22.04 Container for MediaWiki, Apache2, SSL, sSMTP, and Fail2Ban]] 87cpln2ttgu93tyha2ssrjhfdewezgz 0 98 351 2023-04-23T22:22:32Z AwesomO 5 Created page with "==Creating a MediaWiki Server on Ubuntu with Apache2== ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two T..." 351 wikitext text/x-wiki ==Creating a MediaWiki Server on Ubuntu with Apache2== ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>usermod -c</code>: <div class="mw-collapsible-content"> The "usermod" command in Linux is used to modify user account details. The "-c" option in the "usermod" command is used to change the comment (or description) field associated with a user account. Specifically, when you run the command "usermod -c <comment> <username>", it will update the comment field of the user account associated with the given username to the specified comment. The comment is typically used to provide additional information about the user, such as their full name, job title, or department. For example, if you run the command "usermod -c 'John Smith' john", it will update the comment field for the user account "john" to "John Smith". You can then use tools like the "finger" command to display this information, e.g., "finger john". </div> </div> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===Create Swap space on server=== <div class="toccolours mw-collapsible mw-collapsed"> What are the benifits of having '''swap space''' on your server: <div class="mw-collapsible-content"> Having a swap space on your server can provide several benefits, including: :* Improved system stability: When your server runs out of RAM, it can cause instability and even crashes. Swap space provides a safety net by allowing the operating system to move inactive data from RAM to disk, freeing up RAM for more active processes. :* Increased memory availability: Swap space can provide additional virtual memory to the system, allowing it to handle more demanding workloads than it could with just physical memory alone. :* Enhanced performance: While swap space is not as fast as physical memory, it can help prevent thrashing, which is when the operating system spends too much time swapping data between RAM and disk. By providing an additional layer of memory, swap space can improve overall system performance. :* More flexibility: Swap space allows you to allocate memory resources more efficiently. For example, you can configure your system to have a smaller amount of physical memory and a larger swap space, or vice versa, depending on your specific workload and requirements. :* Improved application availability: In some cases, applications may require a certain amount of available memory to function properly. Having swap space can ensure that the system has enough memory to keep these applications running even when physical memory is low. Overall, having swap space on your server can provide a valuable safety net and help improve system stability and performance. </div> </div> ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===auto update server=== [[Ubuntu_unattended-upgrades|View here for more info on Ubuntu unattended upgrades]]<br> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install Apache2=== <code>apt install apache2</code> Can now visit your domain in browser to check it works:<br> Make sure you use '''http''' and Not '''https''' as not yet configured. ====CertBot LetsEncrypt '''''https'''''==== Install certbot<br \> <code>snap install certbot --classic</code><br \> Create Cert<br \> <code>certbot --apache -d completenoobs.com -d www.completenoobs.com</code><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ===Install MediaWiki=== <code>apt install mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/noobs</code> <code>chown -R www-data:www-data /var/www/html/noobs</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ===Config Apache2=== ==== Create a Apache2 Config file for your site==== <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@completenoobs.com # Redirect Requests to SSL Redirect permanent "/" "https://www.completenoobs.com" </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/noobs ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined # Path from certbot can be found in 000-default-le-ssl.conf <Directory /var/www/html/noobs> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> </VirtualHost> </IfModule> </pre> ====Edit '''"000-default-le-ssl.conf"''' created by certbot to correct path==== <code>$EDITOR /etc/apache2/sites-enabled/000-default-le-ssl.conf</code> Change the '''DocumentRoot''' path to your mediawiki directory. :* <code>DocumentRoot /var/www/html</code> : To :* <code>DocumentRoot /var/www/html/noobs</code> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName noblemage.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.noblemage.com SSLCertificateFile /etc/letsencrypt/live/noblemage.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/noblemage.com/privkey.pem </VirtualHost> </IfModule> </pre> <div class="toccolours mw-collapsible mw-collapsed"> After Change <code>/etc/apache2/sites-enabled/000-default-le-ssl.conf</code>: <div class="mw-collapsible-content"> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html/noobs # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName noblemage.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.noblemage.com SSLCertificateFile /etc/letsencrypt/live/noblemage.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/noblemage.com/privkey.pem </VirtualHost> </IfModule> </pre> </div> </div> ====Reload Apache2==== <code>a2dissite 000-default</code> <div class="toccolours mw-collapsible mw-collapsed"> a2dissite 000-default: <div class="mw-collapsible-content"> To disable the default Apache site on a Debian-based system like Ubuntu, you can use the '''a2dissite''' command. The default site configuration is usually named '''000-default.conf'''. To re-enable use <code>a2ensite 000-default</code> </div> </div> <code>a2ensite completenoobs.com</code> <div class="toccolours mw-collapsible mw-collapsed"> a2ensite completenoobs.com: <div class="mw-collapsible-content"> '''a2ensite''' is a command-line utility in Debian-based systems, like Ubuntu, that enables a specific site configuration in the Apache web server. The term a2ensite is derived from "Apache 2 Enable Site." When you create a new virtual host configuration file for your website in the '''/etc/apache2/sites-available/''' directory, you need to enable it for Apache to start serving the site. The a2ensite command is used to enable a site by creating a symbolic link from the '''sites-available''' directory to the '''sites-enabled''' directory. Here's how to use a2ensite: : Create a virtual host configuration file for your website in the /etc/apache2/sites-available/ directory. For example: <code>sudo nano /etc/apache2/sites-available/mywebsite.conf</code> Replace mywebsite with the name of your website or domain. Add the appropriate configuration to the virtual host file, and save it. Use the a2ensite command to enable the new site configuration: <code>sudo a2ensite mywebsite</code> Replace mywebsite with the name of your website or domain (without the .conf extension). </div> </div> <code>a2enmod ssl</code> <div class="toccolours mw-collapsible mw-collapsed"> a2enmod ssl: <div class="mw-collapsible-content"> '''a2enmod ssl''' is a command used to enable the '''ssl''' module in the Apache web server on Debian-based systems, like Ubuntu. The ssl module provides support for SSL/TLS encryption, which is necessary for serving websites securely over HTTPS. </div> </div> <code>a2enmod headers</code> <div class="toccolours mw-collapsible mw-collapsed"> a2enmod headers: <div class="mw-collapsible-content"> '''a2enmod''' is a command-line utility in Debian-based systems, like Ubuntu, used to enable Apache modules. The term a2enmod is derived from "Apache 2 Enable Module." headers is an Apache module that allows you to manipulate HTTP response headers sent back to clients. It is commonly used to add, modify, or remove response headers in various situations, such as implementing security headers, cache control, or Content Security Policy (CSP). The command '''a2enmod headers''' is used to enable the headers module in the Apache web server. Once the module is enabled, you can use its features in your Apache configuration files (e.g., .htaccess or httpd.conf). Here's a step-by-step explanation of the command: :* a2enmod: This is the utility you are using to enable Apache modules. :* headers: This is the specific Apache module you want to enable. </div> </div> <code>apache2ctl configtest</code> <div class="toccolours mw-collapsible mw-collapsed"> apache2ctl configtest: <div class="mw-collapsible-content"> '''apache2ctl configtest''' is a command used to check the syntax of your Apache configuration files without actually restarting the server. This is useful for detecting any syntax errors or issues in your configuration files before applying changes to the running server. </div> </div> <code>systemctl restart apache2</code> ==Check Wiki Working== ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ===LocalSettings.php Launch Wiki=== Send the Downloaded '''LocalSettings.php''' file to your server's mediawiki directory: <code>scp Downloads/LocalSettings.php root@www.completenoobs.com:/var/www/html/noobs/</code> And revisit you site on Browser <code>www.completenoobs.com</code><br> '''''Welcome to your wiki''''' ==Customize and Config your Wiki== ===Setup Email Config=== <code>$EDITOR /var/www/html/noobs/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>scp completenoobs-logo.png root@www.completenoobs.com:/var/www/html/noobs/resources/assets/</code><br> Back in Server edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/noobs/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/noobs/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/noobs/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/noobs/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. :* <code>wget https://extdist.wmflabs.org/dist/extensions/PageNotice-REL1_39-bf69636.tar.gz</code> :* <code>tar zxvf PageNotice-REL1_39-bf69636.tar.gz -C /var/www/html/noobs/extensions/</code> in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===EmbedVideo=== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/noobs/extensions/</code><br> <br> <code>mv /var/www/html/noobs/extensions/EmbedVideo-v2.9.0 /var/www/html/noobs/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/noobs/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ===Syntax highlighting not working=== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> ==Policy Pages== ==Remove '''index.php''' from '''URL'''== mediawiki remove index.php path of wiki is /var/www/html/noobs/ i want apache to show completenoobs.com/noobs/Main_Page To remove the "index.php" from the URLs of your MediaWiki installation, you need to enable pretty URLs using the .htaccess file and modify your LocalSettings.php. Here's how you can do that: === Create or modify the .htaccess file=== First, navigate to your MediaWiki root folder, in your case /var/www/html/noobs/. If you don't have a .htaccess file, create one in this folder. Then, add the following content to the .htaccess file: <pre> RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php/$1 [L,QSA] </pre> This code enables the Apache rewrite engine and tells it to redirect requests that don't match existing files or directories to the index.php file. === Modify the LocalSettings.php file:=== Next, you'll need to modify the LocalSettings.php file, which should be located in your MediaWiki root folder (/var/www/html/noobs/). Add or modify the following lines: <pre> $wgScriptPath = "/noobs"; $wgArticlePath = "{$wgScriptPath}/$1"; $wgUsePathInfo = true; </pre> * note: you should already have <code>$wgScriptPath = "/noobs";</code> in LocalSettings.php This code sets the base path for your wiki (/noobs), defines the article path pattern, and enables the use of path info. === Enable the Apache mod_rewrite module=== <code>root@noobs:/var/www/html/noobs# cat /etc/apache2/sites-available/000-default-le-ssl.conf </code> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName completenoobs.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.completenoobs.com SSLCertificateFile /etc/letsencrypt/live/completenoobs.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/completenoobs.com/privkey.pem </VirtualHost> </IfModule> </pre> Add <pre> <Directory /var/www/html/noobs> Options FollowSymLinks AllowOverride All Require all granted </Directory> </pre> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined <Directory /var/www/html/noobs> Options FollowSymLinks AllowOverride All Require all granted </Directory> # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName completenoobs.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.completenoobs.com SSLCertificateFile /etc/letsencrypt/live/completenoobs.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/completenoobs.com/privkey.pem </VirtualHost> </IfModule> </pre> Make sure the mod_rewrite module is enabled in your Apache configuration. You can enable it by running the following command: <code>sudo a2enmod rewrite</code> After enabling the module, restart Apache: <code>sudo systemctl restart apache2</code> Now, your MediaWiki installation should use pretty URLs without "index.php" in the path. In your case, it will show URLs like completenoobs.com/noobs/Main_Page. ==Fail2Ban - optional== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/noobs/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> :* [[Text_Editing_and_Processing#Regular_expressions_(regex)|Basic Regex Guide]] <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Sitemap for search engines== :* Command to be run in your mediawiki directory :* <code>cd /var/www/html/noobs</code> <pre> php maintenance/generateSitemap.php --memory-limit=50M --fspath=/var/www/html/noobs/sitemap/ --identifier=completenoobs --urlpath=www.completenoobs.com/sitemap/ --server=https://www.completenoobs.com --compress=yes --skip-redirects </pre> :* There should now be a '''sitemaps''' Directory in your mediawiki direcotry <code>/var/www/html/noobs/sitemap</code> with the following content: <pre> sitemap-completenoobs-NS_0-0.xml.gz sitemap-completenoobs-NS_4-0.xml.gz sitemap-completenoobs-NS_5-0.xml.gz sitemap-completenoobs-NS_8-0.xml.gz sitemap-index-completenoobs.xml </pre> Warning Bug:<br> there was error getting this on google, could not remember how i fixed it, will look into later ==Backup Your Wiki== Its always a good idea to backup your wiki! Losing days of work is not fun! ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be '''prompted''' for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> ====Backup Script==== * tis script will need a dir /var/wikibk <syntaxhighlight lang="python" line> #!/bin/bash # Define paths and filenames mediawiki_root_dir="/var/www/html/noobs" local_settings_path="/var/www/html/noobs/LocalSettings.php" database_backup_filename="Noobs_db.sql.gz" root_dir_backup_filename="mediawiki-rootDir.tgz" # Get the current timestamp timestamp=$(date +"%Y-%m-%d_%H-%M-%S") combined_backup_filename="mediawiki-transfer-${timestamp}.tgz" # Get database details from LocalSettings.php db_host=$(grep -oP "\$wgDBserver\s*=\s*'\K[^']*" "$local_settings_path") db_name=$(grep -oP "\$wgDBname\s*=\s*'\K[^']*" "$local_settings_path") db_user=$(grep -oP "\$wgDBuser\s*=\s*'\K[^']*" "$local_settings_path") db_pass=$(grep -oP "\$wgDBpassword\s*=\s*'\K[^']*" "$local_settings_path") # Set the wiki to read-only sed -i "/^\$wgDBpassword/ a \$wgReadOnly = 'Dumping Database, Access will be restored shortly';" "$local_settings_path" # Run mysqldump command using the extracted details mysqldump -h "$db_host" --default-character-set=binary --no-tablespaces -u "$db_user" --password="$db_pass" "$db_name" | gzip > /root/"$database_backup_filename" # Remove read-only mode sed -i "/^\$wgReadOnly = 'Dumping Database, Access will be restored shortly';/d" "$local_settings_path" # Back up MediaWiki root directory tar cvzhf /root/"$root_dir_backup_filename" "$mediawiki_root_dir" # Combine backup files into a single file for easy transport cd /root/ tar cvzhf "/var/wikibk/$combined_backup_filename" "$root_dir_backup_filename" "$database_backup_filename" </syntaxhighlight> =====Backup the Backup to Local Server/Computer===== <div class="toccolours mw-collapsible mw-collapsed"> Backup Full Dumps to Home Computer using script: <div class="mw-collapsible-content"> <syntaxhighlight lang="bash" line> #!/bin/bash # Set variables local_backup_dir="/home/ubunix/wiki-backups" remote_user="your_remote_username" remote_host="completenoobs.com" remote_backup_dir="/var/wikibk" private_key_path="/home/ubunix/.ssh/key" # Create the local backup directory if it doesn't exist mkdir -p "$local_backup_dir" # Create temporary files local_tmp_file="/tmp/FILE1.txt" remote_tmp_file="/tmp/FILE2.txt" # List files in the local and remote backup directories to temporary files find "$local_backup_dir" -mindepth 1 -maxdepth 1 -type f -exec basename {} \; | sort > "$local_tmp_file" ssh -i "$private_key_path" "$remote_user@$remote_host" "find $remote_backup_dir -mindepth 1 -maxdepth 1 -type f -exec basename {} \; | sort" > "$remote_tmp_file" # Compare the temporary files and download missing files using scp while read -r remote_file; do if ! grep -q -F "$remote_file" "$local_tmp_file"; then scp -i "$private_key_path" -r "$remote_user@$remote_host:$remote_backup_dir/$remote_file" "$local_backup_dir/" fi done < "$remote_tmp_file" # Remove temporary files rm "$local_tmp_file" rm "$remote_tmp_file" </syntaxhighlight> </div> </div> ===Restore wiki=== <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> ====Create basebase==== NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> ====Restore Database==== <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ====Config Apache2==== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===XML Dump only=== ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash set -x time_stamp=$(date '+%d_%m_%y') dumps_dir="/var/www/dumps" noobs_dir="/var/www/html/noobs" local_settings="$noobs_dir/LocalSettings.php" wiki_dump_dir="$dumps_dir/$time_stamp.Noobs" xmlkey="/root/.ssh/xmlkey" remote_host="rscp@xml.completenoobs.com" remote_path="/home/rscp/media/" function ensure_read_only_line_exists { if ! grep -q "wgReadOnly" "$local_settings"; then cat <<EOF >> "$local_settings" \$wgReadOnly = 'Dumping Database, Access will be restored shortly'; EOF fi } function set_wiki_read_only { sed -i 's/^#*\(\$wgReadOnly\)/\1/' "$local_settings" } function unset_wiki_read_only { sed -i 's/^\(\$wgReadOnly\)/#\1/' "$local_settings" } function create_directories { mkdir -p "$dumps_dir" mkdir -p "$wiki_dump_dir" } function dump_wiki { php "$noobs_dir/maintenance/dumpBackup.php" --full > "$wiki_dump_dir/$time_stamp.Noobs.xml" } function generate_checksums { md5sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.md5sum.txt" sha256sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.sha256sum.txt" } function push_to_remote { scp -i /root/.ssh/xmlkey -r /var/www/dumps/$time_stamp.Noobs rscp@xml.completenoobs.com:/home/rscp/media/ #rsync -avz -e "ssh -i $xmlkey" "$wiki_dump_dir" "$remote_host:$remote_path" } # Main script ensure_read_only_line_exists create_directories set_wiki_read_only dump_wiki generate_checksums unset_wiki_read_only push_to_remote </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import XML Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! 0k6cmbozfbomkq4wmeyujok0xu4nxtb 373 351 2023-04-28T20:29:47Z AwesomO 5 /* Dump and gzip database for transport */ 373 wikitext text/x-wiki ==Creating a MediaWiki Server on Ubuntu with Apache2== ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>usermod -c</code>: <div class="mw-collapsible-content"> The "usermod" command in Linux is used to modify user account details. The "-c" option in the "usermod" command is used to change the comment (or description) field associated with a user account. Specifically, when you run the command "usermod -c <comment> <username>", it will update the comment field of the user account associated with the given username to the specified comment. The comment is typically used to provide additional information about the user, such as their full name, job title, or department. For example, if you run the command "usermod -c 'John Smith' john", it will update the comment field for the user account "john" to "John Smith". You can then use tools like the "finger" command to display this information, e.g., "finger john". </div> </div> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===Create Swap space on server=== <div class="toccolours mw-collapsible mw-collapsed"> What are the benifits of having '''swap space''' on your server: <div class="mw-collapsible-content"> Having a swap space on your server can provide several benefits, including: :* Improved system stability: When your server runs out of RAM, it can cause instability and even crashes. Swap space provides a safety net by allowing the operating system to move inactive data from RAM to disk, freeing up RAM for more active processes. :* Increased memory availability: Swap space can provide additional virtual memory to the system, allowing it to handle more demanding workloads than it could with just physical memory alone. :* Enhanced performance: While swap space is not as fast as physical memory, it can help prevent thrashing, which is when the operating system spends too much time swapping data between RAM and disk. By providing an additional layer of memory, swap space can improve overall system performance. :* More flexibility: Swap space allows you to allocate memory resources more efficiently. For example, you can configure your system to have a smaller amount of physical memory and a larger swap space, or vice versa, depending on your specific workload and requirements. :* Improved application availability: In some cases, applications may require a certain amount of available memory to function properly. Having swap space can ensure that the system has enough memory to keep these applications running even when physical memory is low. Overall, having swap space on your server can provide a valuable safety net and help improve system stability and performance. </div> </div> ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===auto update server=== [[Ubuntu_unattended-upgrades|View here for more info on Ubuntu unattended upgrades]]<br> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install Apache2=== <code>apt install apache2</code> Can now visit your domain in browser to check it works:<br> Make sure you use '''http''' and Not '''https''' as not yet configured. ====CertBot LetsEncrypt '''''https'''''==== Install certbot<br \> <code>snap install certbot --classic</code><br \> Create Cert<br \> <code>certbot --apache -d completenoobs.com -d www.completenoobs.com</code><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ===Install MediaWiki=== <code>apt install mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/noobs</code> <code>chown -R www-data:www-data /var/www/html/noobs</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ===Config Apache2=== ==== Create a Apache2 Config file for your site==== <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@completenoobs.com # Redirect Requests to SSL Redirect permanent "/" "https://www.completenoobs.com" </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/noobs ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined # Path from certbot can be found in 000-default-le-ssl.conf <Directory /var/www/html/noobs> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> </VirtualHost> </IfModule> </pre> ====Edit '''"000-default-le-ssl.conf"''' created by certbot to correct path==== <code>$EDITOR /etc/apache2/sites-enabled/000-default-le-ssl.conf</code> Change the '''DocumentRoot''' path to your mediawiki directory. :* <code>DocumentRoot /var/www/html</code> : To :* <code>DocumentRoot /var/www/html/noobs</code> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName noblemage.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.noblemage.com SSLCertificateFile /etc/letsencrypt/live/noblemage.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/noblemage.com/privkey.pem </VirtualHost> </IfModule> </pre> <div class="toccolours mw-collapsible mw-collapsed"> After Change <code>/etc/apache2/sites-enabled/000-default-le-ssl.conf</code>: <div class="mw-collapsible-content"> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html/noobs # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName noblemage.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.noblemage.com SSLCertificateFile /etc/letsencrypt/live/noblemage.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/noblemage.com/privkey.pem </VirtualHost> </IfModule> </pre> </div> </div> ====Reload Apache2==== <code>a2dissite 000-default</code> <div class="toccolours mw-collapsible mw-collapsed"> a2dissite 000-default: <div class="mw-collapsible-content"> To disable the default Apache site on a Debian-based system like Ubuntu, you can use the '''a2dissite''' command. The default site configuration is usually named '''000-default.conf'''. To re-enable use <code>a2ensite 000-default</code> </div> </div> <code>a2ensite completenoobs.com</code> <div class="toccolours mw-collapsible mw-collapsed"> a2ensite completenoobs.com: <div class="mw-collapsible-content"> '''a2ensite''' is a command-line utility in Debian-based systems, like Ubuntu, that enables a specific site configuration in the Apache web server. The term a2ensite is derived from "Apache 2 Enable Site." When you create a new virtual host configuration file for your website in the '''/etc/apache2/sites-available/''' directory, you need to enable it for Apache to start serving the site. The a2ensite command is used to enable a site by creating a symbolic link from the '''sites-available''' directory to the '''sites-enabled''' directory. Here's how to use a2ensite: : Create a virtual host configuration file for your website in the /etc/apache2/sites-available/ directory. For example: <code>sudo nano /etc/apache2/sites-available/mywebsite.conf</code> Replace mywebsite with the name of your website or domain. Add the appropriate configuration to the virtual host file, and save it. Use the a2ensite command to enable the new site configuration: <code>sudo a2ensite mywebsite</code> Replace mywebsite with the name of your website or domain (without the .conf extension). </div> </div> <code>a2enmod ssl</code> <div class="toccolours mw-collapsible mw-collapsed"> a2enmod ssl: <div class="mw-collapsible-content"> '''a2enmod ssl''' is a command used to enable the '''ssl''' module in the Apache web server on Debian-based systems, like Ubuntu. The ssl module provides support for SSL/TLS encryption, which is necessary for serving websites securely over HTTPS. </div> </div> <code>a2enmod headers</code> <div class="toccolours mw-collapsible mw-collapsed"> a2enmod headers: <div class="mw-collapsible-content"> '''a2enmod''' is a command-line utility in Debian-based systems, like Ubuntu, used to enable Apache modules. The term a2enmod is derived from "Apache 2 Enable Module." headers is an Apache module that allows you to manipulate HTTP response headers sent back to clients. It is commonly used to add, modify, or remove response headers in various situations, such as implementing security headers, cache control, or Content Security Policy (CSP). The command '''a2enmod headers''' is used to enable the headers module in the Apache web server. Once the module is enabled, you can use its features in your Apache configuration files (e.g., .htaccess or httpd.conf). Here's a step-by-step explanation of the command: :* a2enmod: This is the utility you are using to enable Apache modules. :* headers: This is the specific Apache module you want to enable. </div> </div> <code>apache2ctl configtest</code> <div class="toccolours mw-collapsible mw-collapsed"> apache2ctl configtest: <div class="mw-collapsible-content"> '''apache2ctl configtest''' is a command used to check the syntax of your Apache configuration files without actually restarting the server. This is useful for detecting any syntax errors or issues in your configuration files before applying changes to the running server. </div> </div> <code>systemctl restart apache2</code> ==Check Wiki Working== ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ===LocalSettings.php Launch Wiki=== Send the Downloaded '''LocalSettings.php''' file to your server's mediawiki directory: <code>scp Downloads/LocalSettings.php root@www.completenoobs.com:/var/www/html/noobs/</code> And revisit you site on Browser <code>www.completenoobs.com</code><br> '''''Welcome to your wiki''''' ==Customize and Config your Wiki== ===Setup Email Config=== <code>$EDITOR /var/www/html/noobs/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>scp completenoobs-logo.png root@www.completenoobs.com:/var/www/html/noobs/resources/assets/</code><br> Back in Server edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/noobs/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/noobs/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/noobs/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/noobs/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. :* <code>wget https://extdist.wmflabs.org/dist/extensions/PageNotice-REL1_39-bf69636.tar.gz</code> :* <code>tar zxvf PageNotice-REL1_39-bf69636.tar.gz -C /var/www/html/noobs/extensions/</code> in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===EmbedVideo=== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/noobs/extensions/</code><br> <br> <code>mv /var/www/html/noobs/extensions/EmbedVideo-v2.9.0 /var/www/html/noobs/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/noobs/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ===Syntax highlighting not working=== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> ==Policy Pages== ==Remove '''index.php''' from '''URL'''== mediawiki remove index.php path of wiki is /var/www/html/noobs/ i want apache to show completenoobs.com/noobs/Main_Page To remove the "index.php" from the URLs of your MediaWiki installation, you need to enable pretty URLs using the .htaccess file and modify your LocalSettings.php. Here's how you can do that: === Create or modify the .htaccess file=== First, navigate to your MediaWiki root folder, in your case /var/www/html/noobs/. If you don't have a .htaccess file, create one in this folder. Then, add the following content to the .htaccess file: <pre> RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php/$1 [L,QSA] </pre> This code enables the Apache rewrite engine and tells it to redirect requests that don't match existing files or directories to the index.php file. === Modify the LocalSettings.php file:=== Next, you'll need to modify the LocalSettings.php file, which should be located in your MediaWiki root folder (/var/www/html/noobs/). Add or modify the following lines: <pre> $wgScriptPath = "/noobs"; $wgArticlePath = "{$wgScriptPath}/$1"; $wgUsePathInfo = true; </pre> * note: you should already have <code>$wgScriptPath = "/noobs";</code> in LocalSettings.php This code sets the base path for your wiki (/noobs), defines the article path pattern, and enables the use of path info. === Enable the Apache mod_rewrite module=== <code>root@noobs:/var/www/html/noobs# cat /etc/apache2/sites-available/000-default-le-ssl.conf </code> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName completenoobs.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.completenoobs.com SSLCertificateFile /etc/letsencrypt/live/completenoobs.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/completenoobs.com/privkey.pem </VirtualHost> </IfModule> </pre> Add <pre> <Directory /var/www/html/noobs> Options FollowSymLinks AllowOverride All Require all granted </Directory> </pre> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined <Directory /var/www/html/noobs> Options FollowSymLinks AllowOverride All Require all granted </Directory> # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName completenoobs.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.completenoobs.com SSLCertificateFile /etc/letsencrypt/live/completenoobs.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/completenoobs.com/privkey.pem </VirtualHost> </IfModule> </pre> Make sure the mod_rewrite module is enabled in your Apache configuration. You can enable it by running the following command: <code>sudo a2enmod rewrite</code> After enabling the module, restart Apache: <code>sudo systemctl restart apache2</code> Now, your MediaWiki installation should use pretty URLs without "index.php" in the path. In your case, it will show URLs like completenoobs.com/noobs/Main_Page. ==Fail2Ban - optional== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/noobs/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> :* [[Text_Editing_and_Processing#Regular_expressions_(regex)|Basic Regex Guide]] <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Sitemap for search engines== :* Command to be run in your mediawiki directory :* <code>cd /var/www/html/noobs</code> <pre> php maintenance/generateSitemap.php --memory-limit=50M --fspath=/var/www/html/noobs/sitemap/ --identifier=completenoobs --urlpath=www.completenoobs.com/sitemap/ --server=https://www.completenoobs.com --compress=yes --skip-redirects </pre> :* There should now be a '''sitemaps''' Directory in your mediawiki direcotry <code>/var/www/html/noobs/sitemap</code> with the following content: <pre> sitemap-completenoobs-NS_0-0.xml.gz sitemap-completenoobs-NS_4-0.xml.gz sitemap-completenoobs-NS_5-0.xml.gz sitemap-completenoobs-NS_8-0.xml.gz sitemap-index-completenoobs.xml </pre> Warning Bug:<br> there was error getting this on google, could not remember how i fixed it, will look into later ==Backup Your Wiki== Its always a good idea to backup your wiki! Losing days of work is not fun! ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== :* Will be '''prompted''' for password:<br \> :** Note: If you forgot your Database details, you can find them on your LocalSettings.php file <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> ====Backup Script==== * tis script will need a dir /var/wikibk <syntaxhighlight lang="python" line> #!/bin/bash # Define paths and filenames mediawiki_root_dir="/var/www/html/noobs" local_settings_path="/var/www/html/noobs/LocalSettings.php" database_backup_filename="Noobs_db.sql.gz" root_dir_backup_filename="mediawiki-rootDir.tgz" # Get the current timestamp timestamp=$(date +"%Y-%m-%d_%H-%M-%S") combined_backup_filename="mediawiki-transfer-${timestamp}.tgz" # Get database details from LocalSettings.php db_host=$(grep -oP "\$wgDBserver\s*=\s*'\K[^']*" "$local_settings_path") db_name=$(grep -oP "\$wgDBname\s*=\s*'\K[^']*" "$local_settings_path") db_user=$(grep -oP "\$wgDBuser\s*=\s*'\K[^']*" "$local_settings_path") db_pass=$(grep -oP "\$wgDBpassword\s*=\s*'\K[^']*" "$local_settings_path") # Set the wiki to read-only sed -i "/^\$wgDBpassword/ a \$wgReadOnly = 'Dumping Database, Access will be restored shortly';" "$local_settings_path" # Run mysqldump command using the extracted details mysqldump -h "$db_host" --default-character-set=binary --no-tablespaces -u "$db_user" --password="$db_pass" "$db_name" | gzip > /root/"$database_backup_filename" # Remove read-only mode sed -i "/^\$wgReadOnly = 'Dumping Database, Access will be restored shortly';/d" "$local_settings_path" # Back up MediaWiki root directory tar cvzhf /root/"$root_dir_backup_filename" "$mediawiki_root_dir" # Combine backup files into a single file for easy transport cd /root/ tar cvzhf "/var/wikibk/$combined_backup_filename" "$root_dir_backup_filename" "$database_backup_filename" </syntaxhighlight> =====Backup the Backup to Local Server/Computer===== <div class="toccolours mw-collapsible mw-collapsed"> Backup Full Dumps to Home Computer using script: <div class="mw-collapsible-content"> <syntaxhighlight lang="bash" line> #!/bin/bash # Set variables local_backup_dir="/home/ubunix/wiki-backups" remote_user="your_remote_username" remote_host="completenoobs.com" remote_backup_dir="/var/wikibk" private_key_path="/home/ubunix/.ssh/key" # Create the local backup directory if it doesn't exist mkdir -p "$local_backup_dir" # Create temporary files local_tmp_file="/tmp/FILE1.txt" remote_tmp_file="/tmp/FILE2.txt" # List files in the local and remote backup directories to temporary files find "$local_backup_dir" -mindepth 1 -maxdepth 1 -type f -exec basename {} \; | sort > "$local_tmp_file" ssh -i "$private_key_path" "$remote_user@$remote_host" "find $remote_backup_dir -mindepth 1 -maxdepth 1 -type f -exec basename {} \; | sort" > "$remote_tmp_file" # Compare the temporary files and download missing files using scp while read -r remote_file; do if ! grep -q -F "$remote_file" "$local_tmp_file"; then scp -i "$private_key_path" -r "$remote_user@$remote_host:$remote_backup_dir/$remote_file" "$local_backup_dir/" fi done < "$remote_tmp_file" # Remove temporary files rm "$local_tmp_file" rm "$remote_tmp_file" </syntaxhighlight> </div> </div> ===Restore wiki=== <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> ====Create basebase==== NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> ====Restore Database==== <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ====Config Apache2==== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===XML Dump only=== ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash set -x time_stamp=$(date '+%d_%m_%y') dumps_dir="/var/www/dumps" noobs_dir="/var/www/html/noobs" local_settings="$noobs_dir/LocalSettings.php" wiki_dump_dir="$dumps_dir/$time_stamp.Noobs" xmlkey="/root/.ssh/xmlkey" remote_host="rscp@xml.completenoobs.com" remote_path="/home/rscp/media/" function ensure_read_only_line_exists { if ! grep -q "wgReadOnly" "$local_settings"; then cat <<EOF >> "$local_settings" \$wgReadOnly = 'Dumping Database, Access will be restored shortly'; EOF fi } function set_wiki_read_only { sed -i 's/^#*\(\$wgReadOnly\)/\1/' "$local_settings" } function unset_wiki_read_only { sed -i 's/^\(\$wgReadOnly\)/#\1/' "$local_settings" } function create_directories { mkdir -p "$dumps_dir" mkdir -p "$wiki_dump_dir" } function dump_wiki { php "$noobs_dir/maintenance/dumpBackup.php" --full > "$wiki_dump_dir/$time_stamp.Noobs.xml" } function generate_checksums { md5sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.md5sum.txt" sha256sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.sha256sum.txt" } function push_to_remote { scp -i /root/.ssh/xmlkey -r /var/www/dumps/$time_stamp.Noobs rscp@xml.completenoobs.com:/home/rscp/media/ #rsync -avz -e "ssh -i $xmlkey" "$wiki_dump_dir" "$remote_host:$remote_path" } # Main script ensure_read_only_line_exists create_directories set_wiki_read_only dump_wiki generate_checksums unset_wiki_read_only push_to_remote </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import XML Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! 8r6em1cs2chjad87j0gh3rifeit4e6e 385 373 2023-05-04T17:06:37Z Noob 1 /* EmbedVideo */ 385 wikitext text/x-wiki ==Creating a MediaWiki Server on Ubuntu with Apache2== ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>usermod -c</code>: <div class="mw-collapsible-content"> The "usermod" command in Linux is used to modify user account details. The "-c" option in the "usermod" command is used to change the comment (or description) field associated with a user account. Specifically, when you run the command "usermod -c <comment> <username>", it will update the comment field of the user account associated with the given username to the specified comment. The comment is typically used to provide additional information about the user, such as their full name, job title, or department. For example, if you run the command "usermod -c 'John Smith' john", it will update the comment field for the user account "john" to "John Smith". You can then use tools like the "finger" command to display this information, e.g., "finger john". </div> </div> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===Create Swap space on server=== <div class="toccolours mw-collapsible mw-collapsed"> What are the benifits of having '''swap space''' on your server: <div class="mw-collapsible-content"> Having a swap space on your server can provide several benefits, including: :* Improved system stability: When your server runs out of RAM, it can cause instability and even crashes. Swap space provides a safety net by allowing the operating system to move inactive data from RAM to disk, freeing up RAM for more active processes. :* Increased memory availability: Swap space can provide additional virtual memory to the system, allowing it to handle more demanding workloads than it could with just physical memory alone. :* Enhanced performance: While swap space is not as fast as physical memory, it can help prevent thrashing, which is when the operating system spends too much time swapping data between RAM and disk. By providing an additional layer of memory, swap space can improve overall system performance. :* More flexibility: Swap space allows you to allocate memory resources more efficiently. For example, you can configure your system to have a smaller amount of physical memory and a larger swap space, or vice versa, depending on your specific workload and requirements. :* Improved application availability: In some cases, applications may require a certain amount of available memory to function properly. Having swap space can ensure that the system has enough memory to keep these applications running even when physical memory is low. Overall, having swap space on your server can provide a valuable safety net and help improve system stability and performance. </div> </div> ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===auto update server=== [[Ubuntu_unattended-upgrades|View here for more info on Ubuntu unattended upgrades]]<br> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install Apache2=== <code>apt install apache2</code> Can now visit your domain in browser to check it works:<br> Make sure you use '''http''' and Not '''https''' as not yet configured. ====CertBot LetsEncrypt '''''https'''''==== Install certbot<br \> <code>snap install certbot --classic</code><br \> Create Cert<br \> <code>certbot --apache -d completenoobs.com -d www.completenoobs.com</code><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ===Install MediaWiki=== <code>apt install mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/noobs</code> <code>chown -R www-data:www-data /var/www/html/noobs</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ===Config Apache2=== ==== Create a Apache2 Config file for your site==== <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@completenoobs.com # Redirect Requests to SSL Redirect permanent "/" "https://www.completenoobs.com" </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/noobs ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined # Path from certbot can be found in 000-default-le-ssl.conf <Directory /var/www/html/noobs> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> </VirtualHost> </IfModule> </pre> ====Edit '''"000-default-le-ssl.conf"''' created by certbot to correct path==== <code>$EDITOR /etc/apache2/sites-enabled/000-default-le-ssl.conf</code> Change the '''DocumentRoot''' path to your mediawiki directory. :* <code>DocumentRoot /var/www/html</code> : To :* <code>DocumentRoot /var/www/html/noobs</code> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName noblemage.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.noblemage.com SSLCertificateFile /etc/letsencrypt/live/noblemage.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/noblemage.com/privkey.pem </VirtualHost> </IfModule> </pre> <div class="toccolours mw-collapsible mw-collapsed"> After Change <code>/etc/apache2/sites-enabled/000-default-le-ssl.conf</code>: <div class="mw-collapsible-content"> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html/noobs # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName noblemage.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.noblemage.com SSLCertificateFile /etc/letsencrypt/live/noblemage.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/noblemage.com/privkey.pem </VirtualHost> </IfModule> </pre> </div> </div> ====Reload Apache2==== <code>a2dissite 000-default</code> <div class="toccolours mw-collapsible mw-collapsed"> a2dissite 000-default: <div class="mw-collapsible-content"> To disable the default Apache site on a Debian-based system like Ubuntu, you can use the '''a2dissite''' command. The default site configuration is usually named '''000-default.conf'''. To re-enable use <code>a2ensite 000-default</code> </div> </div> <code>a2ensite completenoobs.com</code> <div class="toccolours mw-collapsible mw-collapsed"> a2ensite completenoobs.com: <div class="mw-collapsible-content"> '''a2ensite''' is a command-line utility in Debian-based systems, like Ubuntu, that enables a specific site configuration in the Apache web server. The term a2ensite is derived from "Apache 2 Enable Site." When you create a new virtual host configuration file for your website in the '''/etc/apache2/sites-available/''' directory, you need to enable it for Apache to start serving the site. The a2ensite command is used to enable a site by creating a symbolic link from the '''sites-available''' directory to the '''sites-enabled''' directory. Here's how to use a2ensite: : Create a virtual host configuration file for your website in the /etc/apache2/sites-available/ directory. For example: <code>sudo nano /etc/apache2/sites-available/mywebsite.conf</code> Replace mywebsite with the name of your website or domain. Add the appropriate configuration to the virtual host file, and save it. Use the a2ensite command to enable the new site configuration: <code>sudo a2ensite mywebsite</code> Replace mywebsite with the name of your website or domain (without the .conf extension). </div> </div> <code>a2enmod ssl</code> <div class="toccolours mw-collapsible mw-collapsed"> a2enmod ssl: <div class="mw-collapsible-content"> '''a2enmod ssl''' is a command used to enable the '''ssl''' module in the Apache web server on Debian-based systems, like Ubuntu. The ssl module provides support for SSL/TLS encryption, which is necessary for serving websites securely over HTTPS. </div> </div> <code>a2enmod headers</code> <div class="toccolours mw-collapsible mw-collapsed"> a2enmod headers: <div class="mw-collapsible-content"> '''a2enmod''' is a command-line utility in Debian-based systems, like Ubuntu, used to enable Apache modules. The term a2enmod is derived from "Apache 2 Enable Module." headers is an Apache module that allows you to manipulate HTTP response headers sent back to clients. It is commonly used to add, modify, or remove response headers in various situations, such as implementing security headers, cache control, or Content Security Policy (CSP). The command '''a2enmod headers''' is used to enable the headers module in the Apache web server. Once the module is enabled, you can use its features in your Apache configuration files (e.g., .htaccess or httpd.conf). Here's a step-by-step explanation of the command: :* a2enmod: This is the utility you are using to enable Apache modules. :* headers: This is the specific Apache module you want to enable. </div> </div> <code>apache2ctl configtest</code> <div class="toccolours mw-collapsible mw-collapsed"> apache2ctl configtest: <div class="mw-collapsible-content"> '''apache2ctl configtest''' is a command used to check the syntax of your Apache configuration files without actually restarting the server. This is useful for detecting any syntax errors or issues in your configuration files before applying changes to the running server. </div> </div> <code>systemctl restart apache2</code> ==Check Wiki Working== ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ===LocalSettings.php Launch Wiki=== Send the Downloaded '''LocalSettings.php''' file to your server's mediawiki directory: <code>scp Downloads/LocalSettings.php root@www.completenoobs.com:/var/www/html/noobs/</code> And revisit you site on Browser <code>www.completenoobs.com</code><br> '''''Welcome to your wiki''''' ==Customize and Config your Wiki== ===Setup Email Config=== <code>$EDITOR /var/www/html/noobs/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>scp completenoobs-logo.png root@www.completenoobs.com:/var/www/html/noobs/resources/assets/</code><br> Back in Server edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/noobs/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/noobs/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/noobs/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/noobs/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. :* <code>wget https://extdist.wmflabs.org/dist/extensions/PageNotice-REL1_39-bf69636.tar.gz</code> :* <code>tar zxvf PageNotice-REL1_39-bf69636.tar.gz -C /var/www/html/noobs/extensions/</code> in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Youtube extension=== * needed to view embedded videos https://www.mediawiki.org/wiki/Extension:YouTube <code>wget https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /var/www/html/mediawiki/extensions/</code> * Append to '''LocalSettings.php''' <code>wfLoadExtension( 'YouTube' );</code> * On wiki page can now embed youtube videos ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> ===Syntax highlighting not working=== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> ==Policy Pages== ==Remove '''index.php''' from '''URL'''== mediawiki remove index.php path of wiki is /var/www/html/noobs/ i want apache to show completenoobs.com/noobs/Main_Page To remove the "index.php" from the URLs of your MediaWiki installation, you need to enable pretty URLs using the .htaccess file and modify your LocalSettings.php. Here's how you can do that: === Create or modify the .htaccess file=== First, navigate to your MediaWiki root folder, in your case /var/www/html/noobs/. If you don't have a .htaccess file, create one in this folder. Then, add the following content to the .htaccess file: <pre> RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php/$1 [L,QSA] </pre> This code enables the Apache rewrite engine and tells it to redirect requests that don't match existing files or directories to the index.php file. === Modify the LocalSettings.php file:=== Next, you'll need to modify the LocalSettings.php file, which should be located in your MediaWiki root folder (/var/www/html/noobs/). Add or modify the following lines: <pre> $wgScriptPath = "/noobs"; $wgArticlePath = "{$wgScriptPath}/$1"; $wgUsePathInfo = true; </pre> * note: you should already have <code>$wgScriptPath = "/noobs";</code> in LocalSettings.php This code sets the base path for your wiki (/noobs), defines the article path pattern, and enables the use of path info. === Enable the Apache mod_rewrite module=== <code>root@noobs:/var/www/html/noobs# cat /etc/apache2/sites-available/000-default-le-ssl.conf </code> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName completenoobs.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.completenoobs.com SSLCertificateFile /etc/letsencrypt/live/completenoobs.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/completenoobs.com/privkey.pem </VirtualHost> </IfModule> </pre> Add <pre> <Directory /var/www/html/noobs> Options FollowSymLinks AllowOverride All Require all granted </Directory> </pre> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined <Directory /var/www/html/noobs> Options FollowSymLinks AllowOverride All Require all granted </Directory> # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName completenoobs.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.completenoobs.com SSLCertificateFile /etc/letsencrypt/live/completenoobs.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/completenoobs.com/privkey.pem </VirtualHost> </IfModule> </pre> Make sure the mod_rewrite module is enabled in your Apache configuration. You can enable it by running the following command: <code>sudo a2enmod rewrite</code> After enabling the module, restart Apache: <code>sudo systemctl restart apache2</code> Now, your MediaWiki installation should use pretty URLs without "index.php" in the path. In your case, it will show URLs like completenoobs.com/noobs/Main_Page. ==Fail2Ban - optional== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/noobs/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> :* [[Text_Editing_and_Processing#Regular_expressions_(regex)|Basic Regex Guide]] <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Sitemap for search engines== :* Command to be run in your mediawiki directory :* <code>cd /var/www/html/noobs</code> <pre> php maintenance/generateSitemap.php --memory-limit=50M --fspath=/var/www/html/noobs/sitemap/ --identifier=completenoobs --urlpath=www.completenoobs.com/sitemap/ --server=https://www.completenoobs.com --compress=yes --skip-redirects </pre> :* There should now be a '''sitemaps''' Directory in your mediawiki direcotry <code>/var/www/html/noobs/sitemap</code> with the following content: <pre> sitemap-completenoobs-NS_0-0.xml.gz sitemap-completenoobs-NS_4-0.xml.gz sitemap-completenoobs-NS_5-0.xml.gz sitemap-completenoobs-NS_8-0.xml.gz sitemap-index-completenoobs.xml </pre> Warning Bug:<br> there was error getting this on google, could not remember how i fixed it, will look into later ==Backup Your Wiki== Its always a good idea to backup your wiki! Losing days of work is not fun! ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== :* Will be '''prompted''' for password:<br \> :** Note: If you forgot your Database details, you can find them on your LocalSettings.php file <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> ====Backup Script==== * tis script will need a dir /var/wikibk <syntaxhighlight lang="python" line> #!/bin/bash # Define paths and filenames mediawiki_root_dir="/var/www/html/noobs" local_settings_path="/var/www/html/noobs/LocalSettings.php" database_backup_filename="Noobs_db.sql.gz" root_dir_backup_filename="mediawiki-rootDir.tgz" # Get the current timestamp timestamp=$(date +"%Y-%m-%d_%H-%M-%S") combined_backup_filename="mediawiki-transfer-${timestamp}.tgz" # Get database details from LocalSettings.php db_host=$(grep -oP "\$wgDBserver\s*=\s*'\K[^']*" "$local_settings_path") db_name=$(grep -oP "\$wgDBname\s*=\s*'\K[^']*" "$local_settings_path") db_user=$(grep -oP "\$wgDBuser\s*=\s*'\K[^']*" "$local_settings_path") db_pass=$(grep -oP "\$wgDBpassword\s*=\s*'\K[^']*" "$local_settings_path") # Set the wiki to read-only sed -i "/^\$wgDBpassword/ a \$wgReadOnly = 'Dumping Database, Access will be restored shortly';" "$local_settings_path" # Run mysqldump command using the extracted details mysqldump -h "$db_host" --default-character-set=binary --no-tablespaces -u "$db_user" --password="$db_pass" "$db_name" | gzip > /root/"$database_backup_filename" # Remove read-only mode sed -i "/^\$wgReadOnly = 'Dumping Database, Access will be restored shortly';/d" "$local_settings_path" # Back up MediaWiki root directory tar cvzhf /root/"$root_dir_backup_filename" "$mediawiki_root_dir" # Combine backup files into a single file for easy transport cd /root/ tar cvzhf "/var/wikibk/$combined_backup_filename" "$root_dir_backup_filename" "$database_backup_filename" </syntaxhighlight> =====Backup the Backup to Local Server/Computer===== <div class="toccolours mw-collapsible mw-collapsed"> Backup Full Dumps to Home Computer using script: <div class="mw-collapsible-content"> <syntaxhighlight lang="bash" line> #!/bin/bash # Set variables local_backup_dir="/home/ubunix/wiki-backups" remote_user="your_remote_username" remote_host="completenoobs.com" remote_backup_dir="/var/wikibk" private_key_path="/home/ubunix/.ssh/key" # Create the local backup directory if it doesn't exist mkdir -p "$local_backup_dir" # Create temporary files local_tmp_file="/tmp/FILE1.txt" remote_tmp_file="/tmp/FILE2.txt" # List files in the local and remote backup directories to temporary files find "$local_backup_dir" -mindepth 1 -maxdepth 1 -type f -exec basename {} \; | sort > "$local_tmp_file" ssh -i "$private_key_path" "$remote_user@$remote_host" "find $remote_backup_dir -mindepth 1 -maxdepth 1 -type f -exec basename {} \; | sort" > "$remote_tmp_file" # Compare the temporary files and download missing files using scp while read -r remote_file; do if ! grep -q -F "$remote_file" "$local_tmp_file"; then scp -i "$private_key_path" -r "$remote_user@$remote_host:$remote_backup_dir/$remote_file" "$local_backup_dir/" fi done < "$remote_tmp_file" # Remove temporary files rm "$local_tmp_file" rm "$remote_tmp_file" </syntaxhighlight> </div> </div> ===Restore wiki=== <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> ====Create basebase==== NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> ====Restore Database==== <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ====Config Apache2==== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===XML Dump only=== ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash set -x time_stamp=$(date '+%d_%m_%y') dumps_dir="/var/www/dumps" noobs_dir="/var/www/html/noobs" local_settings="$noobs_dir/LocalSettings.php" wiki_dump_dir="$dumps_dir/$time_stamp.Noobs" xmlkey="/root/.ssh/xmlkey" remote_host="rscp@xml.completenoobs.com" remote_path="/home/rscp/media/" function ensure_read_only_line_exists { if ! grep -q "wgReadOnly" "$local_settings"; then cat <<EOF >> "$local_settings" \$wgReadOnly = 'Dumping Database, Access will be restored shortly'; EOF fi } function set_wiki_read_only { sed -i 's/^#*\(\$wgReadOnly\)/\1/' "$local_settings" } function unset_wiki_read_only { sed -i 's/^\(\$wgReadOnly\)/#\1/' "$local_settings" } function create_directories { mkdir -p "$dumps_dir" mkdir -p "$wiki_dump_dir" } function dump_wiki { php "$noobs_dir/maintenance/dumpBackup.php" --full > "$wiki_dump_dir/$time_stamp.Noobs.xml" } function generate_checksums { md5sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.md5sum.txt" sha256sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.sha256sum.txt" } function push_to_remote { scp -i /root/.ssh/xmlkey -r /var/www/dumps/$time_stamp.Noobs rscp@xml.completenoobs.com:/home/rscp/media/ #rsync -avz -e "ssh -i $xmlkey" "$wiki_dump_dir" "$remote_host:$remote_path" } # Main script ensure_read_only_line_exists create_directories set_wiki_read_only dump_wiki generate_checksums unset_wiki_read_only push_to_remote </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import XML Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! 10tev9yrotg6bw7qp1rv9if9nxd1oh0 518 385 2025-04-21T17:02:05Z AwesomO 5 /* Remove admin rights */ 518 wikitext text/x-wiki ==Creating a MediaWiki Server on Ubuntu with Apache2== ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>usermod -c</code>: <div class="mw-collapsible-content"> The "usermod" command in Linux is used to modify user account details. The "-c" option in the "usermod" command is used to change the comment (or description) field associated with a user account. Specifically, when you run the command "usermod -c <comment> <username>", it will update the comment field of the user account associated with the given username to the specified comment. The comment is typically used to provide additional information about the user, such as their full name, job title, or department. For example, if you run the command "usermod -c 'John Smith' john", it will update the comment field for the user account "john" to "John Smith". You can then use tools like the "finger" command to display this information, e.g., "finger john". </div> </div> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===Create Swap space on server=== <div class="toccolours mw-collapsible mw-collapsed"> What are the benifits of having '''swap space''' on your server: <div class="mw-collapsible-content"> Having a swap space on your server can provide several benefits, including: :* Improved system stability: When your server runs out of RAM, it can cause instability and even crashes. Swap space provides a safety net by allowing the operating system to move inactive data from RAM to disk, freeing up RAM for more active processes. :* Increased memory availability: Swap space can provide additional virtual memory to the system, allowing it to handle more demanding workloads than it could with just physical memory alone. :* Enhanced performance: While swap space is not as fast as physical memory, it can help prevent thrashing, which is when the operating system spends too much time swapping data between RAM and disk. By providing an additional layer of memory, swap space can improve overall system performance. :* More flexibility: Swap space allows you to allocate memory resources more efficiently. For example, you can configure your system to have a smaller amount of physical memory and a larger swap space, or vice versa, depending on your specific workload and requirements. :* Improved application availability: In some cases, applications may require a certain amount of available memory to function properly. Having swap space can ensure that the system has enough memory to keep these applications running even when physical memory is low. Overall, having swap space on your server can provide a valuable safety net and help improve system stability and performance. </div> </div> ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===auto update server=== [[Ubuntu_unattended-upgrades|View here for more info on Ubuntu unattended upgrades]]<br> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install Apache2=== <code>apt install apache2</code> Can now visit your domain in browser to check it works:<br> Make sure you use '''http''' and Not '''https''' as not yet configured. ====CertBot LetsEncrypt '''''https'''''==== Install certbot<br \> <code>snap install certbot --classic</code><br \> Create Cert<br \> <code>certbot --apache -d completenoobs.com -d www.completenoobs.com</code><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ===Install MediaWiki=== <code>apt install mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/noobs</code> <code>chown -R www-data:www-data /var/www/html/noobs</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ===Config Apache2=== ==== Create a Apache2 Config file for your site==== <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@completenoobs.com # Redirect Requests to SSL Redirect permanent "/" "https://www.completenoobs.com" </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/noobs ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined # Path from certbot can be found in 000-default-le-ssl.conf <Directory /var/www/html/noobs> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> </VirtualHost> </IfModule> </pre> ====Edit '''"000-default-le-ssl.conf"''' created by certbot to correct path==== <code>$EDITOR /etc/apache2/sites-enabled/000-default-le-ssl.conf</code> Change the '''DocumentRoot''' path to your mediawiki directory. :* <code>DocumentRoot /var/www/html</code> : To :* <code>DocumentRoot /var/www/html/noobs</code> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName noblemage.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.noblemage.com SSLCertificateFile /etc/letsencrypt/live/noblemage.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/noblemage.com/privkey.pem </VirtualHost> </IfModule> </pre> <div class="toccolours mw-collapsible mw-collapsed"> After Change <code>/etc/apache2/sites-enabled/000-default-le-ssl.conf</code>: <div class="mw-collapsible-content"> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html/noobs # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName noblemage.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.noblemage.com SSLCertificateFile /etc/letsencrypt/live/noblemage.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/noblemage.com/privkey.pem </VirtualHost> </IfModule> </pre> </div> </div> ====Reload Apache2==== <code>a2dissite 000-default</code> <div class="toccolours mw-collapsible mw-collapsed"> a2dissite 000-default: <div class="mw-collapsible-content"> To disable the default Apache site on a Debian-based system like Ubuntu, you can use the '''a2dissite''' command. The default site configuration is usually named '''000-default.conf'''. To re-enable use <code>a2ensite 000-default</code> </div> </div> <code>a2ensite completenoobs.com</code> <div class="toccolours mw-collapsible mw-collapsed"> a2ensite completenoobs.com: <div class="mw-collapsible-content"> '''a2ensite''' is a command-line utility in Debian-based systems, like Ubuntu, that enables a specific site configuration in the Apache web server. The term a2ensite is derived from "Apache 2 Enable Site." When you create a new virtual host configuration file for your website in the '''/etc/apache2/sites-available/''' directory, you need to enable it for Apache to start serving the site. The a2ensite command is used to enable a site by creating a symbolic link from the '''sites-available''' directory to the '''sites-enabled''' directory. Here's how to use a2ensite: : Create a virtual host configuration file for your website in the /etc/apache2/sites-available/ directory. For example: <code>sudo nano /etc/apache2/sites-available/mywebsite.conf</code> Replace mywebsite with the name of your website or domain. Add the appropriate configuration to the virtual host file, and save it. Use the a2ensite command to enable the new site configuration: <code>sudo a2ensite mywebsite</code> Replace mywebsite with the name of your website or domain (without the .conf extension). </div> </div> <code>a2enmod ssl</code> <div class="toccolours mw-collapsible mw-collapsed"> a2enmod ssl: <div class="mw-collapsible-content"> '''a2enmod ssl''' is a command used to enable the '''ssl''' module in the Apache web server on Debian-based systems, like Ubuntu. The ssl module provides support for SSL/TLS encryption, which is necessary for serving websites securely over HTTPS. </div> </div> <code>a2enmod headers</code> <div class="toccolours mw-collapsible mw-collapsed"> a2enmod headers: <div class="mw-collapsible-content"> '''a2enmod''' is a command-line utility in Debian-based systems, like Ubuntu, used to enable Apache modules. The term a2enmod is derived from "Apache 2 Enable Module." headers is an Apache module that allows you to manipulate HTTP response headers sent back to clients. It is commonly used to add, modify, or remove response headers in various situations, such as implementing security headers, cache control, or Content Security Policy (CSP). The command '''a2enmod headers''' is used to enable the headers module in the Apache web server. Once the module is enabled, you can use its features in your Apache configuration files (e.g., .htaccess or httpd.conf). Here's a step-by-step explanation of the command: :* a2enmod: This is the utility you are using to enable Apache modules. :* headers: This is the specific Apache module you want to enable. </div> </div> <code>apache2ctl configtest</code> <div class="toccolours mw-collapsible mw-collapsed"> apache2ctl configtest: <div class="mw-collapsible-content"> '''apache2ctl configtest''' is a command used to check the syntax of your Apache configuration files without actually restarting the server. This is useful for detecting any syntax errors or issues in your configuration files before applying changes to the running server. </div> </div> <code>systemctl restart apache2</code> ==Check Wiki Working== ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ===LocalSettings.php Launch Wiki=== Send the Downloaded '''LocalSettings.php''' file to your server's mediawiki directory: <code>scp Downloads/LocalSettings.php root@www.completenoobs.com:/var/www/html/noobs/</code> And revisit you site on Browser <code>www.completenoobs.com</code><br> '''''Welcome to your wiki''''' ==Customize and Config your Wiki== ===Setup Email Config=== <code>$EDITOR /var/www/html/noobs/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>scp completenoobs-logo.png root@www.completenoobs.com:/var/www/html/noobs/resources/assets/</code><br> Back in Server edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/noobs/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/noobs/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/noobs/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/noobs/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. :* <code>wget https://extdist.wmflabs.org/dist/extensions/PageNotice-REL1_39-bf69636.tar.gz</code> :* <code>tar zxvf PageNotice-REL1_39-bf69636.tar.gz -C /var/www/html/noobs/extensions/</code> in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Youtube extension=== * needed to view embedded videos https://www.mediawiki.org/wiki/Extension:YouTube <code>wget https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /var/www/html/mediawiki/extensions/</code> * Append to '''LocalSettings.php''' <code>wfLoadExtension( 'YouTube' );</code> * On wiki page can now embed youtube videos ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> ===Syntax highlighting not working=== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> ==Policy Pages== ==Remove '''index.php''' from '''URL'''== mediawiki remove index.php path of wiki is /var/www/html/noobs/ i want apache to show completenoobs.com/noobs/Main_Page To remove the "index.php" from the URLs of your MediaWiki installation, you need to enable pretty URLs using the .htaccess file and modify your LocalSettings.php. Here's how you can do that: === Create or modify the .htaccess file=== First, navigate to your MediaWiki root folder, in your case /var/www/html/noobs/. If you don't have a .htaccess file, create one in this folder. Then, add the following content to the .htaccess file: <pre> RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php/$1 [L,QSA] </pre> This code enables the Apache rewrite engine and tells it to redirect requests that don't match existing files or directories to the index.php file. === Modify the LocalSettings.php file:=== Next, you'll need to modify the LocalSettings.php file, which should be located in your MediaWiki root folder (/var/www/html/noobs/). Add or modify the following lines: <pre> $wgScriptPath = "/noobs"; $wgArticlePath = "{$wgScriptPath}/$1"; $wgUsePathInfo = true; </pre> * note: you should already have <code>$wgScriptPath = "/noobs";</code> in LocalSettings.php This code sets the base path for your wiki (/noobs), defines the article path pattern, and enables the use of path info. === Enable the Apache mod_rewrite module=== <code>root@noobs:/var/www/html/noobs# cat /etc/apache2/sites-available/000-default-le-ssl.conf </code> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName completenoobs.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.completenoobs.com SSLCertificateFile /etc/letsencrypt/live/completenoobs.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/completenoobs.com/privkey.pem </VirtualHost> </IfModule> </pre> Add <pre> <Directory /var/www/html/noobs> Options FollowSymLinks AllowOverride All Require all granted </Directory> </pre> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined <Directory /var/www/html/noobs> Options FollowSymLinks AllowOverride All Require all granted </Directory> # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName completenoobs.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.completenoobs.com SSLCertificateFile /etc/letsencrypt/live/completenoobs.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/completenoobs.com/privkey.pem </VirtualHost> </IfModule> </pre> Make sure the mod_rewrite module is enabled in your Apache configuration. You can enable it by running the following command: <code>sudo a2enmod rewrite</code> After enabling the module, restart Apache: <code>sudo systemctl restart apache2</code> Now, your MediaWiki installation should use pretty URLs without "index.php" in the path. In your case, it will show URLs like completenoobs.com/noobs/Main_Page. ==Fail2Ban - optional== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/noobs/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> :* [[Text_Editing_and_Processing#Regular_expressions_(regex)|Basic Regex Guide]] <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Sitemap for search engines== :* Command to be run in your mediawiki directory :* <code>cd /var/www/html/noobs</code> <pre> php maintenance/generateSitemap.php --memory-limit=50M --fspath=/var/www/html/noobs/sitemap/ --identifier=completenoobs --urlpath=www.completenoobs.com/sitemap/ --server=https://www.completenoobs.com --compress=yes --skip-redirects </pre> :* There should now be a '''sitemaps''' Directory in your mediawiki direcotry <code>/var/www/html/noobs/sitemap</code> with the following content: <pre> sitemap-completenoobs-NS_0-0.xml.gz sitemap-completenoobs-NS_4-0.xml.gz sitemap-completenoobs-NS_5-0.xml.gz sitemap-completenoobs-NS_8-0.xml.gz sitemap-index-completenoobs.xml </pre> Warning Bug:<br> there was error getting this on google, could not remember how i fixed it, will look into later ==Backup Your Wiki== Its always a good idea to backup your wiki! Losing days of work is not fun! ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== :* Will be '''prompted''' for password:<br \> :** Note: If you forgot your Database details, you can find them on your LocalSettings.php file <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> ====Backup Script==== * tis script will need a dir /var/wikibk <syntaxhighlight lang="python" line> #!/bin/bash # Define paths and filenames mediawiki_root_dir="/var/www/html/noobs" local_settings_path="/var/www/html/noobs/LocalSettings.php" database_backup_filename="Noobs_db.sql.gz" root_dir_backup_filename="mediawiki-rootDir.tgz" # Get the current timestamp timestamp=$(date +"%Y-%m-%d_%H-%M-%S") combined_backup_filename="mediawiki-transfer-${timestamp}.tgz" # Get database details from LocalSettings.php db_host=$(grep -oP "\$wgDBserver\s*=\s*'\K[^']*" "$local_settings_path") db_name=$(grep -oP "\$wgDBname\s*=\s*'\K[^']*" "$local_settings_path") db_user=$(grep -oP "\$wgDBuser\s*=\s*'\K[^']*" "$local_settings_path") db_pass=$(grep -oP "\$wgDBpassword\s*=\s*'\K[^']*" "$local_settings_path") # Set the wiki to read-only sed -i "/^\$wgDBpassword/ a \$wgReadOnly = 'Dumping Database, Access will be restored shortly';" "$local_settings_path" # Run mysqldump command using the extracted details mysqldump -h "$db_host" --default-character-set=binary --no-tablespaces -u "$db_user" --password="$db_pass" "$db_name" | gzip > /root/"$database_backup_filename" # Remove read-only mode sed -i "/^\$wgReadOnly = 'Dumping Database, Access will be restored shortly';/d" "$local_settings_path" # Back up MediaWiki root directory tar cvzhf /root/"$root_dir_backup_filename" "$mediawiki_root_dir" # Combine backup files into a single file for easy transport cd /root/ tar cvzhf "/var/wikibk/$combined_backup_filename" "$root_dir_backup_filename" "$database_backup_filename" </syntaxhighlight> =====Backup the Backup to Local Server/Computer===== <div class="toccolours mw-collapsible mw-collapsed"> Backup Full Dumps to Home Computer using script: <div class="mw-collapsible-content"> <syntaxhighlight lang="bash" line> #!/bin/bash # Set variables local_backup_dir="/home/ubunix/wiki-backups" remote_user="your_remote_username" remote_host="completenoobs.com" remote_backup_dir="/var/wikibk" private_key_path="/home/ubunix/.ssh/key" # Create the local backup directory if it doesn't exist mkdir -p "$local_backup_dir" # Create temporary files local_tmp_file="/tmp/FILE1.txt" remote_tmp_file="/tmp/FILE2.txt" # List files in the local and remote backup directories to temporary files find "$local_backup_dir" -mindepth 1 -maxdepth 1 -type f -exec basename {} \; | sort > "$local_tmp_file" ssh -i "$private_key_path" "$remote_user@$remote_host" "find $remote_backup_dir -mindepth 1 -maxdepth 1 -type f -exec basename {} \; | sort" > "$remote_tmp_file" # Compare the temporary files and download missing files using scp while read -r remote_file; do if ! grep -q -F "$remote_file" "$local_tmp_file"; then scp -i "$private_key_path" -r "$remote_user@$remote_host:$remote_backup_dir/$remote_file" "$local_backup_dir/" fi done < "$remote_tmp_file" # Remove temporary files rm "$local_tmp_file" rm "$remote_tmp_file" </syntaxhighlight> </div> </div> ===Restore wiki=== <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> ====Create basebase==== NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> ====Restore Database==== <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ====Config Apache2==== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===XML Dump only=== ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash set -x time_stamp=$(date '+%d_%m_%y') dumps_dir="/var/www/dumps" noobs_dir="/var/www/html/noobs" local_settings="$noobs_dir/LocalSettings.php" wiki_dump_dir="$dumps_dir/$time_stamp.Noobs" xmlkey="/root/.ssh/xmlkey" remote_host="rscp@xml.completenoobs.com" remote_path="/home/rscp/media/" function ensure_read_only_line_exists { if ! grep -q "wgReadOnly" "$local_settings"; then cat <<EOF >> "$local_settings" \$wgReadOnly = 'Dumping Database, Access will be restored shortly'; EOF fi } function set_wiki_read_only { sed -i 's/^#*\(\$wgReadOnly\)/\1/' "$local_settings" } function unset_wiki_read_only { sed -i 's/^\(\$wgReadOnly\)/#\1/' "$local_settings" } function create_directories { mkdir -p "$dumps_dir" mkdir -p "$wiki_dump_dir" } function dump_wiki { php "$noobs_dir/maintenance/dumpBackup.php" --full > "$wiki_dump_dir/$time_stamp.Noobs.xml" } function generate_checksums { md5sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.md5sum.txt" sha256sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.sha256sum.txt" } function push_to_remote { scp -i /root/.ssh/xmlkey -r /var/www/dumps/$time_stamp.Noobs rscp@xml.completenoobs.com:/home/rscp/media/ #rsync -avz -e "ssh -i $xmlkey" "$wiki_dump_dir" "$remote_host:$remote_path" } # Main script ensure_read_only_line_exists create_directories set_wiki_read_only dump_wiki generate_checksums unset_wiki_read_only push_to_remote </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import XML Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ===Delete a User from MediaWiki Database=== <div class="toccolours mw-collapsible mw-collapsed"> '''MySQL Commands to Delete a User from MediaWiki Database''' <div class="mw-collapsible-content"> Removes a user from the MediaWiki <code>user</code> table to prevent login. Use with caution and back up first. 1. '''Log in to MySQL''': <syntaxhighlight lang="bash"> mysql -u root -p </syntaxhighlight> 2. '''Select Database''': <syntaxhighlight lang="sql"> USE your_wiki_database; </syntaxhighlight> Replace <code>your_wiki_database</code> with your wiki’s database name (check <code>LocalSettings.php</code> for <code>$wgDBname</code>). 3. '''Find User''': <syntaxhighlight lang="sql"> SELECT user_id, user_name FROM user; </syntaxhighlight> Note the <code>user_id</code> or <code>user_name</code> of the bot user (e.g., <code>SpamBot123</code>, ID <code>123</code>). 4. '''Delete User''': <syntaxhighlight lang="sql"> DELETE FROM user WHERE user_name = 'SpamBot123'; </syntaxhighlight> Or by ID: <syntaxhighlight lang="sql"> DELETE FROM user WHERE user_id = 123; </syntaxhighlight> 5. '''Verify Deletion''': <syntaxhighlight lang="sql"> SELECT user_name FROM user WHERE user_name = 'SpamBot123'; </syntaxhighlight> No rows means the user is deleted. 6. '''Clear Cache (Optional)''': <syntaxhighlight lang="bash"> php maintenance/rebuildall.php </syntaxhighlight> Run from MediaWiki root directory. '''Notes''': * '''Backup''': Run <code>mysqldump -u root -p your_wiki_database > backup.sql</code> before deleting. * '''Contributions''': User edits remain in <code>revision</code> table. Deleting them is complex. * '''Sessions''': Restart web server (<code>sudo systemctl restart apache2</code>) to end active sessions. [[Category:Admin Tools]] </div> </div> c46rde9kdmmrowdr3ftj9ltb351so4a 519 518 2025-04-21T17:02:31Z AwesomO 5 /* Delete a User from MediaWiki Database */ 519 wikitext text/x-wiki ==Creating a MediaWiki Server on Ubuntu with Apache2== ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> <code>usermod -c</code>: <div class="mw-collapsible-content"> The "usermod" command in Linux is used to modify user account details. The "-c" option in the "usermod" command is used to change the comment (or description) field associated with a user account. Specifically, when you run the command "usermod -c <comment> <username>", it will update the comment field of the user account associated with the given username to the specified comment. The comment is typically used to provide additional information about the user, such as their full name, job title, or department. For example, if you run the command "usermod -c 'John Smith' john", it will update the comment field for the user account "john" to "John Smith". You can then use tools like the "finger" command to display this information, e.g., "finger john". </div> </div> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===Create Swap space on server=== <div class="toccolours mw-collapsible mw-collapsed"> What are the benifits of having '''swap space''' on your server: <div class="mw-collapsible-content"> Having a swap space on your server can provide several benefits, including: :* Improved system stability: When your server runs out of RAM, it can cause instability and even crashes. Swap space provides a safety net by allowing the operating system to move inactive data from RAM to disk, freeing up RAM for more active processes. :* Increased memory availability: Swap space can provide additional virtual memory to the system, allowing it to handle more demanding workloads than it could with just physical memory alone. :* Enhanced performance: While swap space is not as fast as physical memory, it can help prevent thrashing, which is when the operating system spends too much time swapping data between RAM and disk. By providing an additional layer of memory, swap space can improve overall system performance. :* More flexibility: Swap space allows you to allocate memory resources more efficiently. For example, you can configure your system to have a smaller amount of physical memory and a larger swap space, or vice versa, depending on your specific workload and requirements. :* Improved application availability: In some cases, applications may require a certain amount of available memory to function properly. Having swap space can ensure that the system has enough memory to keep these applications running even when physical memory is low. Overall, having swap space on your server can provide a valuable safety net and help improve system stability and performance. </div> </div> ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===auto update server=== [[Ubuntu_unattended-upgrades|View here for more info on Ubuntu unattended upgrades]]<br> <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install Apache2=== <code>apt install apache2</code> Can now visit your domain in browser to check it works:<br> Make sure you use '''http''' and Not '''https''' as not yet configured. ====CertBot LetsEncrypt '''''https'''''==== Install certbot<br \> <code>snap install certbot --classic</code><br \> Create Cert<br \> <code>certbot --apache -d completenoobs.com -d www.completenoobs.com</code><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ===Install MediaWiki=== <code>apt install mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/noobs</code> <code>chown -R www-data:www-data /var/www/html/noobs</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ===Config Apache2=== ==== Create a Apache2 Config file for your site==== <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@completenoobs.com # Redirect Requests to SSL Redirect permanent "/" "https://www.completenoobs.com" </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/noobs ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined # Path from certbot can be found in 000-default-le-ssl.conf <Directory /var/www/html/noobs> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> </VirtualHost> </IfModule> </pre> ====Edit '''"000-default-le-ssl.conf"''' created by certbot to correct path==== <code>$EDITOR /etc/apache2/sites-enabled/000-default-le-ssl.conf</code> Change the '''DocumentRoot''' path to your mediawiki directory. :* <code>DocumentRoot /var/www/html</code> : To :* <code>DocumentRoot /var/www/html/noobs</code> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName noblemage.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.noblemage.com SSLCertificateFile /etc/letsencrypt/live/noblemage.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/noblemage.com/privkey.pem </VirtualHost> </IfModule> </pre> <div class="toccolours mw-collapsible mw-collapsed"> After Change <code>/etc/apache2/sites-enabled/000-default-le-ssl.conf</code>: <div class="mw-collapsible-content"> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html/noobs # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName noblemage.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.noblemage.com SSLCertificateFile /etc/letsencrypt/live/noblemage.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/noblemage.com/privkey.pem </VirtualHost> </IfModule> </pre> </div> </div> ====Reload Apache2==== <code>a2dissite 000-default</code> <div class="toccolours mw-collapsible mw-collapsed"> a2dissite 000-default: <div class="mw-collapsible-content"> To disable the default Apache site on a Debian-based system like Ubuntu, you can use the '''a2dissite''' command. The default site configuration is usually named '''000-default.conf'''. To re-enable use <code>a2ensite 000-default</code> </div> </div> <code>a2ensite completenoobs.com</code> <div class="toccolours mw-collapsible mw-collapsed"> a2ensite completenoobs.com: <div class="mw-collapsible-content"> '''a2ensite''' is a command-line utility in Debian-based systems, like Ubuntu, that enables a specific site configuration in the Apache web server. The term a2ensite is derived from "Apache 2 Enable Site." When you create a new virtual host configuration file for your website in the '''/etc/apache2/sites-available/''' directory, you need to enable it for Apache to start serving the site. The a2ensite command is used to enable a site by creating a symbolic link from the '''sites-available''' directory to the '''sites-enabled''' directory. Here's how to use a2ensite: : Create a virtual host configuration file for your website in the /etc/apache2/sites-available/ directory. For example: <code>sudo nano /etc/apache2/sites-available/mywebsite.conf</code> Replace mywebsite with the name of your website or domain. Add the appropriate configuration to the virtual host file, and save it. Use the a2ensite command to enable the new site configuration: <code>sudo a2ensite mywebsite</code> Replace mywebsite with the name of your website or domain (without the .conf extension). </div> </div> <code>a2enmod ssl</code> <div class="toccolours mw-collapsible mw-collapsed"> a2enmod ssl: <div class="mw-collapsible-content"> '''a2enmod ssl''' is a command used to enable the '''ssl''' module in the Apache web server on Debian-based systems, like Ubuntu. The ssl module provides support for SSL/TLS encryption, which is necessary for serving websites securely over HTTPS. </div> </div> <code>a2enmod headers</code> <div class="toccolours mw-collapsible mw-collapsed"> a2enmod headers: <div class="mw-collapsible-content"> '''a2enmod''' is a command-line utility in Debian-based systems, like Ubuntu, used to enable Apache modules. The term a2enmod is derived from "Apache 2 Enable Module." headers is an Apache module that allows you to manipulate HTTP response headers sent back to clients. It is commonly used to add, modify, or remove response headers in various situations, such as implementing security headers, cache control, or Content Security Policy (CSP). The command '''a2enmod headers''' is used to enable the headers module in the Apache web server. Once the module is enabled, you can use its features in your Apache configuration files (e.g., .htaccess or httpd.conf). Here's a step-by-step explanation of the command: :* a2enmod: This is the utility you are using to enable Apache modules. :* headers: This is the specific Apache module you want to enable. </div> </div> <code>apache2ctl configtest</code> <div class="toccolours mw-collapsible mw-collapsed"> apache2ctl configtest: <div class="mw-collapsible-content"> '''apache2ctl configtest''' is a command used to check the syntax of your Apache configuration files without actually restarting the server. This is useful for detecting any syntax errors or issues in your configuration files before applying changes to the running server. </div> </div> <code>systemctl restart apache2</code> ==Check Wiki Working== ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ===LocalSettings.php Launch Wiki=== Send the Downloaded '''LocalSettings.php''' file to your server's mediawiki directory: <code>scp Downloads/LocalSettings.php root@www.completenoobs.com:/var/www/html/noobs/</code> And revisit you site on Browser <code>www.completenoobs.com</code><br> '''''Welcome to your wiki''''' ==Customize and Config your Wiki== ===Setup Email Config=== <code>$EDITOR /var/www/html/noobs/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>scp completenoobs-logo.png root@www.completenoobs.com:/var/www/html/noobs/resources/assets/</code><br> Back in Server edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/noobs/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/noobs/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/noobs/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://www.completenoobs.com/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/noobs/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. :* <code>wget https://extdist.wmflabs.org/dist/extensions/PageNotice-REL1_39-bf69636.tar.gz</code> :* <code>tar zxvf PageNotice-REL1_39-bf69636.tar.gz -C /var/www/html/noobs/extensions/</code> in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Youtube extension=== * needed to view embedded videos https://www.mediawiki.org/wiki/Extension:YouTube <code>wget https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /var/www/html/mediawiki/extensions/</code> * Append to '''LocalSettings.php''' <code>wfLoadExtension( 'YouTube' );</code> * On wiki page can now embed youtube videos ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> ===Syntax highlighting not working=== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> ==Policy Pages== ==Remove '''index.php''' from '''URL'''== mediawiki remove index.php path of wiki is /var/www/html/noobs/ i want apache to show completenoobs.com/noobs/Main_Page To remove the "index.php" from the URLs of your MediaWiki installation, you need to enable pretty URLs using the .htaccess file and modify your LocalSettings.php. Here's how you can do that: === Create or modify the .htaccess file=== First, navigate to your MediaWiki root folder, in your case /var/www/html/noobs/. If you don't have a .htaccess file, create one in this folder. Then, add the following content to the .htaccess file: <pre> RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php/$1 [L,QSA] </pre> This code enables the Apache rewrite engine and tells it to redirect requests that don't match existing files or directories to the index.php file. === Modify the LocalSettings.php file:=== Next, you'll need to modify the LocalSettings.php file, which should be located in your MediaWiki root folder (/var/www/html/noobs/). Add or modify the following lines: <pre> $wgScriptPath = "/noobs"; $wgArticlePath = "{$wgScriptPath}/$1"; $wgUsePathInfo = true; </pre> * note: you should already have <code>$wgScriptPath = "/noobs";</code> in LocalSettings.php This code sets the base path for your wiki (/noobs), defines the article path pattern, and enables the use of path info. === Enable the Apache mod_rewrite module=== <code>root@noobs:/var/www/html/noobs# cat /etc/apache2/sites-available/000-default-le-ssl.conf </code> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName completenoobs.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.completenoobs.com SSLCertificateFile /etc/letsencrypt/live/completenoobs.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/completenoobs.com/privkey.pem </VirtualHost> </IfModule> </pre> Add <pre> <Directory /var/www/html/noobs> Options FollowSymLinks AllowOverride All Require all granted </Directory> </pre> <pre> <IfModule mod_ssl.c> <VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin webmaster@localhost DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined <Directory /var/www/html/noobs> Options FollowSymLinks AllowOverride All Require all granted </Directory> # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf ServerName completenoobs.com Include /etc/letsencrypt/options-ssl-apache.conf ServerAlias www.completenoobs.com SSLCertificateFile /etc/letsencrypt/live/completenoobs.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/completenoobs.com/privkey.pem </VirtualHost> </IfModule> </pre> Make sure the mod_rewrite module is enabled in your Apache configuration. You can enable it by running the following command: <code>sudo a2enmod rewrite</code> After enabling the module, restart Apache: <code>sudo systemctl restart apache2</code> Now, your MediaWiki installation should use pretty URLs without "index.php" in the path. In your case, it will show URLs like completenoobs.com/noobs/Main_Page. ==Fail2Ban - optional== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/noobs/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> :* [[Text_Editing_and_Processing#Regular_expressions_(regex)|Basic Regex Guide]] <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Sitemap for search engines== :* Command to be run in your mediawiki directory :* <code>cd /var/www/html/noobs</code> <pre> php maintenance/generateSitemap.php --memory-limit=50M --fspath=/var/www/html/noobs/sitemap/ --identifier=completenoobs --urlpath=www.completenoobs.com/sitemap/ --server=https://www.completenoobs.com --compress=yes --skip-redirects </pre> :* There should now be a '''sitemaps''' Directory in your mediawiki direcotry <code>/var/www/html/noobs/sitemap</code> with the following content: <pre> sitemap-completenoobs-NS_0-0.xml.gz sitemap-completenoobs-NS_4-0.xml.gz sitemap-completenoobs-NS_5-0.xml.gz sitemap-completenoobs-NS_8-0.xml.gz sitemap-index-completenoobs.xml </pre> Warning Bug:<br> there was error getting this on google, could not remember how i fixed it, will look into later ==Backup Your Wiki== Its always a good idea to backup your wiki! Losing days of work is not fun! ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== :* Will be '''prompted''' for password:<br \> :** Note: If you forgot your Database details, you can find them on your LocalSettings.php file <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> ====Backup Script==== * tis script will need a dir /var/wikibk <syntaxhighlight lang="python" line> #!/bin/bash # Define paths and filenames mediawiki_root_dir="/var/www/html/noobs" local_settings_path="/var/www/html/noobs/LocalSettings.php" database_backup_filename="Noobs_db.sql.gz" root_dir_backup_filename="mediawiki-rootDir.tgz" # Get the current timestamp timestamp=$(date +"%Y-%m-%d_%H-%M-%S") combined_backup_filename="mediawiki-transfer-${timestamp}.tgz" # Get database details from LocalSettings.php db_host=$(grep -oP "\$wgDBserver\s*=\s*'\K[^']*" "$local_settings_path") db_name=$(grep -oP "\$wgDBname\s*=\s*'\K[^']*" "$local_settings_path") db_user=$(grep -oP "\$wgDBuser\s*=\s*'\K[^']*" "$local_settings_path") db_pass=$(grep -oP "\$wgDBpassword\s*=\s*'\K[^']*" "$local_settings_path") # Set the wiki to read-only sed -i "/^\$wgDBpassword/ a \$wgReadOnly = 'Dumping Database, Access will be restored shortly';" "$local_settings_path" # Run mysqldump command using the extracted details mysqldump -h "$db_host" --default-character-set=binary --no-tablespaces -u "$db_user" --password="$db_pass" "$db_name" | gzip > /root/"$database_backup_filename" # Remove read-only mode sed -i "/^\$wgReadOnly = 'Dumping Database, Access will be restored shortly';/d" "$local_settings_path" # Back up MediaWiki root directory tar cvzhf /root/"$root_dir_backup_filename" "$mediawiki_root_dir" # Combine backup files into a single file for easy transport cd /root/ tar cvzhf "/var/wikibk/$combined_backup_filename" "$root_dir_backup_filename" "$database_backup_filename" </syntaxhighlight> =====Backup the Backup to Local Server/Computer===== <div class="toccolours mw-collapsible mw-collapsed"> Backup Full Dumps to Home Computer using script: <div class="mw-collapsible-content"> <syntaxhighlight lang="bash" line> #!/bin/bash # Set variables local_backup_dir="/home/ubunix/wiki-backups" remote_user="your_remote_username" remote_host="completenoobs.com" remote_backup_dir="/var/wikibk" private_key_path="/home/ubunix/.ssh/key" # Create the local backup directory if it doesn't exist mkdir -p "$local_backup_dir" # Create temporary files local_tmp_file="/tmp/FILE1.txt" remote_tmp_file="/tmp/FILE2.txt" # List files in the local and remote backup directories to temporary files find "$local_backup_dir" -mindepth 1 -maxdepth 1 -type f -exec basename {} \; | sort > "$local_tmp_file" ssh -i "$private_key_path" "$remote_user@$remote_host" "find $remote_backup_dir -mindepth 1 -maxdepth 1 -type f -exec basename {} \; | sort" > "$remote_tmp_file" # Compare the temporary files and download missing files using scp while read -r remote_file; do if ! grep -q -F "$remote_file" "$local_tmp_file"; then scp -i "$private_key_path" -r "$remote_user@$remote_host:$remote_backup_dir/$remote_file" "$local_backup_dir/" fi done < "$remote_tmp_file" # Remove temporary files rm "$local_tmp_file" rm "$remote_tmp_file" </syntaxhighlight> </div> </div> ===Restore wiki=== <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> ====Create basebase==== NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> ====Restore Database==== <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> ====Config Apache2==== <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> ====Reload Apache2==== <code> systemctl restart apache2 </code> ===XML Dump only=== ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash set -x time_stamp=$(date '+%d_%m_%y') dumps_dir="/var/www/dumps" noobs_dir="/var/www/html/noobs" local_settings="$noobs_dir/LocalSettings.php" wiki_dump_dir="$dumps_dir/$time_stamp.Noobs" xmlkey="/root/.ssh/xmlkey" remote_host="rscp@xml.completenoobs.com" remote_path="/home/rscp/media/" function ensure_read_only_line_exists { if ! grep -q "wgReadOnly" "$local_settings"; then cat <<EOF >> "$local_settings" \$wgReadOnly = 'Dumping Database, Access will be restored shortly'; EOF fi } function set_wiki_read_only { sed -i 's/^#*\(\$wgReadOnly\)/\1/' "$local_settings" } function unset_wiki_read_only { sed -i 's/^\(\$wgReadOnly\)/#\1/' "$local_settings" } function create_directories { mkdir -p "$dumps_dir" mkdir -p "$wiki_dump_dir" } function dump_wiki { php "$noobs_dir/maintenance/dumpBackup.php" --full > "$wiki_dump_dir/$time_stamp.Noobs.xml" } function generate_checksums { md5sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.md5sum.txt" sha256sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.sha256sum.txt" } function push_to_remote { scp -i /root/.ssh/xmlkey -r /var/www/dumps/$time_stamp.Noobs rscp@xml.completenoobs.com:/home/rscp/media/ #rsync -avz -e "ssh -i $xmlkey" "$wiki_dump_dir" "$remote_host:$remote_path" } # Main script ensure_read_only_line_exists create_directories set_wiki_read_only dump_wiki generate_checksums unset_wiki_read_only push_to_remote </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import XML Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ===Delete a User from MediaWiki Database=== <div class="toccolours mw-collapsible mw-collapsed"> '''MySQL Commands to Delete a User from MediaWiki Database''' <div class="mw-collapsible-content"> Removes a user from the MediaWiki <code>user</code> table to prevent login. Use with caution and back up first. 1. '''Log in to MySQL''': <syntaxhighlight lang="bash"> mysql -u root -p </syntaxhighlight> 2. '''Select Database''': <syntaxhighlight lang="sql"> USE your_wiki_database; </syntaxhighlight> Replace <code>your_wiki_database</code> with your wiki’s database name (check <code>LocalSettings.php</code> for <code>$wgDBname</code>). 3. '''Find User''': <syntaxhighlight lang="sql"> SELECT user_id, user_name FROM user; </syntaxhighlight> Note the <code>user_id</code> or <code>user_name</code> of the bot user (e.g., <code>SpamBot123</code>, ID <code>123</code>). 4. '''Delete User''': <syntaxhighlight lang="sql"> DELETE FROM user WHERE user_name = 'SpamBot123'; </syntaxhighlight> Or by ID: <syntaxhighlight lang="sql"> DELETE FROM user WHERE user_id = 123; </syntaxhighlight> 5. '''Verify Deletion''': <syntaxhighlight lang="sql"> SELECT user_name FROM user WHERE user_name = 'SpamBot123'; </syntaxhighlight> No rows means the user is deleted. 6. '''Clear Cache (Optional)''': <syntaxhighlight lang="bash"> php maintenance/rebuildall.php </syntaxhighlight> Run from MediaWiki root directory. '''Notes''': * '''Backup''': Run <code>mysqldump -u root -p your_wiki_database > backup.sql</code> before deleting. * '''Contributions''': User edits remain in <code>revision</code> table. Deleting them is complex. * '''Sessions''': Restart web server (<code>sudo systemctl restart apache2</code>) to end active sessions. </div> </div> qk5v8uya28wujxdnk6xm7fvr2ody3s3 0 99 352 2023-04-23T22:24:58Z AwesomO 5 Created page with " '''$EDITOR''' is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=..." 352 wikitext text/x-wiki '''$EDITOR''' is used as a place holder for an editor of your choice. ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash set -x time_stamp=$(date '+%d_%m_%y') dumps_dir="/var/www/dumps" noobs_dir="/var/www/html/noobs" local_settings="$noobs_dir/LocalSettings.php" wiki_dump_dir="$dumps_dir/$time_stamp.Noobs" xmlkey="/root/.ssh/xmlkey" remote_host="rscp@xml.completenoobs.com" remote_path="/home/rscp/media/" function ensure_read_only_line_exists { if ! grep -q "wgReadOnly" "$local_settings"; then cat <<EOF >> "$local_settings" \$wgReadOnly = 'Dumping Database, Access will be restored shortly'; EOF fi } function set_wiki_read_only { sed -i 's/^#*\(\$wgReadOnly\)/\1/' "$local_settings" } function unset_wiki_read_only { sed -i 's/^\(\$wgReadOnly\)/#\1/' "$local_settings" } function create_directories { mkdir -p "$dumps_dir" mkdir -p "$wiki_dump_dir" } function dump_wiki { php "$noobs_dir/maintenance/dumpBackup.php" --full > "$wiki_dump_dir/$time_stamp.Noobs.xml" } function generate_checksums { md5sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.md5sum.txt" sha256sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.sha256sum.txt" } function push_to_remote { scp -i /root/.ssh/xmlkey -r /var/www/dumps/$time_stamp.Noobs rscp@xml.completenoobs.com:/home/rscp/media/ #rsync -avz -e "ssh -i $xmlkey" "$wiki_dump_dir" "$remote_host:$remote_path" } # Main script ensure_read_only_line_exists create_directories set_wiki_read_only dump_wiki generate_checksums unset_wiki_read_only push_to_remote </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==Remove <b>Index.php</b> From URL== [[Mediawiki_Remove_index.php|How to remove the Index.php from URL]] ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> ==Notes== ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> ptrxf07r38kd1swb65y6iul9cttr8iw 353 352 2023-04-23T22:26:09Z AwesomO 5 353 wikitext text/x-wiki [[Command_Line_Editors#Set_$EDITOR|'''$EDITOR''' is used as a place holder for an editor of your choice.]] ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash set -x time_stamp=$(date '+%d_%m_%y') dumps_dir="/var/www/dumps" noobs_dir="/var/www/html/noobs" local_settings="$noobs_dir/LocalSettings.php" wiki_dump_dir="$dumps_dir/$time_stamp.Noobs" xmlkey="/root/.ssh/xmlkey" remote_host="rscp@xml.completenoobs.com" remote_path="/home/rscp/media/" function ensure_read_only_line_exists { if ! grep -q "wgReadOnly" "$local_settings"; then cat <<EOF >> "$local_settings" \$wgReadOnly = 'Dumping Database, Access will be restored shortly'; EOF fi } function set_wiki_read_only { sed -i 's/^#*\(\$wgReadOnly\)/\1/' "$local_settings" } function unset_wiki_read_only { sed -i 's/^\(\$wgReadOnly\)/#\1/' "$local_settings" } function create_directories { mkdir -p "$dumps_dir" mkdir -p "$wiki_dump_dir" } function dump_wiki { php "$noobs_dir/maintenance/dumpBackup.php" --full > "$wiki_dump_dir/$time_stamp.Noobs.xml" } function generate_checksums { md5sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.md5sum.txt" sha256sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.sha256sum.txt" } function push_to_remote { scp -i /root/.ssh/xmlkey -r /var/www/dumps/$time_stamp.Noobs rscp@xml.completenoobs.com:/home/rscp/media/ #rsync -avz -e "ssh -i $xmlkey" "$wiki_dump_dir" "$remote_host:$remote_path" } # Main script ensure_read_only_line_exists create_directories set_wiki_read_only dump_wiki generate_checksums unset_wiki_read_only push_to_remote </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==Remove <b>Index.php</b> From URL== [[Mediawiki_Remove_index.php|How to remove the Index.php from URL]] ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> ==Notes== ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> nin38bb9fn3w8hr4erjvfks5bvtudug 354 353 2023-04-23T22:26:24Z AwesomO 5 354 wikitext text/x-wiki :* [[Command_Line_Editors#Set_$EDITOR|'''$EDITOR''' is used as a place holder for an editor of your choice.]] ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash set -x time_stamp=$(date '+%d_%m_%y') dumps_dir="/var/www/dumps" noobs_dir="/var/www/html/noobs" local_settings="$noobs_dir/LocalSettings.php" wiki_dump_dir="$dumps_dir/$time_stamp.Noobs" xmlkey="/root/.ssh/xmlkey" remote_host="rscp@xml.completenoobs.com" remote_path="/home/rscp/media/" function ensure_read_only_line_exists { if ! grep -q "wgReadOnly" "$local_settings"; then cat <<EOF >> "$local_settings" \$wgReadOnly = 'Dumping Database, Access will be restored shortly'; EOF fi } function set_wiki_read_only { sed -i 's/^#*\(\$wgReadOnly\)/\1/' "$local_settings" } function unset_wiki_read_only { sed -i 's/^\(\$wgReadOnly\)/#\1/' "$local_settings" } function create_directories { mkdir -p "$dumps_dir" mkdir -p "$wiki_dump_dir" } function dump_wiki { php "$noobs_dir/maintenance/dumpBackup.php" --full > "$wiki_dump_dir/$time_stamp.Noobs.xml" } function generate_checksums { md5sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.md5sum.txt" sha256sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.sha256sum.txt" } function push_to_remote { scp -i /root/.ssh/xmlkey -r /var/www/dumps/$time_stamp.Noobs rscp@xml.completenoobs.com:/home/rscp/media/ #rsync -avz -e "ssh -i $xmlkey" "$wiki_dump_dir" "$remote_host:$remote_path" } # Main script ensure_read_only_line_exists create_directories set_wiki_read_only dump_wiki generate_checksums unset_wiki_read_only push_to_remote </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==EmbedVideo== https://www.mediawiki.org/wiki/Extension:EmbedVideo<br> <code>apt install unzip</code><br> <code>wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.9.0/EmbedVideo-v2.9.0.zip</code><br> <code>unzip EmbedVideo-v2.9.0.zip -d /var/www/html/mediawiki/extensions/</code><br> <br> <code>mv /var/www/html/mediawiki/extensions/EmbedVideo-v2.9.0 /var/www/html/mediawiki/extensions/EmbedVideo</code><br> <br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> <pre> #Embed Video wfLoadExtension( 'EmbedVideo' ); </pre> ==Remove <b>Index.php</b> From URL== [[Mediawiki_Remove_index.php|How to remove the Index.php from URL]] ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> ==Notes== ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> q5zs8bf302pmvsp2ldslk0r7gd7b73f 386 354 2023-05-04T17:07:51Z Noob 1 /* EmbedVideo */ 386 wikitext text/x-wiki :* [[Command_Line_Editors#Set_$EDITOR|'''$EDITOR''' is used as a place holder for an editor of your choice.]] ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash set -x time_stamp=$(date '+%d_%m_%y') dumps_dir="/var/www/dumps" noobs_dir="/var/www/html/noobs" local_settings="$noobs_dir/LocalSettings.php" wiki_dump_dir="$dumps_dir/$time_stamp.Noobs" xmlkey="/root/.ssh/xmlkey" remote_host="rscp@xml.completenoobs.com" remote_path="/home/rscp/media/" function ensure_read_only_line_exists { if ! grep -q "wgReadOnly" "$local_settings"; then cat <<EOF >> "$local_settings" \$wgReadOnly = 'Dumping Database, Access will be restored shortly'; EOF fi } function set_wiki_read_only { sed -i 's/^#*\(\$wgReadOnly\)/\1/' "$local_settings" } function unset_wiki_read_only { sed -i 's/^\(\$wgReadOnly\)/#\1/' "$local_settings" } function create_directories { mkdir -p "$dumps_dir" mkdir -p "$wiki_dump_dir" } function dump_wiki { php "$noobs_dir/maintenance/dumpBackup.php" --full > "$wiki_dump_dir/$time_stamp.Noobs.xml" } function generate_checksums { md5sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.md5sum.txt" sha256sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.sha256sum.txt" } function push_to_remote { scp -i /root/.ssh/xmlkey -r /var/www/dumps/$time_stamp.Noobs rscp@xml.completenoobs.com:/home/rscp/media/ #rsync -avz -e "ssh -i $xmlkey" "$wiki_dump_dir" "$remote_host:$remote_path" } # Main script ensure_read_only_line_exists create_directories set_wiki_read_only dump_wiki generate_checksums unset_wiki_read_only push_to_remote </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==Youtube extension== * needed to view embedded videos https://www.mediawiki.org/wiki/Extension:YouTube <code>wget https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /var/www/html/mediawiki/extensions/</code> * Append to '''LocalSettings.php''' <code>wfLoadExtension( 'YouTube' );</code> * On wiki page can now embed youtube videos ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> ==Remove <b>Index.php</b> From URL== [[Mediawiki_Remove_index.php|How to remove the Index.php from URL]] ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> ==Notes== ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> pmsu8bfg6butqqk0yamw3sq8ttskovb 639 386 2025-08-15T09:17:24Z AwesomO 5 639 wikitext text/x-wiki :* [[SET$EDITOR#Set_$EDITOR|'''$EDITOR''' is used as a place holder for an editor of your choice.]] ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==Useful Notes - tips== ===Forgot your Admin Password=== Can use for any user:<br \> <code>php /var/www/html/mediawiki/maintenance/changePassword.php --user=admin --password=newpassword</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash set -x time_stamp=$(date '+%d_%m_%y') dumps_dir="/var/www/dumps" noobs_dir="/var/www/html/noobs" local_settings="$noobs_dir/LocalSettings.php" wiki_dump_dir="$dumps_dir/$time_stamp.Noobs" xmlkey="/root/.ssh/xmlkey" remote_host="rscp@xml.completenoobs.com" remote_path="/home/rscp/media/" function ensure_read_only_line_exists { if ! grep -q "wgReadOnly" "$local_settings"; then cat <<EOF >> "$local_settings" \$wgReadOnly = 'Dumping Database, Access will be restored shortly'; EOF fi } function set_wiki_read_only { sed -i 's/^#*\(\$wgReadOnly\)/\1/' "$local_settings" } function unset_wiki_read_only { sed -i 's/^\(\$wgReadOnly\)/#\1/' "$local_settings" } function create_directories { mkdir -p "$dumps_dir" mkdir -p "$wiki_dump_dir" } function dump_wiki { php "$noobs_dir/maintenance/dumpBackup.php" --full > "$wiki_dump_dir/$time_stamp.Noobs.xml" } function generate_checksums { md5sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.md5sum.txt" sha256sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.sha256sum.txt" } function push_to_remote { scp -i /root/.ssh/xmlkey -r /var/www/dumps/$time_stamp.Noobs rscp@xml.completenoobs.com:/home/rscp/media/ #rsync -avz -e "ssh -i $xmlkey" "$wiki_dump_dir" "$remote_host:$remote_path" } # Main script ensure_read_only_line_exists create_directories set_wiki_read_only dump_wiki generate_checksums unset_wiki_read_only push_to_remote </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==Youtube extension== * needed to view embedded videos https://www.mediawiki.org/wiki/Extension:YouTube <code>wget https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /var/www/html/mediawiki/extensions/</code> * Append to '''LocalSettings.php''' <code>wfLoadExtension( 'YouTube' );</code> * On wiki page can now embed youtube videos ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> ==Remove <b>Index.php</b> From URL== [[Mediawiki_Remove_index.php|How to remove the Index.php from URL]] ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> ==Notes== ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> jeeu6cul2ebjvkeinex420eootr0b5n 643 639 2025-08-29T09:09:16Z AwesomO 5 /* Forgot your Admin Password */ 643 wikitext text/x-wiki :* [[SET$EDITOR#Set_$EDITOR|'''$EDITOR''' is used as a place holder for an editor of your choice.]] ==Installing LXD== <code>sudo snap install lxd</code><br \> <code>lxd init</code><br \> Selecting all defaults, apart from "Size in GB of the new loop device (1GB minimum) [default=6GB]:" increasing to 30GB: <div class="toccolours mw-collapsible mw-collapsed"> <code>lxd init</code> selected options: <div class="mw-collapsible-content"> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=6GB]:30GB Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> </div> </div> ==Create Ubuntu:22.04 Container for MediaWiki== <code>lxc launch ubuntu:22.04 mediawiki</code><br> <code>lxc list</code><br> <pre> +-----------+---------+--------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+--------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.194.171.251(eth0) | | CONTAINER | 0 | +-----------+---------+--------------------+------+-----------+-----------+ </pre> ===Login to Container=== <code>lxc exec mediawiki bash</code> ===Basic Firewall UFW for Container=== NOTE:Add Link to a UFW page for more info Blocking IPv6<br \> <code>$EDITOR /etc/default/ufw</code> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit Allow port 80<br \> <code>ufw allow 80/tcp</code><br \> Allow port 443<br \> <code>ufw allow 443/tcp</code><br \> Start/Enable UFW firewall<br \> <code>ufw enable</code><br \> Check UFW status<br \> <code>ufw status</code> <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Update system=== <code>apt update && apt upgrade -y</code> ===ssmtp setup=== NOTE: need link to ssmtp page - showing how to use other email providers that allow smtp Link to ssmtp wiki page <br \> You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ====ssmtp==== <code>apt install ssmtp -y</code> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ====usermod==== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> <code>usermod -c "completenoobslxc" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ====sendmail notes==== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===auto update container config=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code> Uncomment<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> <code>"${distro_id}:${distro_codename}-updates";</code> Dont need auto reboot on container - no kernel - kernel shared with host. ====email on update==== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <div class="toccolours mw-collapsible mw-collapsed"> Once i needed 'apticron' to get emails working with unattended upgrades:<br \> Notes here just incase<div class="mw-collapsible-content"> Install apticron<br \> <code>apt install apticron -y</code> Create apticron.conf file containing email to send email to:<br \> If you dont then 'apticron' will by default sent to root@localhost.<br > <code>echo 'EMAIL="email@tosendto.com"' > /etc/apticron/apticron.conf</code> </div> </div> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Install MediaWiki=== <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code> <code>wget https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.2.tar.gz</code> <code>tar -xvf mediawiki-1.39.2.tar.gz</code> <code>mv mediawiki-1.39.2 /var/www/html/mediawiki</code> ====Create Database==== Will be prompted to set a root password!<br \> <code>mysql -u root -p</code><br \> <!-- create drop down - add root password option --> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <div class="toccolours mw-collapsible mw-collapsed"> Make note of your: database name, username, userpassword <div class="mw-collapsible-content"> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code><br \> Database Username:<b>green</b><br \> Database host/location:<b>localhost</b> Database User Password:<b>THISpasswordSHOULDbeCHANGED</b><br \><br \> <code>CREATE DATABASE mywiki_database;</code><br \> Database Name:<b>mywiki_database</b><br \> </div> </div> ====Create self-signed https certs==== <code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -nodes -out cert.pem -days 365</code><br> Note: can leave blank; just press enter.<br><br> <code>mv cert.pem /etc/ssl/certs/cn-selfsigned.crt</code><br> <code>mv key.pem /etc/ssl/private/cn-selfsigned.key</code><br> ====Create ssl-params.conf==== <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code> Remember to turn stapling on after letsencrypt cert <pre> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off # May want to turn stapling off when using self-signed to avoid receiving errors in log SSLUseStapling off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off </pre> ====Create Apache2 config==== <code>cd /etc/apache2/sites-available/</code> <code>rm 000-default.conf default-ssl.conf</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code> <div class="toccolours mw-collapsible mw-collapsed"> <b>Important Redirect note</b>:<div class="mw-collapsible-content"> <pre> # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" </pre> Change to your Container IP!<br \> <code>Redirect permanent "/" "https://10.194.171.251"</code> </div> </div> <pre> <VirtualHost *:80> ServerName completenoobs.com ServerAdmin admin@ # Redirect Requests to SSL Redirect permanent "/" "https://IPADDRESS" ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName completenoobs.com ServerAdmin admin@completenoobs.com DocumentRoot /var/www/html/mediawiki # According MWiki Manual:Security php_flag register_globals off ErrorLog ${APACHE_LOG_DIR}/completenoobs.com.error.log CustomLog ${APACHE_LOG_DIR}/completenoobs.com.access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cn-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/cn-selfsigned.key # need to find out what SSLCertificateChainFile is? explain is in the default-ssl.conf file. #SSLCertificateChainFile /etc/ssl/certs/example.com.root-bundle.crt <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/wikimedia> Options None FollowSymLinks #Allow .htaccess AllowOverride All Require all granted <IfModule security2_module> SecRuleEngine Off # or disable only problematic rules </IfModule> </Directory> # According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php .phtml .php5 # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory> #According to MWiki Manual:Security <Directory /var/www/html/wikimedia/images/deleted> Deny from all AllowOverride AuthConfig Limit Require local </Directory> </VirtualHost> </IfModule> </pre> ====Reload Apache2==== <code>a2enmod ssl</code> <code>a2enmod headers</code> <code>a2ensite completenoobs.com</code> <code>a2enconf ssl-params</code> <code>apache2ctl configtest</code> <code>systemctl restart apache2</code> ===MediaWiki Basic Setup=== ====Landing page==== Open a web browser and go to your containers private ip address (you can get ip address by running <code>lxc list</code> on host). <code>https://10.194.171.251</code> Are certs are self-signed and you may/will get warning "your connection is not private"<br \> Click "Advance" and "Proceed to 10.194.171.251 (unsafe)"<br \> You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.35.0<br \> LocalSettings.php not found.<br \> Please <u>set up the wiki</u> first.<br \> </blockquote> Click <b>set up the wiki</b> to be taken to the "mw-config/index.php" page. =====Basic Configure MediaWiki===== <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:localhost<br \> Database name:mywiki_database<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:green<br \> Database password:THISpasswordSHOULDbeCHANGED<br \> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>CompleteNoobs<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Options <div class="mw-collapsible-content"> <b>User rights profile:</b> <br \> [ ] Open wiki <br \> [x] Account creation required<br \> [ ] Authorised editors only <br \> [ ] Private wiki<br \> <br \> <b>Copyright and licence:</b><br \> [ ] Creative Commons Attribution<br \> [ ] Creative Commons Attribution-ShareAlike<br \> [ ] Creative Commons Attribution-NonCommercial-ShareAlike<br \> [ ] Creative Commons Zero (Public Domain)<br \> [ ] GNU Free Documentation Licence 1.3 or later<br \> [x] No licence footer<br \> [ ] Select a custom Creative Commons licence<br \> <br \> <br \> <b>Email settings</b><br \> [ ] Enable outbound email<br \> <b>Return email address:</b>apache@🌻.invalid<br \> [ ]Enable user-to-user email<br \> [ ]Enable user talk page notification<br \> [ ]Enable watchlist notification<br \> [ ]Enable email authentication<br \> <br \> <br \> <b>Skins</b> Pick a skin<br \> <br \> <br \> <b>Extensions</b><br \> <b><u>Special pages</u></b><br \> [ ]CiteThisPage<br \> [ ]Interwiki<br \> [ ]Nuke<br \> [ ]Renameuser<br \> [ ]ReplaceText<br \> <br \> <b><u>Editors</u></b><br \> [x]CodeEditor<br \> [x]VisualEditor<br \> [x]WikiEditor<br \> <br \> <b><u>Parser hooks</u></b><br \> [ ]CategoryTree<br \> [ ]Cite<br \> [ ]ImageMap<br \> [ ]InputBox<br \> [ ]ParserFunctions<br \> [ ]Poem<br \> [ ]Scribunto<br \> [x]SyntaxHighlight_GeSHi<br \> [ ]TemplateData<br \> <br \> <b><u>Media handlers</u></b><br \> [ ]PdfHandler<br \> <br \> <b><u>Spam prevention</u></b><br \> [x]ConfirmEdit<br \> [ ]SpamBlacklist<br \> [ ]TitleBlacklist<br \> <br \> <b><u>API</u></b><br \> [ ]PageImages<br \> <br \> <b><u>Other</u></b><br \> [ ]Gadgets<br \> [ ]LocalisationUpdate<br \> [ ]MultimediaViewer<br \> [ ]OATHAuth<br \> [ ]SecureLinkFixer<br \> [ ]TextExtracts<br \> <br \> <br \> <b>Images and file uploads</b><br \> [ ]Enable file uploads<br \> <b>Logo URL:</b>$wgResourceBasePath/resources/assets/wiki.png<br \> [ ]Enable Instant Commons<br \> <br \> <br \> <b>Advanced configuration</b><br \> <b>Settings for object caching:</b><br \> [x] No caching (no functionality is removed, but speed may be impacted on larger wiki sites)<br \> [ ] Use Memcached (requires additional setup and configuration)<br \> </div> </div> ====LocalSettings.php Launch Wiki==== When the Basic configuration of mediawiki is done on the webpage.<br \> You will have a <b>LocalSettings.php</b> which will be downloaded from your browser.<br \> You need to place the <b>LocalSettings.php</b> file into your containers <b>/var/www/html/mediawiki/</b> directory.<br \> You can do this from host using the <b>lxc file push</b> command.<br \> <code>lxc file push /home/$USER/Downloads/LocalSettings.php mediawiki/var/www/html/mediawiki/</code><br \> <br> Do not refresh browser it will download the LocalSettings.php again! go to the IP address of your container or just trim the <code>mw-config/index.php?page=Complete</code><br> Now on your browser visit the page again https://10.194.171.251<br \> And welcome to your wiki.<br \> ===Change Logo=== You need a 135px by 135px image, in this example its named 'completenoobs-logo.png'<br> <code>lxc file push completenoobs-logo.png mediawiki/var/www/html/mediawiki/resources/assets/</code><br> Back in container edit the <b>LocalSettings.php</b> file<br> <pre> ## The URL paths to the logo. Make sure you change this from the default, ## or else you'll overwrite your logo when you upgrade! $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo.svg", ]; </pre> Change to your new logo:<br> <pre> $wgLogos = [ '1x' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", 'icon' => "$wgResourceBasePath/resources/assets/completenoobs-logo.png", ]; </pre> ===Email Config=== Warning i did get loads of spam bots, using this to send naughty emails everywhere!<br> Changed setting to block signups, requests only,and changed <b>$wgEnableUserEmail</b> to false and still the bots managed to send spam using my smtp account.<br> How they done this? Is beyond my understanding and i removed email from the wiki till i have more info on how to stop the spamming.<br> Was using mediawiki-1.35.0<br> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br> Make sure <b>$wgEnableEmail</b> is set to true.<br> <code>$wgEnableEmail = true;</code><br> https://www.mediawiki.org/wiki/Manual:$wgEnableEmail<br> <pre> $wgEmergencyContact = ""; $wgPasswordSender = ""; </pre> <pre> $wgEmergencyContact = "admin@completenoobs.com"; $wgPasswordSender = "admin@completenoobs.com"; </pre> <pre> $wgSMTP = [ 'host' => 'ssl://mail.smtp2go.com', // outbox server of the email account 'IDHost' => 'completenoobs.com', 'port' => 465, 'username' => 'noobwiki', // user of the email account 'password' => 'N0tTelinu', // app password of the email account 'auth' => true ]; </pre> ===Request Account and Confirm Email to edit=== In LocalSettings change $wgEmailAuthentication = false; to true https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication<br> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ConfirmAccount-REL1_39-2b96e90.tar.gz</code><br> <code>tar xzf ConfirmAccount-REL1_39-2b96e90.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> <br> In <b>LocalSettings.php</b> <br> set <b>$wgEmailAuthentication</b> to true.<br> <pre> wfLoadExtension( 'ConfirmAccount' ); $wgConfirmAccountContact = 'admin@completenoobs.com'; </pre> Run maintenance update<br> <code>php /var/www/html/mediawiki/maintenance/update.php </code><br> use <b>Special:ConfirmAccounts</b> to see if anyone requested a account.<br> And yep, your gonna get spammed! Bots love a wiki.<br> ===CookieWarning Extension=== https://www.mediawiki.org/wiki/Extension:CookieWarning<br> <code>wget https://extdist.wmflabs.org/dist/extensions/CookieWarning-REL1_39-778fe72.tar.gz</code><br> <code>tar -xzf CookieWarning-REL1_39-778fe72.tar.gz -C /var/www/html/mediawiki/extensions/</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'CookieWarning' ); $wgCookieWarningEnabled = 'true'; # $wgCookieWarningMoreUrl allows to to select a link for your moreinfo button $wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'; $wgCookieWarningEnabled = 'true'; </pre> To change message sign in with admin account and visit these pages of your wiki and edit.<br> <b>MediaWiki:Cookiewarning-info</b> Edit the display message.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-info</code><br> <b>MediaWiki:Cookiewarning-moreinfo-label</b><br> Edit and change display of the moreinfo button: link can be made/changed at LocalSettings with:<br> <code>$wgCookieWarningMoreUrl = 'https://www.completenoobs.com/link'</code><br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-moreinfo-label</code><br> <b>MediaWiki:Cookiewarning-ok-label</b> Edit and change the text on the OK button.<br> <code>https://10.194.171.251/index.php/MediaWiki:Cookiewarning-ok-label</code><br> ===Contribution Scores Extension=== https://www.mediawiki.org/wiki/Extension:Contribution_Scores<br> <code>wget https://extdist.wmflabs.org/dist/extensions/ContributionScores-REL1_39-0e7e99d.tar.gz</code><br> <code>tar -xzf ContributionScores-REL1_39-0e7e99d.tar.gz -C /var/www/html/mediawiki/extensions</code><br> In <b>LocalSettings.php</b> add:<br> <pre> wfLoadExtension( 'ContributionScores' ); // Exclude Bots from the reporting - Can be omitted. $wgContribScoreIgnoreBots = true; // Exclude Blocked Users from the reporting - Can be omitted. $wgContribScoreIgnoreBlockedUsers = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later. $wgContribScoresUseRealName = true; // Set to true to disable cache for parser function and inclusion of table. $wgContribScoreDisableCache = false; // Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted. $wgContribScoreReports = [ [ 7, 50 ], [ 30, 50 ], [ 0, 50 ] ]; </pre> <br> Add to Main Landing Page:<br> <pre>{{Special:ContributionScores/10/5}}</pre><br> ===Place Notice at top of every new page created=== Using the <b>PageNotice</b> Extension. https://www.mediawiki.org/wiki/Extension:PageNotice#Configuration Download PageNotice and extract to extensions directory. in LocalSettings.php add the lines:<br \> <pre> wfLoadExtension( 'PageNotice' ); $wgPageNoticeDisablePerPageNotices = 'true'; </pre> To have message in every name space go to your wiki's page<br \> <code>index.php/mediawiki:top-notice-ns-0</code><br \> Only admin account can edit this page:<br \> What you place in this page will be displayed at the top of every page created. ===Privacy Policy=== Holly $#$#$ this is a lot of work, looking into it<br \> https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software<br \> ====NewSignupPage==== https://www.mediawiki.org/wiki/Extension:NewSignupPage<br \> Big thanks to Shoutwiki.com or this would of been a very big pain.<br \> Check for Latest link from the Download page https://www.mediawiki.org/wiki/Special:ExtensionDistributor/NewSignupPage<br \> In mediawiki container:<br \> <code>wget https://extdist.wmflabs.org/dist/extensions/NewSignupPage-REL1_35-ecf00aa.tar.gz</code><br \> <code>tar xvf NewSignupPage-REL1_35-ecf00aa.tar.gz -C /var/www/html/mediawiki/extensions/</code><br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> Add the Line:<br \> <code>wfLoadExtension( 'NewSignupPage' );</code><br \> Change the Info given at signup at:<br \> <code>index.php/MediaWiki:Newsignuppage-loginform-tos</code><br \> Default page will be:<pre> I am over 13 years of age and I have read, understood and agree to be bound by the Terms of Service and Privacy Policy </pre> "Terms of Service" and "Privacy Policy" are linked to there pages, so we need to create a few pages. ======Need <b>Privacy Policy</b> Page====== Create a 'Privacy_Policy' page and link on "MediaWiki:Newsignuppage-loginform-tos"<br> <pre>[[CompleteNoobs:Privacy_policy | Privacy Policy]]</pre> =====Need <b>Terms Of Service</b> page===== https://www.completenoobs.com/index.php/Terms_of_Service<br \> once done change link on "MediaWiki:Newsignuppage-loginform-tos"<br \> =====Content Policy Page===== https://10.194.171.251/index.php/Content_Policy<br \> Contains link to https://www.completenoobs.com/index.php/CompleteNoobs_Staff_Admins<br \> =====Staff and Admin Page===== https://10.194.171.251/index.php/CompleteNoobs_Staff_Admins<br \> Linked from Content Policy Page! a place to contact by email staff, admins =====General Disclaimer page===== https://10.194.171.251/index.php/CompleteNoobs:General_disclaimer<br \> This page shows/linked at bottom of wiki<br \> =====Copyright Policy===== https://10.194.171.251/index.php/CompleteNoobs:Copyrights<br \> Copyrights page that shows in info box when making a post.<br \> ==Fail2Ban== This Will Ban an IP who incorrectly enters wrong login details, a (you can select) amount of times for a (you can select) amount of time. ===Fail2Log Extension=== https://www.mediawiki.org/wiki/Extension:Fail2Log<br> ====Create Log file==== Could not get PHP to create and set permissions for log file: So for now doing manually!<br \> <code>touch /var/log/Fail2Log.log</code><br \> <code>chown www-data:www-data /var/log/Fail2Log.log</code><br \> <code>chmod 0755 /var/log/Fail2Log.log</code><br \> Failed login's with wrong user name and/or password should now be logged in:<b>/var/log/Fail2Log.log</b><br \> <br \> Log Format:<br \> <code>Failed:<IP_ADDRESS> <DATE> <TIME> <USERNAME></code><br \> ====Download and install extension==== <code>wget https://github.com/greenhatmonkey/Fail2Log/blob/main/Fail2Log.tar.gz?raw=true</code><br> <code>tar xzvf Fail2Log.tar.gz?raw=true -C /var/www/html/mediawiki/extensions/</code><br> Add to your <b>LocalSettings.php</b><br> <pre> wfLoadExtension( 'Fail2Log' ); $wgFail2LogFile = '/var/log/Fail2Log.log'; </pre> ====Install and Setup Fail2Ban==== Fail2Ban works in a container. If using fail2ban on Host for container:<br/> Just include log path: <code>/var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/containers/&lt;CONTAINER_NAME>/rootfs/var/log/Fail2Log.log</code> <code>apt install fail2ban</code> * Fail2ban will use file.local over file.conf if file.local exists: * file.conf can be written over if file2ban gets updated. * Make a file.local of the file you are working on. <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> <code>$EDITOR /etc/fail2ban/jail.local</code> <!-- unmodified jail.conf file --> <div class="toccolours mw-collapsible mw-collapsed"> Default <code>/etc/fail2ban/jail.conf</code> file: Expand to view <div class="mw-collapsible-content"> <pre> # # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # # [DEFAULT] # bantime = 1h # # [sshd] # enabled = true # # See jail.conf(5) man page for more information # Comments: use '#' for comment lines and ';' (following a space) for inline comments [INCLUDES] #before = paths-distro.conf before = paths-debian.conf # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # MISCELLANEOUS OPTIONS # # "bantime.increment" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... #bantime.increment = true # "bantime.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: #bantime.rndtime = # "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further) #bantime.maxtime = # "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier, # default value of factor is 1 and with default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... #bantime.factor = 1 # "bantime.formula" used by default to calculate next value of ban time, default value bellow, # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32... #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor # # more aggressive example of formula has the same values only for factor "2.0 / 2.885385" : #bantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor) # "bantime.multipliers" used to calculate next value of ban time instead of formula, coresponding # previously ban count and given "bantime.factor" (for multipliers default is 1); # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count, # always used last multiplier (64 in example), for factor '1' and original ban time 600 - 10.6 hours #bantime.multipliers = 1 2 4 8 16 32 64 # following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin, # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day #bantime.multipliers = 1 5 30 60 300 720 1440 2880 # "bantime.overalljails" (if true) specifies the search of IP in the database will be executed # cross over all jails, if false (dafault), only current jail of the ban IP will be searched #bantime.overalljails = false # -------------------- # "ignoreself" specifies whether the local resp. own IP addresses should be ignored # (default is true). Fail2ban will not ban a host which matches such addresses. #ignoreself = true # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. #ignoreip = 127.0.0.1/8 ::1 # External command that will take an tagged arguments to ignore, e.g. <ip>, # and return true if the IP is to be ignored. False otherwise. # # ignorecommand = /path/to/command <ip> ignorecommand = # "bantime" is the number of seconds that a host is banned. bantime = 10m # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 10m # "maxretry" is the number of failures before a host get banned. maxretry = 5 # "maxmatches" is the number of matches stored in ticket (resolvable via tag <matches> in actions). maxmatches = %(maxretry)s # "backend" specifies the backend used to get files modification. # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto". # This option can be overridden in each jail as well. # # pyinotify: requires pyinotify (a file alteration monitor) to be installed. # If pyinotify is not installed, Fail2ban will use auto. # gamin: requires Gamin (a file alteration monitor) to be installed. # If Gamin is not installed, Fail2ban will use auto. # polling: uses a polling algorithm which does not require external libraries. # systemd: uses systemd python library to access the systemd journal. # Specifying "logpath" is not valid for this backend. # See "journalmatch" in the jails associated filter config # auto: will try to use the following backends, in order: # pyinotify, gamin, polling. # # Note: if systemd backend is chosen as the default but you enable a jail # for which logs are present only in its own log files, specify some other # backend for that jail (e.g. polling) and provide empty value for # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200 backend = auto # "usedns" specifies if jails should trust hostnames in logs, # warn when DNS lookups are performed, or ignore all hostnames in logs # # yes: if a hostname is encountered, a DNS lookup will be performed. # warn: if a hostname is encountered, a DNS lookup will be performed, # but it will be logged as a warning. # no: if a hostname is encountered, will not be used for banning, # but it will be logged as info. # raw: use raw value (no hostname), allow use it for no-host filters/actions (example user) usedns = warn # "logencoding" specifies the encoding of the log files handled by the jail # This is used to decode the lines from the log file. # Typical examples: "ascii", "utf-8" # # auto: will use the system locale setting logencoding = auto # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false # "mode" defines the mode of the filter (see corresponding filter implementation for more info). mode = normal # "filter" defines the filter to use by the jail. # By default jails have names matching their filter name # filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # # Some options used for actions # Destination email address used solely for the interpolations in # jail.{conf,local,d/*} configuration files. destemail = root@localhost # Sender email address used solely for some actions sender = root@<fq-hostname> # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the # mailing. Change mta configuration parameter to mail if you want to # revert to conventional 'mail'. mta = sendmail # Default protocol protocol = tcp # Specify chain where jumps would need to be added in ban-actions expecting parameter chain chain = <known/chain> # Ports to be banned # Usually should be overridden in a particular jail port = 0:65535 # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3 fail2ban_agent = Fail2Ban/%(fail2ban_version)s # # Action shortcuts. To be used to define action parameter # Default banning action (e.g. iptables, iptables-new, # iptables-multiport, shorewall, etc) It is used to define # action_* variables. Can be overridden globally or per # section within jail.local file banaction = iptables-multiport banaction_allports = iptables-allports # The simplest action to take: ban only action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report to the destemail. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # # See the IMPORTANT note in action.d/blocklist_de.conf for when to use this action. # Specify expected parameters in file action.d/blocklist_de.local or if the interpolation # `action_blocklist_de` used for the action, set value of `blocklist_de_apikey` # in your `jail.local` globally (section [DEFAULT]) or per specific jail section (resp. in # corresponding jail.d/my-jail.local file). # action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] # Report ban via badips.com, and use as blacklist # # See BadIPsAction docstring in config/action.d/badips.py for # documentation for this action. # # NOTE: This action relies on banaction being present on start and therefore # should be last action defined for a jail. # action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] # # Report ban via badips.com (uses action.d/badips.conf for reporting only) # action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] # Report ban via abuseipdb.com. # # See action.d/abuseipdb.conf for usage example and details. # action_abuseipdb = abuseipdb # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s [dropbear] port = ssh logpath = %(dropbear_log)s backend = %(dropbear_backend)s [selinux-ssh] port = ssh logpath = %(auditd_log)s # # HTTP servers # [apache-auth] port = http,https logpath = %(apache_error_log)s [apache-badbots] # Ban hosts which agent identifies spammer robots crawling the web # for email addresses. The mail outputs are buffered. port = http,https logpath = %(apache_access_log)s bantime = 48h maxretry = 1 [apache-noscript] port = http,https logpath = %(apache_error_log)s [apache-overflows] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-nohome] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-botsearch] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-fakegooglebot] port = http,https logpath = %(apache_access_log)s maxretry = 1 ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> [apache-modsecurity] port = http,https logpath = %(apache_error_log)s maxretry = 2 [apache-shellshock] port = http,https logpath = %(apache_error_log)s maxretry = 1 [openhab-auth] filter = openhab action = iptables-allports[name=NoAuthFailures] logpath = /opt/openhab/logs/request.log [nginx-http-auth] port = http,https logpath = %(nginx_error_log)s # To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module` # and define `limit_req` and `limit_req_zone` as described in nginx documentation # http://nginx.org/en/docs/http/ngx_http_limit_req_module.html # or for example see in 'config/filter.d/nginx-limit-req.conf' [nginx-limit-req] port = http,https logpath = %(nginx_error_log)s [nginx-botsearch] port = http,https logpath = %(nginx_error_log)s maxretry = 2 # Ban attackers that try to use PHP's URL-fopen() functionality # through GET/POST variables. - Experimental, with more than a year # of usage in production environments. [php-url-fopen] port = http,https logpath = %(nginx_access_log)s %(apache_access_log)s [suhosin] port = http,https logpath = %(suhosin_log)s [lighttpd-auth] # Same as above for Apache's mod_auth # It catches wrong authentifications port = http,https logpath = %(lighttpd_error_log)s # # Webmail and groupware servers # [roundcube-auth] port = http,https logpath = %(roundcube_errors_log)s # Use following line in your jail.local if roundcube logs to journal. #backend = %(syslog_backend)s [openwebmail] port = http,https logpath = /var/log/openwebmail.log [horde] port = http,https logpath = /var/log/horde/horde.log [groupoffice] port = http,https logpath = /home/groupoffice/log/info.log [sogo-auth] # Monitor SOGo groupware server # without proxy this would be: # port = 20000 port = http,https logpath = /var/log/sogo/sogo.log [tine20] logpath = /var/log/tine20/tine20.log port = http,https # # Web Applications # # [drupal-auth] port = http,https logpath = %(syslog_daemon)s backend = %(syslog_backend)s [guacamole] port = http,https logpath = /var/log/tomcat*/catalina.out [monit] #Ban clients brute-forcing the monit gui login port = 2812 logpath = /var/log/monit /var/log/monit.log [webmin-auth] port = 10000 logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [froxlor-auth] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s # # HTTP Proxy servers # # [squid] port = 80,443,3128,8080 logpath = /var/log/squid/access.log [3proxy] port = 3128 logpath = /var/log/3proxy.log # # FTP servers # [proftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(proftpd_log)s backend = %(proftpd_backend)s [pure-ftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(pureftpd_log)s backend = %(pureftpd_backend)s [gssftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(syslog_daemon)s backend = %(syslog_backend)s [wuftpd] port = ftp,ftp-data,ftps,ftps-data logpath = %(wuftpd_log)s backend = %(wuftpd_backend)s [vsftpd] # or overwrite it in jails.local to be # logpath = %(syslog_authpriv)s # if you want to rely on PAM failed login attempts # vsftpd's failregex should match both of those formats port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s # # Mail servers # # ASSP SMTP Proxy Jail [assp] port = smtp,465,submission logpath = /root/path/to/assp/logs/maillog.txt [courier-smtp] port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix] # To use another modes set filter parameter "mode" in jail.local: mode = more port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s [postfix-rbl] filter = postfix[mode=rbl] port = smtp,465,submission logpath = %(postfix_log)s backend = %(postfix_backend)s maxretry = 1 [sendmail-auth] port = submission,465,smtp logpath = %(syslog_mail)s backend = %(syslog_backend)s [sendmail-reject] # To use more aggressive modes set filter parameter "mode" in jail.local: # normal (default), extra or aggressive # See "tests/files/logs/sendmail-reject" or "filter.d/sendmail-reject.conf" for usage example and details. #mode = normal port = smtp,465,submission logpath = %(syslog_mail)s backend = %(syslog_backend)s [qmail-rbl] filter = qmail port = smtp,465,submission logpath = /service/qmail/log/main/current # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] port = pop3,pop3s,imap,imaps,submission,465,sieve logpath = %(dovecot_log)s backend = %(dovecot_backend)s [sieve] port = smtp,465,submission logpath = %(dovecot_log)s backend = %(dovecot_backend)s [solid-pop3d] port = pop3,pop3s logpath = %(solidpop3d_log)s [exim] # see filter.d/exim.conf for further modes supported from filter: #mode = normal port = smtp,465,submission logpath = %(exim_main_log)s [exim-spam] port = smtp,465,submission logpath = %(exim_main_log)s [kerio] port = imap,smtp,imaps,465 logpath = /opt/kerio/mailserver/store/logs/security.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courier-auth] port = smtp,465,submission,imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [postfix-sasl] filter = postfix[mode=auth] port = smtp,465,submission,imap,imaps,pop3,pop3s # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = %(postfix_log)s backend = %(postfix_backend)s [perdition] port = imap,imaps,pop3,pop3s logpath = %(syslog_mail)s backend = %(syslog_backend)s [squirrelmail] port = smtp,465,submission,imap,imap2,imaps,pop3,pop3s,http,https,socks logpath = /var/lib/squirrelmail/prefs/squirrelmail_access_log [cyrus-imap] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s [uwimap-auth] port = imap,imaps logpath = %(syslog_mail)s backend = %(syslog_backend)s # # # DNS servers # # !!! WARNING !!! # Since UDP is connection-less protocol, spoofing of IP and imitation # of illegal actions is way too simple. Thus enabling of this filter # might provide an easy way for implementing a DoS against a chosen # victim. See # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # Please DO NOT USE this jail unless you know what you are doing. # # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks UDP traffic for DNS requests. # [named-refused-udp] # # filter = named-refused # port = domain,953 # protocol = udp # logpath = /var/log/named/security.log # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. [named-refused] port = domain,953 logpath = /var/log/named/security.log [nsd] port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/nsd.log # # Miscellaneous # [asterisk] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/asterisk/messages maxretry = 10 [freeswitch] port = 5060,5061 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] logpath = /var/log/freeswitch.log maxretry = 10 # enable adminlog; it will log to a file inside znc's directory by default. [znc-adminlog] port = 6667 logpath = /var/lib/znc/moddata/adminlog/znc.log # To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld] or # equivalent section: # log-warnings = 2 # # for syslog (daemon facility) # [mysqld_safe] # syslog # # for own logfile # [mysqld] # log-error=/var/log/mysqld.log [mysqld-auth] port = 3306 logpath = %(mysql_log)s backend = %(mysql_backend)s # Log wrong MongoDB auth (for details see filter 'filter.d/mongodb-auth.conf') [mongodb-auth] # change port when running with "--shardsvr" or "--configsvr" runtime operation port = 27017 logpath = /var/log/mongodb/mongodb.log # Jail for more extended banning of persistent abusers # !!! WARNINGS !!! # 1. Make sure that your loglevel specified in fail2ban.conf/.local # is not at DEBUG level -- which might then cause fail2ban to fall into # an infinite loop constantly feeding itself with non-informative lines # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days) # to maintain entries for failed logins for sufficient amount of time [recidive] logpath = /var/log/fail2ban.log banaction = %(banaction_allports)s bantime = 1w findtime = 1d # Generic filter for PAM. Has to be used with action which bans all # ports such as iptables-allports, shorewall [pam-generic] # pam-generic filter can be customized to monitor specific subset of 'tty's banaction = %(banaction_allports)s logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [xinetd-fail] banaction = iptables-multiport-log logpath = %(syslog_daemon)s backend = %(syslog_backend)s maxretry = 2 # stunnel - need to set port for this [stunnel] logpath = /var/log/stunnel4/stunnel.log [ejabberd-auth] port = 5222 logpath = /var/log/ejabberd/ejabberd.log [counter-strike] logpath = /opt/cstrike/logs/L[0-9]*.log # Firewall: http://www.cstrike-planet.com/faq/6 tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039 udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015 action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] [bitwarden] port = http,https logpath = /home/*/bwdata/logs/identity/Identity/log.txt [centreon] port = http,https logpath = /var/log/centreon/login.log # consider low maxretry and a long bantime # nobody except your own Nagios server should ever probe nrpe [nagios] logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility backend = %(syslog_backend)s maxretry = 1 [oracleims] # see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above logpath = /opt/sun/comms/messaging64/log/mail.log_current banaction = %(banaction_allports)s [directadmin] logpath = /var/log/directadmin/login.log port = 2222 [portsentry] logpath = /var/lib/portsentry/portsentry.history maxretry = 1 [pass2allow-ftp] # this pass2allow example allows FTP traffic after successful HTTP authentication port = ftp,ftp-data,ftps,ftps-data # knocking_url variable must be overridden to some secret value in jail.local knocking_url = /knocking/ filter = apache-pass[knocking_url="%(knocking_url)s"] # access log of the website with HTTP auth logpath = %(apache_access_log)s blocktype = RETURN returntype = DROP action = %(action_)s[blocktype=%(blocktype)s, returntype=%(returntype)s, actionstart_on_demand=false, actionrepair_on_unban=true] bantime = 1h maxretry = 1 findtime = 1 [murmur] # AKA mumble-server port = 64738 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/mumble-server/mumble-server.log [screensharingd] # For Mac OS Screen Sharing Service (VNC) logpath = /var/log/system.log logencoding = utf-8 [haproxy-http-auth] # HAProxy by default doesn't log to file you'll need to set it up to forward # logs to a syslog server which would then write them to disk. # See "haproxy-http-auth" filter for a brief cautionary note when setting # maxretry and findtime. logpath = /var/log/haproxy.log [slapd] port = ldap,ldaps logpath = /var/log/slapd.log [domino-smtp] port = smtp,ssmtp logpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log [phpmyadmin-syslog] port = http,https logpath = %(syslog_authpriv)s backend = %(syslog_backend)s [zoneminder] # Zoneminder HTTP/HTTPS web interface auth # Logs auth failures to apache2 error log port = http,https logpath = %(apache_error_log)s [traefik-auth] # to use 'traefik-auth' filter you have to configure your Traefik instance, # see `filter.d/traefik-auth.conf` for details and service example. port = http,https logpath = /var/log/traefik/access.log </pre> </div> </div> Default <code>/etc/fail2ban/jail.local</code> file with (almost all) comments removed: <div class="toccolours mw-collapsible" style="width:400px; overflow:auto;"> <div style="font-weight:bold;line-height:1.6;">Default <code>/etc/fail2ban/jail.local</code> with (almost) comments removed:</div> <div class="mw-collapsible-content"> <pre> [INCLUDES] before = paths-debian.conf [DEFAULT] ignorecommand = bantime = 10m findtime = 10m maxretry = 5 maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] # # ACTIONS # destemail = root@localhost sender = root@<fq-hostname> mta = sendmail protocol = tcp chain = <known/chain> port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = iptables-multiport banaction_allports = iptables-allports action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"] action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_)s # # JAILS # # # SSH servers # [sshd] port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s </pre> </div></div> ====Disconnect/kick and ban an ip from list==== <br \> Just below we are going to append these lines to <b>/etc/fail2ban/jail.local</b><br> <pre> # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After Changes: <div class="mw-collapsible-content"> <pre> # Choose default action. To change, just override value of 'action' with the # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local # globally (section [DEFAULT]) or per specific section action = %(action_)s # Reject/Disconnect Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s # # JAILS # # # SSH servers # </pre> </div> </div> ====Jail for MediaWiki - /etc/fail2ban/jail.local==== <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1m maxretry = 2 logpath = /var/log/Fail2Log.log </pre> <div class="toccolours mw-collapsible mw-collapsed"> Before: <div class="mw-collapsible-content"> <pre> # # JAILS # # # SSH servers # </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> After: <div class="mw-collapsible-content"> <pre> # # JAILS # [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log # # SSH servers # </pre> </div> </div> ====Filter for mediawiki==== <div class="toccolours mw-collapsible mw-collapsed"> Regex quick up and running tutorial: External Link:(youtube) <div class="mw-collapsible-content"> This Is a link to a video made by "Corey Schafer".<br \> The best no nonsense up and running regex tut there is.<br \> https://www.youtube.com/watch?v=sa-TUpSx1JA </div> </div> <code>$EDITOR /etc/fail2ban/filter.d/mediawiki.conf</code><br \> <pre> [Definition] failregex = ^Failed:<HOST> ignoreregex = </pre> =====Try out regex on log file===== <code>fail2ban-regex --print-all-matched /var/log/Fail2Log.log /etc/fail2ban/filter.d/mediawiki.conf</code> ====Restart Fail2Ban==== <code>systemctl restart fail2ban</code> <code>fail2ban-client status</code> <code>fail2ban-client status mediawiki</code> <b>Now test by trying to login to your wiki with wrong password three times.</b> =====fail2ban regex and error checking===== <div class="toccolours mw-collapsible mw-collapsed"> Check regex: <div class="mw-collapsible-content"> * Syntax: <code>fail2ban-regex <logfile> <failregex> <ignoreregex></code> ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * If you want to test <code>ignoreregex</code> enter filter file twice: ** Example: <code>fail2ban-regex /var/log/nginx/error.log /etc/fail2ban/filter.d/nginx-correct-up.conf /etc/fail2ban/filter.d/nginx-correct-up.conf</code> * Read <code>man fail2ban-regex</code> for some more opitions: * Examples: ** <code>-v</code>, <code>--verbose</code> *** Be verbose in output ** <code>--print-all-missed</code> *** Print all missed lines ** <code>--print-all-ignored</code> *** Print all ignored lines ** <code>--print-all-matched</code> *** Print all matched lines </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Debug Fail2Ban: <div class="mw-collapsible-content"> * <code>-d</code> dump configuration. For debugging.<br \> <code>fail2ban-client -d</code><br \> * <code>--dp</code>, <code>--dump-pretty</code> dump the configuration using more human readable representation.<br \> <code>fail2ban-client --dp</code><br \> * will print the systemd log for Fail2Ban.<br \> <code>journalctl -u fail2ban</code> </div> </div> ====Change ban time After testing==== <code>$EDITOR /etc/fail2ban/jail.local</code><br \> <pre> [mediawiki] enabled = true filter = mediawiki action = iptables-allports bantime = 1h maxretry = 20 logpath = /var/log/Fail2Log.log </pre> ===Unban IP's=== Get list of Jails:<br \> <code>fail2ban-client status</code><br \> See banned ips by that jail:<br \> <code>fail2ban-client status <jailname></code><br \> Unban IP from jail:<br \> <code>fail2ban-client set <jailname> unbanip <ip_address></code><br \> <br \> Log File:<br \> <code>/var/log/Fail2Log.log</code> ==Moving To VPS== ===Create ssh key pair on local host=== <code>ssh-keygen -t rsa -b 4096 -C "MYSERVER" -f ~/.ssh/serverkey</code><br \> You will be prompted to Enter a passphase, you can just press <b>Enter</b> for no passphase.<br \> You will now have a file called <b>serverkey</b> and <b>serverkey.pub</b> in your <b>/home/$USER/.ssh</b> directory.<br \> Now lets setup are server and move public key to server.<br \> <b>BACKUP YOUR PRIVATE KEY TO USB STICK OR SOMETHING!</b><br \> <code>serverkey.pub</code><b>PUBLIC KEY</b><br \> <code>serverkey</code><b>PRIVATE KEY</b><br \> ===Login to Server - ssh === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $10, 1 cpu, 2048MB ram, 55GB ssd, 2000GB Bandwidth.<br \> I have been given the IP:<b>192.248.145.129</b> and the Password:<b>1R?o.gPasdaLz1w</b> and with Vultr the default login/user is <b>root</b><br \> Lets move over the public key so we don't need a password to login:<br \> <code>ssh-copy-id -i ~/.ssh/serverkey root@192.248.145.129</code></br \> Will be promted for server password, enter password: 1R?o.gPasdaLz1w<br \> Now lets login with are private key.<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code> ===Update Server=== <code>apt update && apt upgrade -y</code><br \> The Server may need a restart, you will see this after updates if it does<br \> <b>*** System restart required ***</b><br \> restart server and log back in after a minute.<br \> <code>reboot</code> ===Change default ssh port and disable plain text passwords=== Log back into server<br \> <code>ssh -i .ssh/serverkey root@192.248.145.129</code><br \> <code>$EDITOR /etc/ssh/sshd_config</code><br \> <pre>#Port 22</pre> <pre>Port 7788</pre> disable clear text passwords <pre>#PasswordAuthentication yes</pre> <pre>PasswordAuthentication no</pre> restart sshd <code>systemctl restart sshd</code><br \> Exit server and re-login<br \> <code>exit</code><br \> Log back in with new port<br \> <code>ssh -p 7788 -i .ssh/serverkey root@192.248.145.129</code> <div class="toccolours mw-collapsible mw-collapsed"> Create ssh login shortcut: <div class="mw-collapsible-content"> To be done on host:<br \> <code>touch ~/.ssh/config</code><br \> <code>chmod 600 ~/.ssh/config</code><br \> <code>$EDITOR ~/.ssh/config</code><br \> <pre> Host mediawikiserver HostName 192.248.145.129 User root Port 7788 IdentityFile /home/$USER/.ssh/severkey </pre> You can now login to server from host with:<br \> <code>ssh mediawikiserver</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> Syntax of config file: <div class="mw-collapsible-content"> <pre> #Syntax # #Host <ALIAS_NAME> # HostName <ADDRESS_IP_OR_DOMAIN> # User <USERNAME_LOGIN> # Port <PORT_NUMBER_IF_NOT_DEFAULT> # IdentityFile </PATH/TO/PRIVATE_KEY> ## Can now login with <code>ssh <ALIAS_NAME> </pre> </div> </div> </div> </div> ===Enable Basic FireWall=== Block IPv6<br \> <code>$EDITOR /etc/default/ufw</code><br \> Change the line<br \> <code>IPV6=yes</code><br \> To<br \> <code>IPV6=no</code><br \> Save and Exit<br \> <code>ufw allow 7788/tcp</code><br \> <code>ufw enable</code><br \> ===Create Swap space on server=== ====First check if you already have a swap space==== First check if you already have a swap space<br \> <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 1655 2 228 1732 Swap: 0 0 0 </pre> <div class="toccolours mw-collapsible mw-collapsed"> Other methods to check swap space <div class="mw-collapsible-content"> <code>cat /proc/swaps</code><br \> <code>swapon -s -v</code> </div> </div> ====Create SwapSpace==== preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <div class="toccolours mw-collapsible mw-collapsed"> Working out the count size: <div class="mw-collapsible-content"> Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 </div> </div> <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> <b>Or</b> <code>swapon -a</code> <b>Or</b> <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>$EDITOR /etc/fstab</code><br \> And enter this in a new line at the bottom:<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with(or same other methods as above): <code>free -m</code><br \> Returns:<br \> <pre> total used free shared buff/cache available Mem: 1987 103 75 2 1808 1712 Swap: 2047 0 2047 </pre> ===ssmtp for email alerts=== <code>apt install ssmtp -y</code><br \> <code>$EDITOR /etc/ssmtp/ssmtp.conf</code><br \> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <code>$EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 </pre> <code>usermod -c "CNWikiVPS" root</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Hello You. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===auto update server=== <code>$EDITOR /etc/apt/apt.conf.d/50unattended-upgrades</code><br \> Uncomment (by removing <b>//</b> at start of line)and amend the lines we want:<br \> <code>// "${distro_id}:${distro_codename}-updates";</code><br \> to<br \> <code> "${distro_id}:${distro_codename}-updates";</code><br \> Add email address to send email to:<br \> <pre>//Unattended-Upgrade::Mail "";</pre> <pre>Unattended-Upgrade::Mail "email@tosendto.com";</pre> We are going to test are send mail, so for now change MailReport to "always"<br \> <pre>//Unattended-Upgrade::MailReport "on-change";</pre> <pre>Unattended-Upgrade::MailReport "always";</pre> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). //Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade //Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) //Unattended-Upgrade::Remove-Unused-Dependencies "false"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade //Unattended-Upgrade::Automatic-Reboot "false"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true //Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" //Unattended-Upgrade::Automatic-Reboot-Time "02:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec //Acquire::http::Dl-Limit "70"; </pre> Changed to<br \> <pre> // Remove unused automatically installed kernel-related packages // (kernel images, kernel headers and kernel version locked tools). Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; // Do automatic removal of newly unused dependencies after the upgrade Unattended-Upgrade::Remove-New-Unused-Dependencies "true"; // Do automatic removal of unused packages after the upgrade // (equivalent to apt-get autoremove) Unattended-Upgrade::Remove-Unused-Dependencies "true"; // Automatically reboot *WITHOUT CONFIRMATION* if // the file /var/run/reboot-required is found after the upgrade Unattended-Upgrade::Automatic-Reboot "true"; // Automatically reboot even if there are users currently logged in // when Unattended-Upgrade::Automatic-Reboot is set to true Unattended-Upgrade::Automatic-Reboot-WithUsers "true"; // If automatic reboot is enabled and needed, reboot at the specific // time instead of immediately // Default: "now" Unattended-Upgrade::Automatic-Reboot-Time "04:00"; // Use apt bandwidth limit feature, this example limits the download // speed to 70kb/sec Acquire::http::Dl-Limit "500"; </pre> Test with debug flag -d<br \> <code>unattended-upgrade -d</code> Once email alerts from auto updates has been tested and working, change MailReport back from 'always' to 'on-change', unless you want to be emailed at every update. ===Send Container to server=== From host<br \> <code>scp -i ~/.ssh/serverkey -P 7788 mediawiki.lxc root@192.248.145.129:/root/</code><br \> If you created a ssh shortcut in <b>.ssh/config</b> you can use:<br \> <code>scp mediawiki.lxc mediawikiserver:/root/</code><br> Once container transferred to server checksum to confirm<br> Do on Local and Server<br> <code>sha256sum mediawiki.lxc</code><br> The checksum should be the same on both!<br> ===LXD setup on server=== Check if <b>lxd</b> already installed.<br \> <code>lxd --version</code><br \> <code>snap install lxd</code><br \> Initialize LXD<br \> <code>lxd init</code><br \> all defaults<br \> <pre> Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (lvm, zfs, ceph, btrfs, dir) [default=zfs]: Create a new ZFS pool? (yes/no) [default=yes]: Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=10GB]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to create a new local network bridge? (yes/no) [default=yes]: What should the new bridge be called? [default=lxdbr0]: What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: Would you like the LXD server to be available over the network? (yes/no) [default=no]: Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: </pre> ===Import Container=== Note: If version of LXD on server is older than the one you are exporting from, you may see error <code>Error: Failed importing backup: Failed creating instance record: Unknown configuration key: volatile.last_state.ready</code><br> To Fix this update your LXD<br> <code>snap remove lxd</code><br> <code>snap install lxd</code><br> <code>lxd --version</code><br> <code>lxd init</code><br> <br> Import mediawiki container<br \> <code>lxc import mediawiki.lxc mediawiki</code><br \> <code>lxc list</code><br \> <code>lxc start mediawiki</code><br \> <code>lxc list</code><br \> Returns:<br \> <pre> +-----------+---------+-----------------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+------+-----------+-----------+ | mediawiki | RUNNING | 10.207.119.233 (eth0) | | CONTAINER | 0 | +-----------+---------+-----------------------+------+-----------+-----------+ </pre> <b>Note the Change of IP</b><br \> Are Containers IP is now:<b>10.207.119.233</b><br \> Now for some reason changing the IP on <b>/var/www/html/mediawiki/LocalSettings.php</b> and the <b>/etc/apache2/sites-available/completenoobs.com.conf</b> does not really work on a VPS (Forgot how i fixed this last time, pretty sure i got it workin a few years back).<br \> You need a DNS name: ===DNS=== Domain Name System: An index that connects an ip address with a more human readable name(website name):<br \> Like a phone book would index a persons name with a phone number.<br \> If you have a domain name for your wiki, point it to your server's ip address.<br \> This will be required for a letsencrypt cert also.<br \> I am using <b>namecheap.com</b> and on the <b>Advanced DNS</b> Page<br \> Add two Type <b>A Records</b>:<br \> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |@ |192.248.145.129 |auto |- |A record |www |192.248.145.129 |auto |} ===Change IP on config files=== Login to conatiner and change IP's to Domain Name<br \> <code>lxc exec mediawiki bash</code> <code>$EDITOR /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <pre> Redirect permanent "/" "https://10.3.45.233"</pre> <pre> Redirect permanent "/" "https://www.completenoobs.com"</pre> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <pre>$wgServer = "https://10.3.45.233";</pre> <pre>$wgServer = "https://www.completenoobs.com";</pre> <code>systemctl restart apache2</code> ===Use IPTables to forward traffic to container=== <div class="toccolours mw-collapsible mw-collapsed"> iptable syntax <div class="mw-collapsible-content"> *CONTAINER_IP = place holder for your containers ip *GLOBAL_IP = place holder for your servers public ip address *ETH = network interface: enp1s0 ** to be done/found on host VPS and NOT Container ** Find network interface:<code>ip route show default</code> or use <code>ip route show default | awk '{print $5}'</code> <pre>iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 80 -j DNAT --to-destination CONTAINER_IP:80 -m comment --comment "forward real ip to container" </pre> <pre> iptables -t nat -I PREROUTING -i ETH -p TCP -d GLOBAL_IP --dport 443 -j DNAT --to-destination CONTAINER_IP:443 -m comment --comment "forward real ip to container" </pre> </div> </div> <b>These commands to be done on host VPS and NOT in container!</b><br \> Get out of container <code>exit</code><br \> Network interface=<b>enp1s0</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Find you network interface name: <div class="mw-collapsible-content"> To be run on VPS host and Not in Container:<br \> <code>ip route show default | awk '{print $5}'</code> </div> </div> VPS Global IP=<b>192.248.145.129</b><br \> Container IP=<b>10.207.119.233</b><br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container"</code> <br \> <code>iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container"</code> <br \> The new rules for your iptable will not persistent after a reboot.<br \> Create systemd service to load firewall rules at startup:<br \> <code>$EDITOR /usr/local/bin/lxc-mediawiki-rules</code> <pre> #!/bin/bash iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 443 -j DNAT --to-destination 10.207.119.233:443 -m comment --comment "forward real ip to container" iptables -t nat -I PREROUTING -i enp1s0 -p TCP -d 192.248.145.129 --dport 80 -j DNAT --to-destination 10.207.119.233:80 -m comment --comment "forward real ip to container" </pre> <code>chmod +x /usr/local/bin/lxc-mediawiki-rules</code> <code>$EDITOR /etc/systemd/system/lxcip.service</code> <pre> [Unit] Description = apply ip rules at startup [Service] Type=oneshot ExecStart=/usr/local/bin/lxc-mediawiki-rules [Install] WantedBy=multi-user.target </pre> <code>systemctl enable lxcip</code> <div class="toccolours mw-collapsible mw-collapsed"> LXC proxy method: <div class="mw-collapsible-content"> <b>DO NOT USE This method!</b> placed here as a note:<br \> LXC also has a way to forward proxy traffic, but it will show all visits to website, as coming from <b>127.0.0.1</b><br \> When we install fail2ban, this would be very bad!<br \> <br \> <code>lxc config device add CONTAINER_NAME myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80</code><br \> <code>lxc config device add CONTAINER_NAME myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443</code><br \> To remove proxy:<br \> <code>lxc config device remove CONTAINER_NAME myport80</code><br \> <code>lxc config device remove CONTAINER_NAME myport443</code><br \> </div> </div> ===Visit webpage and check all working=== Visit the domain you selected<br \> <code>www.completenoobs.com</code><br \> Should be up and running.<br \> NOTE: We did not need to allow port 443 or 80 on VPS host.<br \> Check Iptables persist for restart, by rebooting server!<br \> <code>reboot</code><br \> Give it a minute or 2 and check website again. ===LetsEncrypt=== Log back into server<br \> <code>ssh mediawikiserver</code><br \> Log into container<br \> <code>lxc exec mediawiki bash</code><br \> Install certbot<br \> <code>snap install certbot --classic</code><br \> Backup Apache2 config file<br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf /etc/apache2/sites-available/completenoobs.com.conf.bk</code><br \> Create Cert<br \> <code>certbot --apache -d www.completenoobs.com -d completenoobs.com</code><br \> And Certbot broke are apache2 configs, and thats why we back up!<br \> <code>ls /etc/letsencrypt/live/www.completenoobs.com/</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/fullchain.pem /etc/ssl/certs/cn-selfsigned.crt</code><br \> <code>cp /etc/letsencrypt/live/www.completenoobs.com/privkey.pem /etc/ssl/private/cn-selfsigned.key</code><br \> <code>rm /etc/apache2/sites-available/completenoobs.com-le-ssl.conf /etc/apache2/sites-available/completenoobs.com.conf </code><br \> <code>cp /etc/apache2/sites-available/completenoobs.com.conf.bk /etc/apache2/sites-available/completenoobs.com.conf</code><br \> <br \> Turn <b>SSLUseStapling</b> on<br \> <code>$EDITOR /etc/apache2/conf-available/ssl-params.conf</code><br \> <pre>SSLUseStapling off</pre><br \> Change to:<br \> <pre>SSLUseStapling on</pre><br \> Restart apache<br \> <code>systemctl restart apache2</code><br \> Now check your site on browser.<br \> ==Useful Notes - tips== ===Forgot your Admin Password=== * Syntax <code>--user=$USER --password=$NEWPASSWORD</code> Can use for any user:<br \> <code>php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=YourNewPassWord</code><br \> ===Make Wiki Read Only=== Add to LocalSettings.php:<br \> <code>$wgReadOnly = 'Read Only';</code><br \> ===Restrict account creation on wiki=== Add to LocalSettings.php:<br \> <code>$wgGroupPermissions['*']['createaccount'] = false;</code> ===Only Admin accounts can edit=== Add to LocalSettings.php:<br \> <pre> $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = false; $wgGroupPermissions['sysop']['edit'] = true; </pre> ===Protect a page so only admin can edit=== At the top of the page when logged in with admin account, click <b>More</b>.<br \> A drop down of three opitions: Delete, Move, Protect.<br \> Clicking <b>Protect</b> will not allow any non admin from editing the page. {| class="wikitable" |+ When logged in as admin |- |Read |Edit |View history |(STAR) |<b>More</b> |} ===Make User an Admin=== go to special pages With Admin Account go to:<br \> <code>index.php/Special:SpecialPages</code> List of users can be found here:<br \> <code>index.php/Special:ListUsers</code><br \> Go to:<br \> <code>index.php/Special:UserRights</code><br \> And enter username:<br \> <b>Groups you can change</b><br \> And rest is self explanatory. ====Remove admin rights==== Same thing, just untick admin rights! ==Upgrading MediaWiki== <b>BACK SURE YOU BACKUP FIRST!!!</b> just in case.<br \> This example update 1.35 to 1.36 from 1.36 onwards php-intl is required.<br> Download the wiki you are going to upgrade to.<br \> <code>https://releases.wikimedia.org/mediawiki/1.36/</code><br \> <code>cd /root</code><br \> <code>wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz</code><br \> In LocalSettings.php put in readonly mode<br \> <code>$EDITOR /var/www/html/mediawiki/LocalSettings.php</code><br \> <code>$wgReadOnly = "Upgrading";</code><br \> <code>tar xvzf mediawiki-1.36.1.tar.gz -C /var/www/html/mediawiki --strip-components=1</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> Returns:<pre> Error: Missing one or more required components of PHP. You are missing a required extension to PHP that MediaWiki needs. Please install: * intl <https://www.php.net/intl> </pre> <code>apt install php-intl</code><br \> <code>php /var/www/html/mediawiki/maintenance/update.php</code><br \> And thats it. If you do get an error:<br \> <blockquote> MediaWiki 1.36 internal error Installing some PHP extensions is required. Required components You are missing a required extension to PHP that MediaWiki requires to run. Please install: intl (more information) </blockquote> Then <b>reboot</b> the container and its all fine after. ==Backup your Wiki== ===LXC Snapshots=== Easy way, backup the container using <b>snapshot</b><br \> <code>lxc snapshot mediawiki beforeupgrade_11_12_2020</code><br \> To see snapshots<br \> <code>lxc info mediawiki</code><br \> To restore container to snapshot<br \> <code>lxc restore mediawiki beforeupgrade_11_12_2020</code><br \> To delete a snapshot<br \> <code>lxc delete mediawiki/beforeupgrade_11_12_2020</code><br \> ====Export a Snapshot==== <code>lxc snapshot mediawiki testsnap</code> <code>lxc publish mediawiki/testsnap --alias mediawiki-backup-20-07-2021</code> <code>lxc image export mediawiki-backup-20-07-2021</code> you end up with a file named after the sha256sum <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> NOTE:You can change name from <code>a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz</code><br \> to something like <code>mediawiki-backup-20-07-2021.tar.gz</code> and restore will still work fine.<br \> can now delete image <code>lxc image delete mediawiki-backup-20-07-2021</code> ====Import Snapshot==== Move to another computer and install init lxd<br \> <code>lxc image import a23ee82572e5f14aabd4b59d6c7bc7923fe88f30f83b776401871e237b554ceb.tar.gz --alias testrestore</code> <code>lxc launch testrestore mediarestore</code> <code>lxc list</code> <code>lxc exec mediarestore bash</code> Change IP in LocalSettings and apache config and restart apache.<br \> And your up and running.<br \> <br \> you can also delete image on new restore computer:<br \> <code>lxc image delete testrestore</code> ===Dump mediawiki database - xml=== Log into container root dir<br \> <code>lxc exec NAME bash</code><br \> In container of wiki:<br \> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Exit container<br \> <code>exit</code> Pull file to host<br \> <code>lxc file pull NAME/root/dump_mediawiki.xml wiki-dump.xml</code> ====automate xml dumps to server==== TIP: [[Scp_only|Create an '''scp only''' account on server first]]<br> <code>$EDITOR /usr/local/bin/auto-export.sh</code></br> <syntaxhighlight lang="bash" line> #!/bin/bash set -x time_stamp=$(date '+%d_%m_%y') dumps_dir="/var/www/dumps" noobs_dir="/var/www/html/noobs" local_settings="$noobs_dir/LocalSettings.php" wiki_dump_dir="$dumps_dir/$time_stamp.Noobs" xmlkey="/root/.ssh/xmlkey" remote_host="rscp@xml.completenoobs.com" remote_path="/home/rscp/media/" function ensure_read_only_line_exists { if ! grep -q "wgReadOnly" "$local_settings"; then cat <<EOF >> "$local_settings" \$wgReadOnly = 'Dumping Database, Access will be restored shortly'; EOF fi } function set_wiki_read_only { sed -i 's/^#*\(\$wgReadOnly\)/\1/' "$local_settings" } function unset_wiki_read_only { sed -i 's/^\(\$wgReadOnly\)/#\1/' "$local_settings" } function create_directories { mkdir -p "$dumps_dir" mkdir -p "$wiki_dump_dir" } function dump_wiki { php "$noobs_dir/maintenance/dumpBackup.php" --full > "$wiki_dump_dir/$time_stamp.Noobs.xml" } function generate_checksums { md5sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.md5sum.txt" sha256sum "$wiki_dump_dir/$time_stamp.Noobs.xml" > "$wiki_dump_dir/$time_stamp.sha256sum.txt" } function push_to_remote { scp -i /root/.ssh/xmlkey -r /var/www/dumps/$time_stamp.Noobs rscp@xml.completenoobs.com:/home/rscp/media/ #rsync -avz -e "ssh -i $xmlkey" "$wiki_dump_dir" "$remote_host:$remote_path" } # Main script ensure_read_only_line_exists create_directories set_wiki_read_only dump_wiki generate_checksums unset_wiki_read_only push_to_remote </syntaxhighlight> <br> <code>chmod +x /usr/local/bin/auto-export.sh</code><br> =====add to cron to export every 5 days===== <code>crontab -e</code><br> <pre> 30 3 */5 * * /usr/local/bin/auto-export.sh </pre> Will export at 3:30 am every 5 days, check [[Cron_ubuntu_22.04|Ubuntu Cron Quick start for more info]] ===Import Dump=== ====Create Quick local wiki==== [[Ubuntu_Local_Wiki_Import|localwiki]] ====Import dump==== <code>lxc file push wiki-dump.xml localwiki/root/</code><br \> <code>lxc exec localwiki bash</code><br \> =====Restore dump===== <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/wiki-dump.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Everything apart from <b>index.php/Main_Page</b> restored. ===Full Wiki Dump and Restore=== ====Backing up==== ====Making your wiki READ ONLY - will lock database==== <code>$EDITOR LocalSettings.php</code><br \> <code>$wgReadOnly = 'Dumping Database, Access will be restored shortly';</code> ====Dump and gzip database for transport==== will be prompted for password:<br \> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green -p mywiki_database | gzip > /root/greenwiki.sql.gz</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> ALt method for dump(password in cmd): <div class="mw-collapsible-content"> <code>mysqldump -h localhost --default-character-set=binary --no-tablespaces -u green --password=THISpasswordSHOULDbeCHANGED -p mywiki_database | gzip > /root/greenwiki.sql.gz</code> </div> </div> <code>php /var/www/html/mediawiki/maintenance/dumpBackup.php --full > /root/dump_mediawiki.xml</code><br \> Back mediawiki Root Directory.<br \> <code>tar cvzhf /root/mediawiki-rootDir.tgz /var/www/html/mediawiki</code><br \> All into one file for easy transport.<br \> <code>cd /root/</code><br \> <code>tar cvzhf mediawiki-transfer.tgz mediawiki-rootDir.tgz greenwiki.sql.gz dump_mediawiki.xml</code><br \> All file in <b>mediawiki-transfer.tgz</b> for transfer to new server<br \> exit Container<br \> <code>exit</code><br \> <code>lxc file pull mediawiki/root/mediawiki-transfer.tgz mediawiki.bk.tgz</code><br \> ====Restore wiki==== create container (backupwiki) and push file<br \> <code>lxc file push mediawiki.bk.tgz backupwiki/root/</code><br \> login to container<br \> <code>apt update && apt upgrade -y</code><br \> <code>apt install apache2 mysql-server php php-mysql libapache2-mod-php php-xml php-mbstring php-intl -y</code><br \> <br \> <code>tar xvf mediawiki.bk.tgz</code><br \> <code>tar xvf mediawiki-rootDir.tgz -C /</code><br \> Create basebase:<br \> NOTE: If you use diff username, passwd, database_name, append/correct details on LocalSettings.<br \> <code>mysql -u root</code> <code>CREATE USER 'green'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';</code> <code>CREATE DATABASE mywiki_database;</code> <code>use mywiki_database;</code> <code>GRANT ALL ON mywiki_database.* TO 'green'@'localhost';</code> <code>quit;</code> <br \> <code>gunzip -d greenwiki.sql.gz</code><br \> <code>mysql -u green -p mywiki_database < greenwiki.sql</code><br \> <code>php /var/www/html/mediawiki/maintenance/importDump.php --conf /var/www/html/mediawiki/LocalSettings.php /root/dump_mediawiki.xml</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildrecentchanges.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/initSiteStats.php</code><br \> <code>php /var/www/html/mediawiki/maintenance/rebuildall.php</code><br \> Config Apache2 <code>$EDITOR /etc/apache2/sites-available/000-default.conf</code> <pre> <VirtualHost *:80> DocumentRoot /var/www/html/mediawiki </VirtualHost> </pre> Reload Apache2 <code> systemctl restart apache2 </code> ==Youtube extension== * needed to view embedded videos https://www.mediawiki.org/wiki/Extension:YouTube <code>wget https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /var/www/html/mediawiki/extensions/</code> * Append to '''LocalSettings.php''' <code>wfLoadExtension( 'YouTube' );</code> * On wiki page can now embed youtube videos ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> ==Remove <b>Index.php</b> From URL== [[Mediawiki_Remove_index.php|How to remove the Index.php from URL]] ==SpamBot Wars== Bit busy now, notes to look into later: https://www.mediawiki.org/wiki/Extension:Nuke<br \> https://www.mediawiki.org/wiki/Manual:Preventing_access<br \> https://www.mediawiki.org/wiki/Extension:ConfirmAccount<br \> https://www.mediawiki.org/wiki/Extension:InviteSignup<br \> Well the bots won for now - Disable eMail function for all related options in LocalSettings.php<br \> <code>$wgEnableEmail = false;</code><br \> Or just stop users sending email with:<br \> <code>$wgEnableUserEmail = false;</code> ==Notes== ==Syntax highlighting not working== Install <b>pygments</b><br> <code>apt install python3-pygments</code><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> oy7buud7eu2pdl71pzl0lsr9ucv9i1o 0 100 358 2023-04-23T22:31:57Z AwesomO 5 Created page with " =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services..." 358 wikitext text/x-wiki =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[Command_Line_Editors#Set_$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[EmbedVideo_Syntax|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} ff1bqnabzlqkk641vgqj6hebe13qmy4 0 102 368 2023-04-27T22:54:44Z AwesomO 5 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>(ENTER LICENCE NAME HERE)</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> ENTER LICENCE HERE </div> </div> |}" 368 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>(ENTER LICENCE NAME HERE)</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> ENTER LICENCE HERE </div> </div> |} gvoe30sh0kjpl7qicwsrt1nmfv20nul 0 103 379 2023-05-03T12:16:47Z AwesomO 5 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>FreeBSD Documentation License</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> <pre> Copyright (c) YEAR <YEAR OF DOCUMENTATION>, <AUTHOR NAME>. All rights reserved. Redistribution and use in source (SGML DocBook) and 'compiled' forms (SGML, HTML, PDF,..." 379 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>FreeBSD Documentation License</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> <pre> Copyright (c) YEAR <YEAR OF DOCUMENTATION>, <AUTHOR NAME>. All rights reserved. Redistribution and use in source (SGML DocBook) and 'compiled' forms (SGML, HTML, PDF, PostScript, RTF and so forth) with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code (SGML DocBook) must retain the above copyright notice, this list of conditions and the following disclaimer as the first lines of this file unmodified. 2. Redistributions in compiled form (transformed to other DTDs, converted to PDF, PostScript, RTF and other formats) must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </div> </div> |} 4u880ascuuoayh2341izs7c4n34rea6 0 104 397 2023-05-05T14:49:08Z AwesomO 5 Created page with "Drafting: ==Memory usage== In FreeBSD, the alternative to the Linux command '''free -m''' is the '''sysctl''' and '''top''' commands. The free -m command in Linux displays memory usage in megabytes. To obtain similar information in FreeBSD, you can use the following methods: ===Using sysctl=== The sysctl command can be used to display memory usage information. Run the following command to get the memory usage in bytes: <code>sysctl hw.physmem hw.pagesize vm.stats.vm..." 397 wikitext text/x-wiki Drafting: ==Memory usage== In FreeBSD, the alternative to the Linux command '''free -m''' is the '''sysctl''' and '''top''' commands. The free -m command in Linux displays memory usage in megabytes. To obtain similar information in FreeBSD, you can use the following methods: ===Using sysctl=== The sysctl command can be used to display memory usage information. Run the following command to get the memory usage in bytes: <code>sysctl hw.physmem hw.pagesize vm.stats.vm.v_free_count vm.stats.vm.v_inactive_count vm.stats.vm.v_cache_count</code> To display memory usage in a more human-readable format (like megabytes), you can use the following script: <pre> #!/bin/sh physmem=`sysctl -n hw.physmem` pagesize=`sysctl -n hw.pagesize` free_count=`sysctl -n vm.stats.vm.v_free_count` inactive_count=`sysctl -n vm.stats.vm.v_inactive_count` cache_count=`sysctl -n vm.stats.vm.v_cache_count` total_mem=$(( $physmem / 1024 / 1024 )) free_mem=$(( ($free_count + $inactive_count + $cache_count) * $pagesize / 1024 / 1024 )) echo "Total memory: ${total_mem}MB" echo "Free memory: ${free_mem}MB" </pre> Save the script to a file, make it executable with chmod +x script_name, and run it to display memory usage in megabytes. ===Using top=== The top command also provides memory usage information. Run the following command: <code>top</code> In the top output, you'll find memory usage information under the "Memory" section. It will display "Active", "Inact", "Laundry", "Wired", "Buf", "Free", and other memory-related values. '''top''' will also display your '''swap space''' ==CPU== ===Finding CPU info=== On FreeBSD, you can use the '''sysctl''' command to obtain information about your CPU. Here's how you can find your CPU details: : Open a terminal window on your FreeBSD system. :* Type the following command and press Enter: <code>sysctl hw.model</code> This command will display the model name of your CPU. To obtain more detailed information about your CPU, type the following command and press Enter: <code>sysctl hw.machine_arch</code> This command will display the architecture of your CPU (e.g., amd64, i386, etc.). You can also use the dmesg command to obtain information about your CPU. Type the following command and press Enter: <code>dmesg | grep CPU:</code> :* This command will display information about your CPU, including the model name, clock speed, and number of cores. In addition to these commands, you can also use third-party system information tools like '''lshw''' and '''hwinfo''' to obtain detailed information about your CPU and other hardware components on your FreeBSD system. pkzx8gkio89c7p3g3hfzg6roc88tzvr 0 105 398 2023-05-05T14:51:07Z AwesomO 5 Created page with " ==FreeBSD Jail Setup Manually== Creating a FreeBSD jail manually involves downloading and extracting the base package for the desired FreeBSD release. Here's a step-by-step guide on how to do this: ===Using OpenZFS=== '''OpenZFS''' is a very powerful and helpful File-System that can allow us to very easily '''create''', '''clone''', '''snapshot''', '''restore''', '''destroy''', '''backup''' and '''transfer''' are jails. ====Create a directory for the jail==== In..." 398 wikitext text/x-wiki ==FreeBSD Jail Setup Manually== Creating a FreeBSD jail manually involves downloading and extracting the base package for the desired FreeBSD release. Here's a step-by-step guide on how to do this: ===Using OpenZFS=== '''OpenZFS''' is a very powerful and helpful File-System that can allow us to very easily '''create''', '''clone''', '''snapshot''', '''restore''', '''destroy''', '''backup''' and '''transfer''' are jails. ====Create a directory for the jail==== In this example my ZFS Pool is called '''nuc''' and my '''jails directory''' will be in a directory called '''pods''' which will contain my '''jails''' each in a separate sub directory like so '''/pods/{jail1,jail2,jail3}''' * Create a dataset for pods <code>sudo zfs create nuc/pods</code> * You can check with <code>zfs list</code> to see your new dataset. ====Set the mountpoint for the pods dataset==== <code>sudo zfs set mountpoint=/pods nuc/pods</code> ====Create a Template Jail Which you can clone==== In this section, we will create an OpenZFS dataset called '''FreeBSD_13.2_Template''' to extract a '''base.txz''' Which we will '''snapshot''' , and then '''clone''' the template to create a new jail. =====Create the 'FreeBSD_13.2_Template' dataset===== <code>sudo zfs create your_pool_name/path/FreeBSD_13.2_Template</code> Replace your_pool_name with the name of your ZFS pool. * Example: <code>sudo zfs create nuc/pods/FreeBSD_13.2_Template</code> =====Set the mountpoint for the template dataset===== <code>sudo zfs set mountpoint=/pods/FreeBSD_13.2_Template nuc/pods/FreeBSD_13.2_Template</code> =====Download the '''base.txz''' package for FreeBSD 13.2-RELEASE===== <code>fetch https://download.freebsd.org/ftp/releases/amd64/13.2-RELEASE/base.txz -o /tmp/base.txz</code> =====Extract the base.txz package to the 'FreeBSD_13.2_Template' dataset===== <code>tar -C /pods/FreeBSD_13.2_Template -xf /tmp/base.txz</code> =====Create a snapshot of the template dataset===== <code>sudo zfs snapshot nuc/pods/FreeBSD_13.2_Template@base_snapshot</code> =====Clone the template dataset to create a new jail dataset===== <code>sudo zfs clone nuc/pods/FreeBSD_13.2_Template@base_snapshot nuc/pods/mediawiki</code> =====Set the mountpoint for the jail dataset===== <code>sudo zfs set mountpoint=/pods/mediawiki nuc/pods/mediawiki</code> You now have a template dataset and a jail dataset based on that template. ====How to '''snapshot''' and '''rollback''' your jails==== Now, you have separate datasets for each jail, and you can create snapshots and rollbacks for each jail individually. For example, to create a snapshot for the mediawiki jail, you can run: <code>sudo zfs snapshot nuc/pods/mediawiki@snapshot_name</code> And to roll back to a snapshot for the mediawiki jail, you can run: <code>sudo zfs rollback nuc/pods/mediawiki@snapshot_name</code> Replace '''snapshot_name''' with a descriptive name for the snapshot. You can follow the same process for any other jails you create within the pods dataset. ====Destroy/Delete Dataset/jail==== If you need/want to delete the jail dataset, you can destroy it with the following command First un-mount the mount point (if mounted) * Find if and where mounted with: <code>zfs list</code> : Return out put: <pre>nuc/pods/mediawiki 0B 208G 503M /pods/mediawiki </pre> As we can see its mounted at '''/pods/mediawiki''' * ensure that no processes are currently using it. You can use the '''fuser''' command followed by the path to the mount point to check for any processes that are using it. :* For example: <code>fuser /pods/mediawiki</code> * Unmount /pods/mediawiki <code>sudo umount /pods/mediawiki</code> * Now destroy the dataset <code>sudo zfs destroy nuc/pods/mediawiki</code> Replace '''nuc''' with the name of your ZFS pool. * If you want to also remove any snapshots of the dataset, you can add the '''-R''' option to the '''zfs destroy''' command. For example, to delete the dataset and all its snapshots, run the following command: <code>zfs destroy -R nuc/pods/mediawiki</code> ===Using UFS=== ====Create a directory==== Create a directory that will serve as the root directory for your jail. Replace '''/var/pods''' with the desired path. <code>mkdir -pv /pods/mediawiki</code> :* We now have a directory called '''pods''' in which we will install are jailed FreeBSD instances :** With sub-directory '''mediawiki''' in which we will install are jailed mediawiki server ====Choose the desired FreeBSD release==== *Determine the FreeBSD release you want to use for your jail. Search https://download.freebsd.org/ftp/releases/ For a '''base.txz'' of the version and appropriate architecture of FreeBSD you wish to install in a jail. In this example, we'll use FreeBSD 13.2-RELEASE. Adjust the release version according to your needs. Download the base package for the desired FreeBSD release. Use the '''fetch''' command to download the package directly from the FreeBSD website: <code>fetch https://download.freebsd.org/ftp/releases/amd64/13.2-RELEASE/base.txz -o /tmp/base.txz</code> :* Replace '''amd64''' with the appropriate architecture if needed. ====Extract the base package==== Extract the downloaded base package into the jail's root directory: <code>tar -C /pods/mediawiki -xf /tmp/base.txz</code> ===jail configuration '''/etc/jail.conf'''=== Create a configuration file for your jail. The following example assumes you're using the jail utility provided by FreeBSD: Edit '''/etc/jail.conf''' and add the following jail configuration: * If '''/etc/jail.conf''' does not exist, create it with <code>touch /etc/jail.conf</code> <code>$EDITOR /etc/jail.conf</code> <pre> localwiki { host.hostname = "local.wiki"; ip4.addr = 192.168.0.33; path = "/pods/mediawiki"; exec.start = "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; exec.clean; mount.devfs; } </pre> :* Replace :** '''localwiki''' to what you would like your jail called :** '''host.hostname = "<the_host_name_for_jail>";''' :** '''ip4.addr = <ip_address_for_jail_to_use>;''' :** '''path = "</path/to/jail>";''' ===Copy over your '''/etc/resolv.conf''' to jail=== It is generally a good idea to copy the '''/etc/resolv.conf''' file from the host system to the jail's '''/etc/resolv.conf''' before starting the jail. This ensures that the jail has the same DNS resolver configuration as the host, allowing it to resolve domain names correctly. '''/etc/resolv.conf''' is a configuration file used by the DNS resolver library on Unix-based systems, including FreeBSD. It contains information about the DNS nameservers and search domains to use when resolving domain names. To copy the '''resolv.conf''' file from the host system to the jail, you can use the cp command: <code>cp /etc/resolv.conf /pods/mediawiki/etc/resolv.conf</code> Make sure to execute this command before starting the jail to ensure proper DNS resolution within the jail environment. ===Start the jail=== Start the jail using the '''jail''' utility: <code>jail -c localwiki</code> Replace '''localwiki''' with the name you chose in the jail configuration. ===If you have firewall up - allow jail through firewall=== <div class="toccolours mw-collapsible mw-collapsed"> IPFW Example: <div class="mw-collapsible-content"> <pre> # Allow incoming traffic for jail's IP (192.168.0.33) ipfw -q add 00200 allow all from any to 192.168.0.33 in # Allow outgoing traffic for jail's IP (192.168.0.33) ipfw -q add 00210 allow all from 192.168.0.33 to any out </pre> </div> </div> ===Access the jail=== Enter the jail's environment with the '''jexec''' command: <code>jexec localwiki /bin/sh</code> * Replace '''localwiki''' with your jail name You'll now be inside your jail, and you can manage it like any other FreeBSD system. ===Restart the jail=== :To restart the jail you turn it off and on again :) <code>sudo jail -r your_jail_name</code> <code>sudo jail -c your_jail_name</code> * or one line <code>sudo jail -r your_jail_name && sudo jail -c your_jail_name</code> ===Stop and remove the jail (optional)=== If you want to stop and remove the jail, first exit the jail environment (if you're still inside) by typing '''exit'''. Then, stop the jail: <code>jail -r myjail</code> You can now remove the jail directory and its contents: <code>rm -rf /path/to/jail</code> Don't forget to remove the corresponding jail configuration from '''/etc/jail.conf'''. By following these steps, you've manually created a FreeBSD jail by downloading and extracting the base package. You can now configure and manage the jail as needed. ==Start Jails at reboot== * To have all the jails start at reboot add the line <code>jail_enable="YES"</code> into rc.conf <code>sysrc jail_enable="YES"</code> ==Run commands in jail from Host== Start your jail, if it's not already running: <code>sudo service jail start your_jail_name</code> * Or use '''jail''' <code>jail -c your_jail_name</code> ===Obtain the jail ID by listing the running jails=== <code>jls</code> Note the JID (Jail ID) for your specific jail from the output. ===Update the pkg package manager inside the jail=== <code>sudo jexec JID pkg update</code> Replace '''JID''' with the jail '''ID''' you noted in '''Obtain the jail ID by listing the running jails'''. * Example (If JID = 1): <code>sudo jexec 1 pkg update</code> ===Install packages using the pkg command with jexec=== <code>sudo jexec JID pkg install package_name</code> Replace '''package_name''' with the desired package. For example, to initialize pkg and install the nano text editor in a jail with a '''Jail ID of 1''', you would run: <code>sudo jexec 1 pkg update</code> <code>sudo jexec 1 pkg install nano</code> To run other commands inside the jail from the host, you can use the same '''jexec JID command''' pattern, replacing command with the desired command you want to run inside the jail. 365qilgmywla96vnsj9xl1jijo83zuw 0 106 399 2023-05-05T14:53:15Z AwesomO 5 Created page with "==Safely Creating a ZFS Dataset in an Existing Directory== Assuming you have a username '''foo''' on your FreeBSD system, and your home directory is located at '''/usr/home/foo'''. Your ZFS pool, visible by running zfs list, is '''nuc/usr/home'''. Let's create a dataset named '''backup''' inside '''/usr/home/foo''' without overwriting any data. :* Identify the pool you want to create the dataset in. You can list your existing ZFS pools by running: <code>zfs list</c..." 399 wikitext text/x-wiki ==Safely Creating a ZFS Dataset in an Existing Directory== Assuming you have a username '''foo''' on your FreeBSD system, and your home directory is located at '''/usr/home/foo'''. Your ZFS pool, visible by running zfs list, is '''nuc/usr/home'''. Let's create a dataset named '''backup''' inside '''/usr/home/foo''' without overwriting any data. :* Identify the pool you want to create the dataset in. You can list your existing ZFS pools by running: <code>zfs list</code> :* Before creating the dataset, ensure that the target directory for the new dataset does not exist. In this case, '''/usr/home/foo/backup''' should not exist yet. :* Create the dataset in the desired ZFS pool. Replace nuc (which is the pool name) with the name of the ZFS pool you want to create the dataset in, and backup with the name you want to give the dataset: <code>sudo zfs create nuc/usr/home/foo_backup</code> :* Set the mountpoint for the dataset to the desired directory. Replace /usr/home/foo/backup with the path to the directory you want to use: <code>sudo zfs set mountpoint=/usr/home/foo/backup nuc/usr/home/foo_backup</code> :* Verify that the dataset is mounted at the correct location by running: <code>zfs list</code> You should see your dataset in the list with the correct mountpoint. Now you have successfully created a ZFS dataset without wiping out an existing directory. The dataset is mounted at the specified directory, and you can use it as you normally would. <div class="toccolours mw-collapsible mw-collapsed"> How to do it the '''Wrong Way''' and how to '''Recover'''<br> Doing it the Wrong way is not fun.... not fun at all <div class="mw-collapsible-content"> Assuming you have a username foo on your FreeBSD system, and your home directory is located at '''/usr/home/foo'''. Your ZFS pool, visible by running zfs list, is '''nuc/usr/home'''. Now let's assume you mistakenly try to create a dataset named backup inside '''/usr/home/foo''' without properly setting the mountpoint. :* Create the dataset in the desired ZFS pool. Replace '''nuc''' (which is the pool name) with the name of the ZFS pool you want to create the dataset in, and backup with the name you want to give the dataset: <code>sudo zfs create nuc/usr/home/foo/backup</code> In this case, ZFS creates a dataset named backup inside the '''nuc/usr/home/foo''' dataset. By doing this, the existing '''/usr/home/foo''' directory will be replaced by the newly created '''nuc/usr/home/foo/backup''' dataset, causing the original contents of '''/usr/home/foo''' to be hidden. Please note that the contents of '''/usr/home/foo''' are not technically wiped out, but they become inaccessible because the new dataset is now mounted on top of the '''/usr/home/foo''' directory. The original files still exist on the disk, but they are hidden by the new mountpoint. To recover from this situation, you would need to unmount the newly created dataset, move its contents to another location (if needed), and then remove the dataset: :* Unmount the new dataset: <code>sudo zfs unmount nuc/usr/home/foo/backup</code> :* If you added any content to the new dataset, move it to another location: <code>mv /usr/home/foo/backup/* /temporary/location/</code> :* Remove the new dataset: <code>sudo zfs destroy nuc/usr/home/foo/backup</code> After these steps, the original contents of '''/usr/home/foo''' should become accessible again. To avoid such situations, always set the mountpoint for the new dataset explicitly, as shown in '''Safely Creating a ZFS Dataset in an Existing Directory'''. </div> </div> ==Creating a snapshot and rolling back== ===Single DataSet=== Creating a snapshot and rolling back to a previous snapshot are useful features of ZFS for data protection and recovery. Here's how to make a full snapshot and rollback/restore if something goes wrong: ==== Create a snapshot==== To create a snapshot, you need to specify the dataset or ZFS pool you want to snapshot and give the snapshot a name. Use the following command: <code>sudo zfs snapshot pool_name/dataset_name@snapshot_name</code> Replace '''pool_name''' with the name of your ZFS pool, '''dataset_name''' with the name of the dataset you want to snapshot, and '''snapshot_name''' with a descriptive name for the snapshot. For example, if you have a dataset named '''nuc/usr/home/foo_backup''', you can create a snapshot called '''before_changes''' like this: <code>sudo zfs snapshot nuc/usr/home/foo_backup@before_changes</code> :* List snapshots: To verify that the snapshot was created successfully, use the following command: <code>zfs list -t snapshot</code> This command will show you all the snapshots available on your system. ====Rollback/restore a snapshot==== * View snapshot: <code>zfs list -t snapshot </code> If something goes wrong and you need to restore your dataset to a previous state, you can rollback to the snapshot you created earlier. Use the following command: <code>sudo zfs rollback pool_name/dataset_name@snapshot_name</code> Replace '''pool_name''', '''dataset_name''', and '''snapshot_name''' with the appropriate values for your snapshot. For example, to rollback to the '''before_changes''' snapshot of the '''nuc/usr/home/foo_backup''' dataset, run: <code>sudo zfs rollback nuc/usr/home/foo_backup@before_changes</code> Please note that rolling back to a snapshot will destroy any changes made to the dataset after the snapshot was taken. Make sure you have backups of any important data before performing a rollback. That's it! Now you know how to create a snapshot, list snapshots, and rollback to a previous snapshot in case something goes wrong. These features are part of what makes ZFS a powerful and flexible filesystem. ===Recursively Create a Snapshot and Rollback=== In this example, we will create a snapshot of the nuc/usr/home dataset and all its child datasets, and then roll back to this snapshot. ====Recursively Create a Snapshot==== : Create a recursive snapshot of the '''nuc/usr/home''' dataset. Replace '''nuc/usr/home''' with the name of your dataset, and '''recursive_snapshot''' with a descriptive name for the snapshot: <code>sudo zfs snapshot -r nuc/usr/home@recursive_snapshot</code> The '''-r''' flag tells ZFS to create snapshots for all child datasets of '''nuc/usr/home'''. :* Verify that the snapshots have been created successfully for the dataset and its child datasets: <code>zfs list -t snapshot</code> You should see the '''recursive_snapshot''' snapshot for the '''nuc/usr/home''' dataset and all its child datasets in the list. ====Rollback to the Recursive Snapshot==== Before rolling back, be aware that any changes made to the datasets after the snapshot was taken will be lost. Make sure you have backups of any important data before performing a rollback. :* Roll back to the '''recursive_snapshot''' for the '''nuc/usr/home''' dataset and all its child datasets: <code>sudo zfs rollback -r nuc/usr/home@recursive_snapshot</code> This command will roll back the '''nuc/usr/home''' dataset and all its child datasets to the state they were in when the '''recursive_snapshot''' snapshot was taken. :* Verify that the datasets have been rolled back to the snapshot: <code>zfs list -t snapshot</code> You should see the '''recursive_snapshot''' snapshot for the '''nuc/usr/home''' dataset and all its child datasets in the list, indicating that the rollback was successful. Now you know how to create a recursive snapshot of a specific dataset, and roll back to that snapshot if necessary. Remember that rolling back to a snapshot will destroy any changes made to the datasets after the snapshot was taken, so always have backups of important data before performing a rollback. ===Kind Of Full Recursive Backup and Restore=== ====Backup - Snapshot==== you can create snapshots for all datasets in your ZFS pool using a single command. In this case, the pool name is '''nuc'''. You can use the '''zfs list''' command to get a list of all datasets in your pool and then create a snapshot for each of them using a loop. Here's a step-by-step guide: ===== List all datasets in your ZFS pool===== <code>zfs list -o name -r nuc</code> This command lists the names of all datasets in the '''nuc''' pool, including child datasets. =====Create a snapshot for each dataset in the pool===== * If using '''sh''' shell <code>zfs list -o name -r nuc | while read dataset; do sudo zfs snapshot "${dataset}@beforechange"; done</code> * If using '''csh''' shell <code>zfs list -o name -r nuc | awk '{ system("sudo zfs snapshot "$1"@beforechange") }'</code> * If using '''csh''' shell : If logged in as root and sudo not yet installed use: <code>zfs list -o name -r nuc | awk '{ system("zfs snapshot "$1"@beforechange") }'</code> This command uses a loop to create a snapshot named '''beforechange''' for each dataset in the '''nuc''' pool. =====Verify that the snapshots have been created successfully===== <code>zfs list -t snapshot</code> You should see the '''beforechange''' snapshot for each dataset in the '''nuc''' pool in the list. Keep in mind that this process will create snapshots for all datasets in the nuc pool. When rolling back, you will need to roll back each dataset individually. ====Restore -Rollback==== You can roll back all the datasets to their respective snapshots in one line using a loop, similar to the snapshot creation process. Here's how to roll back all datasets in the '''nuc''' pool to the '''beforechange''' snapshots: =====Roll back all datasets to the '''beforechange''' snapshots===== * If using '''sh''' shell <code>zfs list -H -o name -t snapshot -r nuc | grep '@beforechange$' | while read snapshot; do sudo zfs rollback "$snapshot"; done</code> * If using '''csh''' shell <code>zfs list -H -o name -t snapshot -r nuc | grep '@beforechange$' | awk '{ system("sudo zfs rollback "$1) }'</code> * If using '''csh''' shell and logged in as root with sudo not installed - remove sudo from command: <code>zfs list -H -o name -t snapshot -r nuc | grep '@beforechange$' | awk '{ system("zfs rollback "$1) }'</code> This command lists all the '''beforechange''' snapshots in the '''nuc''' pool, and then uses a loop to roll back each dataset to its '''beforechange''' snapshot. Keep in mind that rolling back to a snapshot will destroy any changes made to the datasets after the snapshot was taken. Make sure you have backups of any important data before performing a rollback. ==Full system snapshot and rollback== First, make sure your entire system is on ZFS, including the root filesystem. :* You are going to need to have a Live FreeBSD CD/DVD/USB or another bootable medium that has ZFS support. you can boot up. :** This is necessary because you can't rollback the root filesystem while it's in use. ===Backup - Snapshot full system=== ==== Step 1==== :* Shutdown the computer and boot of the live FreeBSD USB ====Step 2==== :* Once in Shell Import/Mount the Root Pool with: <code>zpool import -R /mnt pool_name</code> :* Replace '''pool_name''' with the name of your pool :** In my case the '''pool_name''' is called '''nuc''' ====Step 3==== :* Take a snapshot of all the datasets in your ZFS pool. For example, if your ZFS pool is called '''nuc''', you can create a snapshot called '''full_system_backup''' like this: <code>zfs snapshot -r nuc@full_system_backup</code> The '''-r''' flag creates snapshots recursively for all child datasets. ====Step 4==== : After taking the snapshot, export the ZFS pool: <code>zpool export pool_name</code> :* Replace '''pool_name''' with the name of your ZFS pool ====Step 5==== : Reboot back into your system: <code>reboot</code> And thats your '''snapshot''' done, you can now reboot and go back to work, knowing you have a backup to roll back to. ===Restore - Rollback full system=== ====Step 1==== :* Shutdown the computer and boot of the live FreeBSD USB ====Step 2==== :* Once in Shell Import/Mount the Root Pool with: <code>zpool import -R /mnt pool_name</code> :* Replace '''pool_name''' with the name of your pool :** In my case the '''pool_name''' is called '''nuc''' ====Step 3==== :* Rollback all the datasets in your ZFS pool to the snapshot <code>zfs rollback -r nuc@full_system_backup</code> :* This command will rollback all datasets in the '''nuc''' pool to the '''full_system_backup''' snapshot. ====Step 4==== :* After the rollback is complete, '''export''' the ZFS pool <code>zpool export nuc</code> :* Replace '''nuc''' with the name of your ZFS pool ====Step 5==== :* Rebbot back into your system <code>reboot</code> Your system should now be restored to the state it was in when you took the '''full_system_backup''' snapshot. Keep in mind that this process assumes your entire system, including the root filesystem, is on ZFS. If only specific parts of your system are on ZFS, you'll need to adjust the process accordingly. Also, note that rolling back to a snapshot will destroy any changes made to the datasets after the snapshot was taken. Make sure you have backups of any important data before performing a rollback. qtigmtjvywb8osd5v8h05wr7te57uet 0 107 400 2023-05-05T14:54:18Z AwesomO 5 Created page with "FreeBSD uses an init system called the "BSD-style init system" or "rc.d init system". It is a collection of shell scripts that are used to manage services and system startup. The init system in FreeBSD is simpler and less dynamic than some other init systems like systemd (used in many Linux distributions), but it is easy to understand, configure, and maintain. Here's an overview of the FreeBSD init system components and how they work: :* /sbin/init: This is the firs..." 400 wikitext text/x-wiki FreeBSD uses an init system called the "BSD-style init system" or "rc.d init system". It is a collection of shell scripts that are used to manage services and system startup. The init system in FreeBSD is simpler and less dynamic than some other init systems like systemd (used in many Linux distributions), but it is easy to understand, configure, and maintain. Here's an overview of the FreeBSD init system components and how they work: :* /sbin/init: This is the first process started by the kernel during system boot. The init process sets up the basic environment, mounts necessary filesystems, and starts the main startup script, /etc/rc. :* /etc/rc: This is the main startup script that manages the boot process. It initializes system variables, sets the system hostname, configures network interfaces, and starts various services. The script reads its configuration from /etc/rc.conf and /etc/rc.conf.local (if it exists). :* /etc/rc.conf: This is the main configuration file for the FreeBSD init system. It contains global settings and service-specific settings that determine which services will start at boot and their respective configurations. You can also create a /etc/rc.conf.local file for custom settings that won't be overridden by updates. :* /etc/rc.d: This directory contains system startup scripts (also known as init scripts) for various services and system components. Each script is responsible for starting, stopping, and managing a specific service. :* /usr/local/etc/rc.d: This directory contains startup scripts for third-party applications installed via the ports or packages system. The init system will execute these scripts in addition to the ones in /etc/rc.d. When FreeBSD boots, the init process starts the /etc/rc script, which in turn reads the configuration from /etc/rc.conf and /etc/rc.conf.local. The script then proceeds to run the startup scripts in /etc/rc.d and /usr/local/etc/rc.d in alphabetical order. Each script is responsible for starting a specific service based on the settings defined in the configuration files. To manage services in FreeBSD, you can use the service command followed by the service name and action: <code>service servicename action</code> For example, to start, stop, or restart the SSH service, you would use: <pre> service sshd start service sshd stop service sshd restart </pre> In summary, the FreeBSD init system is a straightforward collection of shell scripts that control system startup and services management. It relies on configuration files like /etc/rc.conf and startup script directories like /etc/rc.d and /usr/local/etc/rc.d to manage services and their settings. 4p06adq29f6qm4c160btpu34b6r3biw 0 108 401 2023-05-05T14:55:19Z AwesomO 5 Created page with "In FreeBSD, the Ports Collection is a comprehensive framework for installing and managing third-party applications. To install and update the Ports tree, follow these steps: ==Install the Ports tree== If you haven't installed the Ports tree during the FreeBSD installation, you can do it using the '''portsnap''' utility. First, fetch the latest snapshot of the Ports tree: <code>portsnap fetch</code> After fetching the snapshot, extract it to '''/usr/ports''': <code>p..." 401 wikitext text/x-wiki In FreeBSD, the Ports Collection is a comprehensive framework for installing and managing third-party applications. To install and update the Ports tree, follow these steps: ==Install the Ports tree== If you haven't installed the Ports tree during the FreeBSD installation, you can do it using the '''portsnap''' utility. First, fetch the latest snapshot of the Ports tree: <code>portsnap fetch</code> After fetching the snapshot, extract it to '''/usr/ports''': <code>portsnap extract</code> :* Note: can also be done on one line: <code>portsnap fetch extract</code> == Update the Ports tree== To update the Ports tree, first fetch the latest updates using '''portsnap''': <code>portsnap fetch</code> Then, apply the updates to your local Ports tree: <code>portsnap update</code> That's it! Now your Ports tree is up-to-date. ===(Optional) Automate Ports tree updates=== If you want to automate the process of updating the Ports tree, you can create a simple cron job. First, open the root user's crontab: <code>crontab -e</code> Add the following line to update the Ports tree daily at 3:30 AM: <code>30 3 * * * /usr/sbin/portsnap -I cron update</code> Save and exit the editor. The Ports tree will now be updated automatically every day at the specified time. Remember that updating the Ports tree only updates the available ports; it does not update the installed applications themselves. To update your installed applications, you need to use tools like '''portmaster''' or '''portupgrade'''. ==Example - walk through == ===Install '''sudo''' with insults enabled/configured=== Why sudo with insults enabled? Because life must be enjoyed! ====Navigate to the sudo port directory==== First, change your working directory to the sudo port directory in the ports tree: <code>cd /usr/ports/security/sudo</code> ====Enable the INSULTS option==== To enable the insults feature in sudo, you'll need to customize the port's options. Run the following command: <code>make config</code> This will open a text-based interface showing a list of options for the sudo port. Look for the "'''INSULTS'''" option, which should be unchecked by default. Use the arrow keys to highlight "'''INSULTS'''" and press the spacebar to enable it (an asterisk (*) will appear next to it). After that, press 'Enter' to save the configuration and exit. ====Build and install sudo==== Now that you've enabled the INSULTS option, you can build and install the sudo port by running: <code>make install clean</code> This command will compile '''sudo''' with the specified options and install it on your system. The process may take a few minutes, depending on your system's resources. ====Configure sudo==== After installing sudo, you need to configure it by editing the sudoers file. To do this safely, use the '''visudo''' command, which will open the sudoers file in your default text editor: Warning default $EDITOR will be '''vi''' Learn Basic '''vi''' first! <code>visudo</code> In the sudoers file, look for the line that defines user privilege specifications. It should look like this: <pre> root ALL=(ALL) ALL </pre> To grant your user account sudo privileges, add a new line with your username and the same format, replacing 'username' with your actual username: <code>username ALL=(ALL) ALL</code> Save the file and exit the text editor. ====Test sudo with insults==== To test your newly installed sudo with insults enabled, try running a command that requires root privileges. For example: <code>sudo ls /root</code> : If you enter an incorrect password, '''sudo''' should now respond with a random insult instead of the standard error message. Congratulations! You've successfully installed sudo with insults enabled from FreeBSD 13.2 ports. Enjoy the amusing responses whenever you mistype your password. ==Keep Port Install's Updated== lk6i3x5zmywdbj3clbgi8y58meyc55f 0 109 402 2023-05-05T14:56:05Z AwesomO 5 Created page with "==Adduser== ===Basic Example=== If you haven't already, open a terminal window. Run '''adduser''' as a superuser: To create a new user, you'll need to have '''root''' privileges. Use the '''sudo''' command run '''adduser''' as a superuser: <code>sudo adduser</code> This will start the interactive user creation process. ====Enter the new user's information==== Follow the prompts to enter information about the new user named 'noob'. The important fields to fill ou..." 402 wikitext text/x-wiki ==Adduser== ===Basic Example=== If you haven't already, open a terminal window. Run '''adduser''' as a superuser: To create a new user, you'll need to have '''root''' privileges. Use the '''sudo''' command run '''adduser''' as a superuser: <code>sudo adduser</code> This will start the interactive user creation process. ====Enter the new user's information==== Follow the prompts to enter information about the new user named 'noob'. The important fields to fill out are: :* '''Username''': noob :* '''Full name''': (You can enter any full name, e.g., Noob Newbie) :* '''Uid''': (Leave this blank for the system to assign one automatically) :* '''Login group''': noob :* '''Login group is''': noob :* '''Invite noob into other groups?''': (Press 'Enter' to accept the default "no") :* '''Login class''': (Press 'Enter' to accept the default "default") :* '''Shell''': (Press 'Enter' to accept the default "/bin/sh", or choose another shell like "/bin/csh" or "/bin/tcsh") :* '''Home directory''': (Press 'Enter' to accept the default "/home/noob") :* '''Home directory permissions''': (Press 'Enter' to accept the default "755") :* '''Use password-based authentication?''': (Press 'Enter' to accept the default "yes") :* '''Use an empty password?''': (Press 'Enter' to accept the default "no") :* '''Use a random password?''': (Press 'Enter' to accept the default "no") :* '''Enter password''': (Type a secure password for the 'noob' user and press 'Enter') :* '''Enter password again''': (Confirm the password by typing it again and pressing 'Enter') :* '''Lock out the account after creation?''': (Press 'Enter' to accept the default "no") ====Confirm the new user's information==== After entering all the required information, '''adduser''' will display a summary of the new user's settings. Review the information to ensure it is correct, then type '''yes''' and press '''Enter''' to confirm and create the new user. ====Verify the new user==== To verify that the new user '''noob''' was created successfully, you can check the contents of the '''/etc/passwd''' file by running: <code>grep noob /etc/passwd</code> This command should display a line containing the new user's information, such as: <pre> noob:*:1001:1001:Noob Newbie:/home/noob:/bin/sh </pre> Congratulations! You've successfully added a new user named '''noob''' to your FreeBSD system using the '''adduser''' command. The new user can now log in and start exploring the system. o0y302pa0scqibxnr09piwjjacs7s07 0 110 403 2023-05-05T14:56:46Z AwesomO 5 Created page with "A Guide to FreeBSD '''sysrc''' for Beginners ==Introduction== FreeBSD, a popular UNIX-like operating system, comes with a powerful tool known as '''sysrc''' for managing system configuration files. This guide will provide an in-depth explanation of what 'sysrc' is, its capabilities, and its usage with practical examples. By the end of this tutorial, even the newest FreeBSD users will understand the basics of 'sysrc' and how it can be beneficial in managing system confi..." 403 wikitext text/x-wiki A Guide to FreeBSD '''sysrc''' for Beginners ==Introduction== FreeBSD, a popular UNIX-like operating system, comes with a powerful tool known as '''sysrc''' for managing system configuration files. This guide will provide an in-depth explanation of what 'sysrc' is, its capabilities, and its usage with practical examples. By the end of this tutorial, even the newest FreeBSD users will understand the basics of 'sysrc' and how it can be beneficial in managing system configurations. : What is '''sysrc'''? '''sysrc''' is a FreeBSD utility that allows users to manage system configuration files without the need to edit them manually. It provides a safe and efficient way to make changes to key system settings by offering a simple command-line interface. The primary goal of 'sysrc' is to reduce human error and minimize the risk of breaking your system due to a misconfigured file. Why use '''sysrc'''? :* '''Safety''': 'sysrc' ensures that the configuration files remain in a valid state, preventing errors caused by manual file editing. :* '''Simplicity''': 'sysrc' offers a user-friendly interface for managing system settings, making it easy for beginners to use. :* '''Scriptability''': 'sysrc' can be used in scripts and automation, reducing the need for manual intervention. ==Getting Started with '''sysrc'''== Before diving into the usage of '''sysrc''', it is crucial to understand the basic structure of a FreeBSD configuration file. Configuration files typically contain variables and their respective values in the following format: <code>variable_name="value"</code> For example: <code>hostname="myfreebsd.local"</code> Using '''sysrc''' to manage these variables and their values is straightforward. The basic syntax of a '''sysrc''' command is: <code>sysrc variable_name=value</code> Examples of '''sysrc''' in action ===Setting a variable=== To set the hostname, use the following command: <code>sysrc hostname="myfreebsd.local"</code> This command will update the configuration file with the new hostname value. === Retrieving a variable value=== To query the current value of a variable, simply provide the variable name without a value: <code>sysrc hostname</code> This command will return the current value of the '''hostname''' variable, e.g., '''"myfreebsd.local"'''. === Deleting a variable=== To remove a variable from the configuration file, use the '''-d''' option: <code>sysrc -d variable_name</code> For example, to delete the '''hostname''' variable: <code>sysrc -d hostname</code> This command will remove the '''hostname''' variable and its associated value from the configuration file. === Listing all variables=== To display all variables and their values in the configuration file, use the '-a' option: <code>sysrc -a</code> This command will list all variables and their values in a readable format. === Working with multiple configuration files=== By default, '''sysrc''' operates on the '''/etc/rc.conf''' file. However, it can also work with other configuration files using the '''-f''' option: <code>sysrc -f /path/to/configuration_file variable_name=value</code> For example, to set the '''keymap''' variable in the '''/etc/rc.conf.local''' file: <code>sysrc -f /etc/rc.conf.local keymap="us"</code> ===Conclusion=== '''sysrc''' is a powerful tool for managing FreeBSD system configuration files safely and efficiently. Its user-friendly command-line interface and ability to prevent errors make it an excellent choice for both beginners and experienced FreeBSD users. By using 'sysrc', you can minimize the risks associated with manual file editing while improving the overall maintainability of your FreeBSD system. 3kutyhmzhkazjpeonjmaqsuhx7j4r02 0 111 404 2023-05-05T15:02:50Z AwesomO 5 Created page with " ==Use Case Setup== I have a LocalWiki installed on my home network that I frequently use to create drafts. However, I also want to be able to access it remotely when I'm out and about. To achieve this, I plan on using an SSH tunnel. While Ubuntu/Linux LXD-LXC containers do allow for the container to have both a public and private IP address, I've encountered some issues with accessing the Wiki. Specifically: :* I am unable to connect to the Public IP of the Wiki f..." 404 wikitext text/x-wiki ==Use Case Setup== I have a LocalWiki installed on my home network that I frequently use to create drafts. However, I also want to be able to access it remotely when I'm out and about. To achieve this, I plan on using an SSH tunnel. While Ubuntu/Linux LXD-LXC containers do allow for the container to have both a public and private IP address, I've encountered some issues with accessing the Wiki. Specifically: :* I am unable to connect to the Public IP of the Wiki from the server (i.e., the box hosting the container). I can only access the Wiki via its private IP. :* I am unable to connect to the Wiki from the private IP when using a different box than the one hosting the container.(unless i always use SSH Tunneling) :* If I use a container with both a public and private IP, I can only set up Mediawiki's LocalSettings.php file to forward to one of the IPs. After being away from FreeBSD for over 5 years, I've decided to switch back to it as I believe it will be a better fit for my needs. Can access the Wiki from the Public IP on Both the server(box) hosting and other devices connected to my network. ==Basic Install== ==Check updates for Base system== :* Check for updates: <code>freebsd-update fetch</code> :* '''freebsd-update fetch''' downloads the latest updates for the FreeBSD base system, including any security patches or bug fixes that have been released since the last update. :* If there are any update's install with: <code>freebsd-update install</code> :* '''freebsd-update install''' installs the downloaded updates onto the system, making any necessary changes to the operating system files to apply the updates. This command may also prompt the user for any necessary configuration changes or to restart any services that were affected by the update. It is important to regularly update the FreeBSD base system using these commands to ensure that the system is secure and stable, and to avoid any potential security vulnerabilities that could be exploited by attackers. ==Allowed root to login with ssh== This is not really recommended as its best to use a username and just switch to '''root''' user using '''sudo''' but i have not yet configured and installed sudo (want to build sudo with insults) and will be doing the rest of the setup headless from my laptop (After i setup the firewall, Do Not setup Firewall with remote connection unless your are next to the server - a mistake can lock you out of server). :* Permit Root SSH Login :** By default FreeBSD does not allow '''root''' to login using SSH :** We change this by editing the '''sshd_config''' file: <code>$EDITOR /etc/ssh/sshd_config</code> In the '''Authentication''' section of the file: <pre> # Authentication: #LoginGraceTime 2m #PermitRootLogin no #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 </pre> :* Change the line: :** '''#PermitRootLogin no''' :* To :** '''PermitRootLogin yes''' : Save and exit file :* Restart '''sshd''' for changes to take effect: :** <code>service sshd restart</code> Now we can login headless as '''root''' from another box ==Firewalls== '''Important Note:''' Do not setup your firewall remotely, as you can lock yourself out if it goes wrong: Do and Test when you have access to the server. : A firewall is a security mechanism that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between an internal network and external networks, such as the internet, and can prevent unauthorized access to a system or network. FreeBSD has several firewall options available. Here are the most commonly used ones: :* '''IPFW''' (IP Firewall) - This is the default firewall in FreeBSD. It is a packet-filtering firewall that is integrated into the kernel. IPFW provides a flexible and powerful set of rules to filter and control network traffic. :* '''PF''' (Packet Filter) - This is another packet-filtering firewall that can be used on FreeBSD. PF provides more advanced features than IPFW, such as packet normalization, traffic shaping, and stateful packet inspection. :* '''IPF''' (IP Filter) - IPF is a third-party packet-filtering firewall that can be installed on FreeBSD. It provides a similar feature set to IPFW, but with a different syntax and configuration file format. :* '''NPF''' (NetBSD Packet Filter) - NPF is a new packet-filtering firewall that was introduced in FreeBSD 11. It is based on the NetBSD Packet Filter and provides a modern, modular architecture that allows for more flexible configuration and performance optimization. ==Built-in Firewalls== FreeBSD comes with two built-in firewalls: IPFW and PF. '''IPFW''' (IP Firewall) is the default firewall in FreeBSD. It is a packet-filtering firewall that is integrated into the kernel. IPFW provides a flexible and powerful set of rules to filter and control network traffic. '''PF''' (Packet Filter) is also included in FreeBSD and can be used as an alternative to IPFW. PF provides more advanced features than IPFW, such as packet normalization, traffic shaping, and stateful packet inspection. Note that while both '''IPFW''' and '''PF''' come preinstalled in FreeBSD, they are not enabled by default. You will need to configure and enable the firewall of your choice manually, depending on your specific needs and requirements. Going to be using '''IPFW''' ===Note for Later (can delete)=== This is a clean install so IPFW should not be enabled, but still. To check if IPFW is already installed on FreeBSD, you can use the kldstat command to list the currently loaded kernel modules. Here's how: : Open a terminal window on your FreeBSD system. :* Type the following command and press Enter: <code>kldstat | grep ipfw</code> :* This command will search the list of loaded kernel modules for the string "ipfw". If IPFW is installed, you should see one or more lines of output that include the string "ipfw". :* If you don't see any output, IPFW is not currently loaded. Alternatively, you can check if the IPFW binary is installed on your system by looking for the presence of the ipfw command in your system's sbin directory. Type the following command and press Enter: <code>ls /sbin/ipfw</code> If the command is found, you should see the path to the ipfw binary as the output. If it is not found, IPFW is not installed. Note that on FreeBSD, IPFW is typically installed by default. If you don't have IPFW installed, you can install it using the pkg package manager(or ports). ==IPFW - Basic Firewall Rules and how to setup== :* Allow port 22 :* Block in - Allow out :* Allow a Jail (will setup later) pass firewall To configure IPFW on FreeBSD to block all incoming traffic, allow all outgoing traffic, and permit incoming traffic on port 22 for SSH, follow these steps: ===Enable IPFW=== :* To enable IPFW, edit the '''/etc/rc.conf''' file and add the following lines: <pre> firewall_enable="YES" firewall_type="open" </pre> <div class="toccolours mw-collapsible mw-collapsed"> What is the '''rc.conf''' file: <div class="mw-collapsible-content"> The '''rc.conf''' file is a system configuration file in FreeBSD that contains settings for various system services, options, and daemons. It is located in the /etc/ directory. The main purpose of '''rc.conf''' is to define how the system and its services should be configured during the boot process. The file contains a series of variable assignments in the form of key-value pairs, which are shell script syntax. FreeBSD uses a series of scripts and configuration files during the boot process. These files are located in '''/etc/rc.d/''' and '''/usr/local/etc/rc.d/'''. Each script in these directories represents a service, option, or daemon that can be enabled, disabled, or customized using the '''rc.conf''' file. When the system boots, the '''/etc/rc''' script is executed. This script is responsible for reading the settings from '''rc.conf''' and initializing system services accordingly. It first sources the '''/etc/defaults/rc.conf''' file, which contains default values for various settings. Then, it sources the '''/etc/rc.conf''' file, which can override or supplement the default settings. This allows system administrators to customize the behavior of the system without modifying the default settings directly. Here are some common settings found in '''rc.conf''': :* '''hostname''': Sets the system's hostname. :* '''ifconfig_<interface>''': Configures network interfaces (e.g., ifconfig_em0="inet 192.168.0.2 netmask 255.255.255.0"). :* '''defaultrouter''': Specifies the IP address of the default gateway. :* '''sshd_enable''': Enables or disables the OpenSSH server daemon (YES or NO). :* '''firewall_enable''': Enables or disables the IPFW firewall (YES or NO). :* '''firewall_type''': Defines the firewall type or points to a custom firewall script (e.g., open, closed, or /path/to/custom/script). By modifying the '''rc.conf''' file, you can enable or disable services, configure network settings, set up firewall rules, and customize the system to meet your specific needs. After making changes to '''rc.conf''', you will need to either reboot your system or restart the affected services for the changes to take effect. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>firewall_type="type"</code> <div class="mw-collapsible-content"> The firewall_type in the rc.conf file determines the predefined firewall configuration to be used by IPFW when it starts. There are several predefined firewall types available in FreeBSD, each with different levels of security and complexity. The most commonly used types are: :* '''open''': No restrictions, allows all incoming and outgoing traffic. :* '''closed''': Blocks all incoming traffic, allows outgoing traffic. :* '''client''': A more permissive configuration that allows outgoing traffic and specific incoming traffic needed for regular client operation (e.g., DHCP, DNS, ICMP). :* '''simple''': A basic configuration with some common rules to allow specific types of incoming traffic (e.g., SSH, HTTP, HTTPS, ICMP). :* '''workstation''': A more secure configuration suitable for a typical workstation, allowing only specific incoming traffic and enabling stateful packet filtering for better security. :* '''UNKNOWN''': A placeholder type that does not apply any rules, typically used as a starting point for creating custom firewall configurations. When you use firewall_type="workstation", FreeBSD will apply the predefined "workstation" firewall configuration. This configuration is designed for workstations and provides a balance between security and usability. It allows only specific incoming traffic and enables stateful packet filtering. If you prefer to use your custom firewall rules defined in the /etc/ipfw.rules file, you can set the firewall_type in the rc.conf file to UNKNOWN. This will tell IPFW not to use any predefined rules: <pre> firewall_enable="YES" firewall_type="UNKNOWN" firewall_script="/etc/ipfw.rules" </pre> Make sure the firewall_script directive points to your custom rules file. After making these changes, restart the IPFW service: <code>sudo service ipfw restart</code> Now, IPFW should use your custom rules in the /etc/ipfw.rules file when starting up. This should resolve any issues with the predefined firewall configurations conflicting with your custom rules. </div> </div> ===Create a custom ruleset=== : Create a new file called /etc/ipfw.rules. This file will contain the IPFW rules for your custom configuration. ====Edit the /etc/ipfw.rules file==== :* Add the following rules to your custom ruleset: <pre> #!/bin/sh # Flush existing rules ipfw -q flush # Allow loopback traffic ipfw -q add 00001 allow all from any to any via lo0 # Allow established connections ipfw -q add 01000 allow tcp from any to any established in # Allow incoming SSH traffic on port 22 ipfw -q add 00100 allow tcp from any to any 22 in setup keep-state # Allow all outgoing traffic ipfw -q add 00200 allow all from any to any out keep-state # Set default policies ipfw -q add 10000 allow all from any to any out ipfw -q add 20000 deny all from any to any in # Log everything else ipfw -q add 65000 deny log all from any to any </pre> <div class="toccolours mw-collapsible mw-collapsed"> Explain IPFW and the '''ipfw.rules''' file/content like i am five:: <div class="mw-collapsible-content"> '''IPFW''' is like a security guard for your computer that checks who is allowed to come in and go out. The security guard has a set of rules to follow, and the rules are numbered so that they can be followed in order. The numbers you see are the rule numbers. They help the security guard (IPFW) follow the rules in the right order. Smaller numbers come first, and bigger numbers come later. So, the rule with number 100 comes before the rule with number 200. Now, let's look at the options: :* '''add''': This tells the security guard to add a new rule. :* '''<number>''': This is the rule number, which decides the order of the rules. :* '''allow''' or '''deny''': These options tell the security guard if the traffic should be allowed or denied (not allowed). :* '''all''', '''tcp''', or '''udp''': These options tell the security guard what kind of messages to check. :* '''from any''' or '''from <IP address>''': This tells the security guard where the messages are coming from. :* '''to any''' or '''to <IP address>''': This tells the security guard where the messages are going to. :* '''in''' or '''out''': This tells the security guard if the messages are coming in (to your computer) or going out (from your computer). So, when you create a rule with a number and some options, the security guard (IPFW) follows the rules in the order of their numbers and checks the messages based on the options given. This way, your computer stays safe and only allows the messages you want! : Let's break down the contents of the ipfw.rules file. :* '''#!/bin/sh''': This line tells your computer that this file is a set of instructions, like a recipe, that it should follow using a specific language called "shell script." :* '''ipfw -q flush''': This line tells the security guard (IPFW) to forget all the old rules and start fresh. :* '''ipfw -q add 00001 allow all from any to any via lo0''': This is rule number 1. It tells the security guard to allow all messages within your computer to talk to itself using a special path called "loopback." :* '''ipfw -q add 01000 allow tcp from any to any established in''': This is rule number 1000. It tells the security guard to let messages come into your computer if they are part of an ongoing conversation. This way, your computer can talk to other computers without any problem. :* '''ipfw -q add 00100 allow tcp from any to any 22 in setup keep-state''': This is rule number 100. It tells the security guard to allow messages coming into your computer only if they are using a special door called "port 22" (used for SSH) and keeps track of the conversation so it can manage it better. :* '''ipfw -q add 10000 allow all from any to any out''': This is rule number 10000. It tells the security guard to let all messages go out of your computer. :* '''ipfw -q add 20000 deny all from any to any in''': This is rule number 20000. It tells the security guard to stop all messages from coming into your computer that don't follow the previous rules. :* '''ipfw -q add 00200 allow all from any to any out keep-state''': This is a new rule that tells the security guard to allow all messages from your computer to go out and talk to other computers. The security guard will also remember these outgoing messages so it can let replies come back in. :* '''ipfw -q add 65000 deny log all from any to any''': This is rule number 65000. It tells the security guard to stop any other messages that don't follow the previous rules and make a note of them. This helps you know if someone is trying to send messages to your computer that they shouldn't be. So, this '''ipfw.rules''' file is like a recipe for the security guard (IPFW) to follow. It helps protect your computer by allowing only the messages you want to come in and letting all messages go out. The '''-q''' flag in '''ipfw -q''' stands for '''"quiet."''' When you use this flag with the ipfw command, it tells the command to run quietly, meaning it won't display any output or messages while executing the rules. This is particularly useful when you're running a script that contains multiple '''ipfw''' commands. By using the '''-q''' flag, you avoid cluttering the terminal with unnecessary output, making it easier to read any important messages or errors that might appear. '''Loopback''' lo0 The "loopback" is a special network interface in a computer's networking system. Its main purpose is to let the computer send messages to itself without using any physical network connection. This is useful for testing and troubleshooting various networking applications and services. In the context of the ipfw.rules, "via lo0" refers to using the loopback network interface (lo0) as the pathway for messages. Now, let's dive a little deeper into the loopback concept and its uses: :* Testing network applications: The loopback interface allows developers to test network applications and services without needing a physical network connection. For example, if you're building a web server, you can use the loopback interface to access the server from the same computer without needing an actual network. :* Troubleshooting: The loopback interface can be used to diagnose network issues. By sending a message to the loopback address, you can check whether your network stack is working correctly. If the message is successfully received, it means your network software is functioning properly. :* Localhost: The loopback interface is often associated with the IP address 127.0.0.1, which is also known as "localhost." Localhost is a hostname that refers to the current device used to access it. When you use "localhost" or "127.0.0.1" as the address, you're essentially telling your computer to send a message to itself via the loopback interface. :* Network isolation: Sometimes, you might want to run network applications or services that don't need to be accessible to other devices on the network. By using the loopback interface, you can ensure that these services are only available to your local machine, keeping them isolated from other devices. For example, if you're running a database server on your computer for local development, you can bind it to the loopback address (127.0.0.1). This way, the database server will only accept connections from your computer, preventing other devices on the network from accessing it. "'''setup'''" and "'''setup keep-state'''" In IPFW rules, the 'setup' keyword is used to specify a particular type of TCP connection. It helps the IPFW firewall filter incoming TCP connections based on their state, and more specifically, it targets the initial stages of a TCP connection. TCP, or Transmission Control Protocol, is a connection-oriented protocol used for reliable communication between devices on a network. When two devices establish a TCP connection, they go through a process called the "TCP three-way handshake." This handshake involves three steps: :* SYN (Synchronize): The client sends a packet with the SYN flag set, indicating a request to establish a connection with the server. :* SYN-ACK (Synchronize-Acknowledge): The server acknowledges the SYN request by sending a packet with both SYN and ACK flags set. :* ACK (Acknowledge): The client sends a packet with the ACK flag set, acknowledging the server's SYN-ACK, and the connection is established. The 'setup' keyword in IPFW rules specifically targets the first step of the TCP three-way handshake (the SYN packet). When used in a rule like this: <code>ipfw -q add 00100 allow tcp from any to any 22 in setup keep-state</code> The 'setup' keyword tells the IPFW firewall to allow incoming TCP connections on port 22 (commonly used for SSH) only if the packet has the SYN flag set, meaning it's an attempt to establish a new connection. This helps the firewall filter out packets that don't initiate a proper TCP connection. Additionally, the 'keep-state' option in the rule tells IPFW to track the state of the allowed connections. This way, the firewall can automatically allow subsequent packets related to the same connection without needing to match them against the rules again. This is useful for efficiently managing and filtering traffic on a per-connection basis. </div> </div> ====Make the rules file executable==== :* Run the following command to make the '''/etc/ipfw.rules''' file executable: <code>chmod +x /etc/ipfw.rules</code> ====Modify /etc/rc.conf to use the custom ruleset==== :* Edit the /etc/rc.conf file again and change the firewall_type line to: <pre> firewall_script="/etc/ipfw.rules" </pre> <div class="toccolours mw-collapsible mw-collapsed"> If did not setup an IPv6 address when installing freebsd: <div class="mw-collapsible-content"> If you didn't set up IPv6 during the installation of FreeBSD and you want to ensure that IPFW doesn't initialize IPv6-related settings, you can disable IPv6 entirely by adding a few lines to your '''/etc/rc.conf''' file. To disable IPv6, follow these steps: : Open the /etc/rc.conf file using a text editor. For example, you can use vi, nano, or ee. <code>$EDITOR /etc/rc.conf</code> :* Add the following lines at the end of the file to disable IPv6: <code>ipv6_activate_all_interfaces="NO"</code> : Save the changes and exit the text editor. If you're using vi, press Esc, then type :wq and press Enter. : Reboot your system for the changes to take effect: <code>reboot</code> After these steps, IPv6 will be disabled on your FreeBSD system. Consequently, IPFW will no longer initialize IPv6-related settings, which should also prevent the "divert loadable" message from appearing. If you specifically want to disable IPFW for IPv6 only and leave IPv6 enabled, you can remove or comment out the lines related to IPv6 in the IPFW startup script, typically located in /etc/rc.d/ipfw. However, I recommend not modifying the startup script directly, as it might affect system stability or cause issues during updates. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> My '''/etc/rc.conf''' file <div class="mw-collapsible-content"> <pre> clear_tmp_enable="YES" hostname="nuc-bsd" keymap="uk.kbd" ifconfig_re0="DHCP" sshd_enable="YES" powerd_enable="YES" # Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable dumpdev="AUTO" zfs_enable="YES" #No IPv6 ipv6_activate_all_interfaces="NO" # Firewall setup firewall_enable="YES" firewall_script="/etc/ipfw.rules" </pre> </div> </div> ====Apply the new rules==== :* To apply the new rules, either restart your system or run the following command: <code>service ipfw restart</code> <div class="toccolours mw-collapsible mw-collapsed"> Small Error: <div class="mw-collapsible-content"> <code>service ipfw restart</code> Returns: <pre> sysctl: unknown oid 'net.inet.ip.fw.enable' sysctl: unknown oid 'net.inet6.ip6.fw.enable' Firewall rules loaded. </pre> The '''sysctl: unknown oid''' messages you see when restarting the IPFW service are warning messages indicating that the system cannot find the specified Object Identifiers (OIDs) in the sysctl configuration. Sysctl is a utility that allows you to configure kernel parameters at runtime, and OIDs are unique identifiers for kernel parameters. In this case, the warning messages indicate that the OIDs '''net.inet.ip.fw.enable''' and '''net.inet6.ip6.fw.enable''' are not recognized. These OIDs are used to enable or disable the IPFW firewall for IPv4 and IPv6, respectively. The reason you see these messages could be that the IPFW firewall is either not compiled into your kernel or is not loaded as a kernel module. In some cases, it might be a simple typo in the OID. However, since the '''Firewall rules loaded'''. message is displayed after the warning messages, it indicates that the IPFW service is still running and the rules are being applied despite the warnings. The warnings are not critical, and your IPFW configuration should work as expected. To suppress these warning messages, you can either: : Make sure that the IPFW firewall is compiled into your kernel or loaded as a kernel module. You can check if the IPFW kernel module is loaded by running '''kldstat | grep ipfw'''. If it's not loaded, you can load it with '''kldload ipfw'''. : Remove or comment out the lines related to the unknown OIDs in the IPFW startup script, typically located in '''/etc/rc.d/ipfw'''. However, I recommend not modifying the startup script directly, as it might affect system stability or cause issues during updates. </div> </div> Now, your FreeBSD system will block all incoming traffic except for SSH on port 22 and allow all outgoing traffic. ==Create User== To create an user account we use '''adduser''' <code>adduser</code> This will start the interactive user creation process. ===Enter the new user's information=== Follow the prompts to enter information about the new user named 'noob'. The important fields to fill out are: :* '''Username''': noob :* '''Full name''': (You can enter any full name, e.g., Noob Newbie) :* '''Uid''': (Leave this blank for the system to assign one automatically) :* '''Login group''': noob :* '''Login group is''': noob :* '''Invite noob into other groups?''': (Press 'Enter' to accept the default "no") :* '''Login class''': (Press 'Enter' to accept the default "default") :* '''Shell''': (Press 'Enter' to accept the default "/bin/sh", or choose another shell like "/bin/csh" or "/bin/tcsh") :* '''Home directory''': (Press 'Enter' to accept the default "/home/noob") :* '''Home directory permissions''': (Press 'Enter' to accept the default "755") :* '''Use password-based authentication?''': (Press 'Enter' to accept the default "yes") :* '''Use an empty password?''': (Press 'Enter' to accept the default "no") :* '''Use a random password?''': (Press 'Enter' to accept the default "no") :* '''Enter password''': (Type a secure password for the 'noob' user and press 'Enter') :* '''Enter password again''': (Confirm the password by typing it again and pressing 'Enter') :* '''Lock out the account after creation?''': (Press 'Enter' to accept the default "no") ===Confirm the new user's information=== After entering all the required information, '''adduser''' will display a summary of the new user's settings. Review the information to ensure it is correct, then type '''yes''' and press '''Enter''' to confirm and create the new user. ===Verify the new user=== To verify that the new user '''noob''' was created successfully, you can check the contents of the '''/etc/passwd''' file by running: <code>grep noob /etc/passwd</code> This command should display a line containing the new user's information, such as: <pre> noob:*:1001:1001:User &:/home/noob:/bin/sh </pre> Congratulations! You've successfully added a new user named '''noob''' to your FreeBSD system now lets install '''sudo''' and add are new user: ==Install '''sudo''' with '''insults'''== ===Ports=== If you haven't installed the Ports tree during the FreeBSD installation, you can do it using the '''portsnap''' utility. First, fetch the latest snapshot of the Ports tree: <code>portsnap fetch</code> After fetching the snapshot, extract it to '''/usr/ports''': <code>portsnap extract</code> :* Note: can also be done on one line: <code>portsnap fetch extract</code> If you did install the ports tree during installation, update ports: <code>portsnap fetch update</code> ===Install '''sudo''' with insults enabled/configured=== Why sudo with insults enabled? Because life must be enjoyed! ====Navigate to the sudo port directory==== First, change your working directory to the sudo port directory in the ports tree: <code>cd /usr/ports/security/sudo</code> ====Enable the INSULTS option==== To enable the insults feature in sudo, you'll need to customize the port's options. Run the following command: <code>make config</code> This will open a text-based interface showing a list of options for the sudo port. Look for the "'''INSULTS'''" option, which should be unchecked by default. Use the arrow keys to highlight "'''INSULTS'''" and press the spacebar to enable it (an asterisk (*) will appear next to it). After that, press 'Enter' to save the configuration and exit. ====Build and install sudo==== Now that you've enabled the INSULTS option, you can build and install the sudo port by running: <code>make install clean</code> This command will compile '''sudo''' with the specified options and install it on your system. The process may take a few minutes, depending on your system's resources. ====Configure sudo==== After installing sudo, you need to configure it by editing the sudoers file. To do this safely, use the '''visudo''' command, which will open the sudoers file in your default text editor: Warning default $EDITOR will be '''vi''' Learn Basic '''vi''' first! <code>visudo</code> In the sudoers file, look for the line that defines user privilege specifications. It should look like this: <pre> root ALL=(ALL) ALL </pre> To grant your user account sudo privileges, '''add a new line''' with your username and the same format, replacing 'username' with your actual username: :* '''Syntax''': <code>username ALL=(ALL) ALL</code> <code>noob ALL=(ALL) ALL</code> Save the file and exit the text editor. ====Test sudo with insults==== To test your newly installed sudo with insults enabled, login as your new user and try running a command that requires root privileges. For example: * change to new user <code>su - noob</code> * use sudo as new user <code>sudo ls /root</code> : If you enter an incorrect password, '''sudo''' should now respond with a random insult instead of the standard error message. Congratulations! You've successfully installed sudo with insults enabled from FreeBSD 13.2 ports. Enjoy the amusing responses whenever you mistype your password. ==Creating a Jail for a local mediawiki== ===Create a directory for the jail=== In this example my ZFS Pool is called '''nuc''' and my '''jails directory''' will be in a directory called '''pods''' which will contain my '''jails''' each in a separate sub directory like so '''/pods/{jail1,jail2,jail3}''' * Create a dataset for pods <code>sudo zfs create nuc/pods</code> * You can check with <code>zfs list</code> to see your new dataset. ====Set the mountpoint for the pods dataset==== <code>sudo zfs set mountpoint=/pods nuc/pods</code> ====Create a Template Jail Which you can clone==== In this section, we will create an OpenZFS dataset called '''FreeBSD_13.2_Template''' to extract a '''base.txz''' Which we will '''snapshot''' , and then '''clone''' the template to create a new jail. =====Create the 'FreeBSD_13.2_Template' dataset===== <code>sudo zfs create your_pool_name/path/FreeBSD_13.2_Template</code> Replace your_pool_name with the name of your ZFS pool. * Example: <code>sudo zfs create nuc/pods/FreeBSD_13.2_Template</code> =====Set the mountpoint for the template dataset===== <code>sudo zfs set mountpoint=/pods/FreeBSD_13.2_Template nuc/pods/FreeBSD_13.2_Template</code> =====Download the '''base.txz''' package for FreeBSD 13.2-RELEASE===== <code>fetch https://download.freebsd.org/ftp/releases/amd64/13.2-RELEASE/base.txz -o /tmp/base.txz</code> =====Extract the base.txz package to the 'FreeBSD_13.2_Template' dataset===== <code>sudo tar -C /pods/FreeBSD_13.2_Template -xf /tmp/base.txz</code> =====Create a snapshot of the template dataset===== <code>sudo zfs snapshot nuc/pods/FreeBSD_13.2_Template@base_snapshot</code> =====Clone the template dataset to create a new jail dataset===== <code>sudo zfs clone nuc/pods/FreeBSD_13.2_Template@base_snapshot nuc/pods/mediawiki</code> =====Set the mountpoint for the jail dataset===== <code>sudo zfs set mountpoint=/pods/mediawiki nuc/pods/mediawiki</code> You now have a template dataset and a jail dataset based on that template. ===Configure the jail=== Create a configuration file for your jail. The following example assumes you're using the jail utility provided by FreeBSD: Edit '''/etc/jail.conf''' and add the following jail configuration: * If '''/etc/jail.conf''' does not exist, create it with <code>touch /etc/jail.conf</code> <code>$EDITOR /etc/jail.conf</code> <pre> localwiki { host.hostname = "local.wiki"; ip4.addr = "re0|192.168.0.33"; path = "/pods/mediawiki"; exec.start = "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; exec.clean; mount.devfs; allow.sysvipc; allow.raw_sockets; } </pre> :* Replace :** '''localwiki''' to what you would like your jail called :** '''host.hostname = "<the_host_name_for_jail>";''' :** '''ip4.addr = <ip_address_for_jail_to_use>;''' :*** '''"re0|192.168.0.33"''' where 're0' is my '''Network Interface Card (NIC)'''. :**** You can find your '''Network Interface Card (NIC)''' by running the command <code>ifconfig</code>. :**** '''192.168.0.33''' is the IP address I want to assign to the jail within the 192.168.0.0/24 subnet of my network. :** '''path = "</path/to/jail>";''' :*** The path where the jail resides (e.g., "/pods/mediawiki"). :* NOTES: :** '''allow.sysvipc''': Allows System V IPC primitives to be used within the jail. This might be necessary for some PHP extensions or applications that rely on shared memory. :** '''allow.raw_sockets''': Allows raw sockets to be used within the jail. This might be required for certain PHP functions or extensions that use raw socket communication. ===Allow jail pass firewall === To allow traffic to pass through IPFW for a FreeBSD jail with the IP address 192.168.0.33, you will need to modify the IPFW rules to allow incoming and outgoing traffic for this specific IP address. ====Open the /etc/ipfw.rules file for editing==== In this example my jails IP is '''192.168.0.33''' :* Add the following rules to allow incoming and outgoing traffic for the jail's IP address (192.168.0.33): <pre> # Allow incoming traffic for jail's IP (192.168.0.33) ipfw -q add 00200 allow all from any to 192.168.0.33 in # Allow outgoing traffic for jail's IP (192.168.0.33) ipfw -q add 00210 allow all from 192.168.0.33 to any out </pre> To correctly insert the rules for allowing traffic to and from the jail's IP (192.168.0.33) in your existing IPFW rules, you should place them between the '''"Allow established connections"''' rule and the '''"Set default policies"''' rules. This ensures that the jail's traffic is allowed before the default deny policy for incoming traffic is applied. Here's the updated IPFW rules: <pre> #!/bin/sh # Flush existing rules ipfw -q flush # Allow loopback traffic ipfw -q add 00001 allow all from any to any via lo0 # Allow established connections ipfw -q add 01000 allow tcp from any to any established in # Allow incoming SSH traffic on port 22 ipfw -q add 00100 allow tcp from any to any 22 in setup keep-state # Allow all outgoing traffic ipfw -q add 00200 allow all from any to any out keep-state # Allow incoming traffic for jail's IP (192.168.0.33) ipfw -q add 00200 allow all from any to 192.168.0.33 in # Allow outgoing traffic for jail's IP (192.168.0.33) ipfw -q add 00210 allow all from 192.168.0.33 to any out # Set default policies ipfw -q add 10000 allow all from any to any out ipfw -q add 20000 deny all from any to any in # Log everything else ipfw -q add 65000 deny log all from any to any </pre> This configuration allows incoming and outgoing traffic for the jail's IP (192.168.0.33) while maintaining the existing rules for other connections, such as allowing SSH traffic on port 22 and denying all other incoming traffic. ====Apply the new rules==== To apply the new rules, either restart your system or run the following command: <code>service ipfw restart</code> Now, your IPFW configuration will allow traffic to pass to and from the FreeBSD jail with the IP address 192.168.0.33. ===Copy over your '''/etc/resolv.conf''' to jail=== It is generally a good idea to copy the '''/etc/resolv.conf''' file from the host system to the jail's '''/etc/resolv.conf''' before starting the jail. This ensures that the jail has the same DNS resolver configuration as the host, allowing it to resolve domain names correctly. '''/etc/resolv.conf''' is a configuration file used by the DNS resolver library on Unix-based systems, including FreeBSD. It contains information about the DNS nameservers and search domains to use when resolving domain names. To copy the '''resolv.conf''' file from the host system to the jail, you can use the cp command: <code>cp /etc/resolv.conf /pods/mediawiki/etc/resolv.conf</code> Make sure to execute this command before starting the jail to ensure proper DNS resolution within the jail environment. ===Start the jail=== Start the jail using the '''jail''' utility: <code>jail -c localwiki</code> Replace '''localwiki''' with the name you chose in the jail configuration. ===Access the jail=== Enter the jail's environment with the '''jexec''' command: <code>jexec localwiki /bin/sh</code> * Replace '''localwiki''' with your jail name You'll now be inside your jail, and you can manage it like any other FreeBSD system. <div class="toccolours mw-collapsible mw-collapsed"> Notes: How to Exit - Stop - Restart - Delete: The Jail <div class="mw-collapsible-content"> :* '''EXIT''': To exit the jail enter '''exit''' press '''ENTER''' :* '''STOP JAIL''' <code>sudo jail -r your_jail_name</code> :* '''START JAIL''' <code>sudo jail -c your_jail_name</code> :* To '''RESTART''' the jail you turn it off and on again :) :** or one line <code>sudo jail -r your_jail_name && sudo jail -c your_jail_name</code> :* '''REMOVE JAIL''' :** EXIT and STOP jail :** you can now remove the jail directory and its contents: <code>rm -rf /path/to/jail</code> * '''[[FreeBSD_13.2_Jails#Destroy/Delete_Dataset/jail|If using OpenZFS destroy dataset]]''' Don't forget to remove the corresponding jail configuration from /etc/jail.conf. </div> </div> ===Create Local Mediawiki Jail=== [[FreeBSD_13.2_Jail_Local_Mediawiki_Nginx_MySQL|How to Install a Local mediawiki in a jail with Nginx and MySQL]] ==Creating a jail to download and store mediawiki backups== * Remote Server running '''Ubuntu 22.04''' hosting mediawiki to create a wiki dump * Home jail to login to server and pull down backups for local storage ===Creating jail using ZFS Clone=== [[FreeBSD_13.2_Jails|View the FreeBSD jails Page to setup a basic jail]] <code>sudo zfs clone nuc/pods/FreeBSD_13.2_Template@base_snapshot nuc/pods/wiki_backup</code> <code>sudo zfs set mountpoint=/pods/wiki_backup nuc/pods/wiki_backup</code> ===Append jail.conf=== <code>/etc/jail.conf</code> <pre> wikibk { host.hostname = "backup.wiki"; ip4.addr = "re0|192.168.0.34"; path = "/pods/wiki_backup"; exec.start = "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; exec.clean; mount.devfs; } </pre> ===Start jail and login=== <code>jail -c wikibk</code> <code>jexec wikibk /bin/sh</code> ===Scripts to dump a backup of the wiki=== * This script is for running on a Ubuntu 22.04 server running mediawiki * Will store back at '''/var/wikibk''' by default <syntaxhighlight lang="bash" line> #!/bin/bash # Define paths and filenames mediawiki_root_dir="/var/www/html/noobs" local_settings_path="/var/www/html/noobs/LocalSettings.php" database_backup_filename="Noobs_db.sql.gz" root_dir_backup_filename="mediawiki-rootDir.tgz" backup_path="/var/wikibk" # Define your default backup path here # Get the current timestamp timestamp=$(date +"%Y-%m-%d_%H-%M-%S") combined_backup_filename="mediawiki-transfer-${timestamp}.tgz" # Get database details from LocalSettings.php db_host=$(grep -oP "\$wgDBserver\s*=\s*'\K[^']*" "$local_settings_path") db_name=$(grep -oP "\$wgDBname\s*=\s*'\K[^']*" "$local_settings_path") db_user=$(grep -oP "\$wgDBuser\s*=\s*'\K[^']*" "$local_settings_path") db_pass=$(grep -oP "\$wgDBpassword\s*=\s*'\K[^']*" "$local_settings_path") # Set the wiki to read-only sed -i "/^\$wgDBpassword/ a \$wgReadOnly = 'Dumping Database, Access will be restored shortly';" "$local_settings_path" # Run mysqldump command using the extracted details mysqldump -h "$db_host" --default-character-set=binary --no-tablespaces -u "$db_user" --password="$db_pass" "$db_name" | gzip > /root/"$database_backup_filename" # Remove read-only mode sed -i "/^\$wgReadOnly = 'Dumping Database, Access will be restored shortly';/d" "$local_settings_path" # Back up MediaWiki root directory tar cvzhf /root/"$root_dir_backup_filename" "$mediawiki_root_dir" # Combine backup files into a single file for easy transport cd /root/ tar cvzhf "$backup_path/$combined_backup_filename" "$root_dir_backup_filename" "$database_backup_filename" </syntaxhighlight> * This Script will run in the jail to pull and save the backups ** Will require an sshkey for server you are pulling from <syntaxhighlight lang="bash" line> #!/usr/local/bin/bash # Set variables local_backup_dir="/root/wiki-backups" remote_user="root" remote_host="completenoobs.com" remote_backup_dir="/var/wikibk" private_key_path="/root/key" # Create the local backup directory if it doesn't exist mkdir -p "$local_backup_dir" # Create temporary files local_tmp_file="/tmp/FILE1.txt" remote_tmp_file="/tmp/FILE2.txt" # List files in the local and remote backup directories to temporary files find "$local_backup_dir" -mindepth 1 -maxdepth 1 -type f -exec basename {} \; | sort > "$local_tmp_file" ssh -i "$private_key_path" "$remote_user@$remote_host" "find $remote_backup_dir -mindepth 1 -maxdepth 1 -type f -exec basename {} \; | sort" > "$remote_tmp_file" # Compare the temporary files and download missing files using scp while read -r remote_file; do if ! grep -q -F "$remote_file" "$local_tmp_file"; then scp -i "$private_key_path" -r "$remote_user@$remote_host:$remote_backup_dir/$remote_file" "$local_backup_dir/" fi done < "$remote_tmp_file" # Remove temporary files rm "$local_tmp_file" rm "$remote_tmp_file" </syntaxhighlight> ===Cron to run script to check for new dumps twice a day=== <code>crontab -e</code> *Append: <code>0 */12 * * * /bin/sh /root/wikibk.sh</code> * Make sure the /root/wikibk.sh script is executable by running: <code>chmod +x /root/wikibk.sh</code> ===FireWall=== Note: Are firewall rules already allow for connections to go out, we do not need anything from outside are jail connecting to are back up jail. so no need to mod the firewall rules. ==Jail for SSH Tunnel To Remote Access Local Wiki== This guide provides a brief introduction on how to set up a secure SSH tunnel to access and edit your local wiki, hosted on a home network using a FreeBSD-based system running on a NUC. The local wiki is hosted within a FreeBSD jail with the IP address 192.168.0.33. To securely access this wiki when you're outside your home network, we'll create another jail that will act as an intermediary for SSH tunneling. By following this guide, you'll be able to create a new jail for tunneling and configure it to allow you to view and edit your local wiki remotely. To achieve this, we will take the following steps: :* Set up a new jail using ZFS Clone. :* Configure the new jail's jail.conf file. :* Start the new jail and log in. :* Create a user for login purposes. :* Set up the user's SSH authorized_keys file. :* Restrict the SSH key for tunneling only. :* Configure the SSH server on the new jail. :* Set up port forwarding on your router. :* Append firewall rules to allow connection to the new jail. :* Access your local wiki through the SSH tunnel. By following these steps, you can securely access your local wiki from outside your network using an SSH tunnel, allowing you to view and edit your wiki content while you're on the go. ===Creating jail using ZFS Clone=== [[FreeBSD_13.2_Jails|View the FreeBSD jails Page to setup a basic jail]] <code>sudo zfs clone nuc/pods/FreeBSD_13.2_Template@base_snapshot nuc/pods/remote_view</code> <code>sudo zfs set mountpoint=/pods/remote_view nuc/pods/remote_view</code> ===Append jail.conf=== <code>/etc/jail.conf</code> <pre> remotewiki { host.hostname = "remote.wiki"; ip4.addr = "re0|192.168.0.35"; path = "/pods/remote_view"; exec.start = "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; exec.clean; mount.devfs; } </pre> ===Start jail and login=== <code>jail -c remotewiki</code> <code>jexec remotewiki /bin/sh</code> ===Create user with for login=== <code>adduser</code> * note: tried with nologin shell and could not get to work - need a real shell (like sh) <pre> Username: remote Full name: Uid (Leave empty for default): Login group [remote]: Login group is remote. Invite remote into other groups? []: Login class [default]: Shell (sh csh tcsh nologin) [sh]: Home directory [/home/remote]: Home directory permissions (Leave empty for default): Use password-based authentication? [yes]: Use an empty password? (yes/no) [no]: Use a random password? (yes/no) [no]: Enter password: Enter password again: Lock out the account after creation? [no]: Username : remote Password : ***** Full Name : Uid : 1001 Class : Groups : remote Home : /home/remote Home Mode : Shell : /bin/sh Locked : no OK? (yes/no): yes adduser: INFO: Successfully added (remote2) to the user database. Add another user? (yes/no): no Goodbye! </pre> ====Setup user ssh '''authorized_keys''' ==== As the user 'remote' is using the '''nologin''' shell <code>su - remote</code> will not work, so with 'root' * create a '''.ssh''' directory <code>mkdir /usr/home/remote/.ssh</code> * copy over the '''authorized_keys''' file * and now change/check permissions for both directory and authorized_keys <code>chmod 700 /usr/home/remote/.ssh</code> <code>chmod 600 /usr/home/remote/.ssh/authorized_keys</code> <code>chown -R remote:remote /usr/home/remote/.ssh</code> ====Set up your restricted '''authorized_keys''' file in the '''remotewiki''' jail==== * Add your public key to the '''~/.ssh/authorized_keys''' file in the '''remotewiki''' jail for the user you'll be using to connect. * To restrict the SSH key to tunneling only, add the following options at the beginning of the line containing your public key in the authorized_keys file: <code>no-agent-forwarding,no-X11-forwarding,no-pty,permitopen="192.168.0.33:80"</code> <div class="toccolours mw-collapsible mw-collapsed"> Example: '''authorized_keys file''' <div class="mw-collapsible-content"> <pre> no-agent-forwarding,no-X11-forwarding,no-pty,permitopen="192.168.0.33:80" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQ<LONG SSH PUB KEY> </pre> </div> </div> This will prevent any other SSH features except for tunneling to the specified port. ===Configure the SSH server on the 'remotewiki' jail=== * Ensure that the SSH server is running and enabled on the '''remotewiki''' jail. You can check if it's running using the command service sshd status. If it's not running, you can start it with service sshd start and enable it at boot using sysrc sshd_enable="YES". <code>sysrc sshd_enable="YES"</code> * Start '''sshd''' to create a host key file: <code>service sshd start</code> : Configure the SSH server to only allow key-based authentication by editing the '''/etc/ssh/sshd_config''' file. Look for the following lines, and make sure they are set as shown below (uncomment them if necessary): * Can append to bottom of file: <pre> PasswordAuthentication no ChallengeResponseAuthentication no PubkeyAuthentication yes AllowTcpForwarding yes </pre> * After making changes to the '''sshd_config''' file, restart the SSH server using the command: <code>service sshd restart</code> ===Set up port forwarding on your router=== :*Access your router's administration panel, usually by typing your router's IP address into a web browser. : Look for the port forwarding settings, often called "Port Forwarding" or "Virtual Servers". : Create a new port forwarding rule that forwards an external port (e.g., 2222) to the IP address of your '''remotewiki''' jail (192.168.0.35) on port 22 (the default SSH port). This way, when you connect to your external IP address on port 2222, it will forward the connection to the '''remotewiki''' jail on port 22. ====Virgin Router Example==== * You should find your default router admin password at bottom of router. ** Visit <code>192.168.0.1</code> and login with password ( will be prompted to change passwd) ** If you have done this a while ago and forgot the password - you can reset router to return to default password. Go To: '''Advanced settings''' > '''Security''' > '''Port forwarding''' and click '''Create a new rule''' You should see these option boxes: * Local IP: 192.168.0.[ ] ** Local IP: The IP address of the 'remotewiki' jail you want to forward the ports to. In this case, it is 192.168.0.35. * Local start port: [ ] ** Local start port: The starting port number of the range on your 'remotewiki' jail. Since you want to forward the SSH port, this should be 22. * Local end port: [ ] ** Local end port: The ending port number of the range on your 'remotewiki' jail. Since you want to forward the SSH port, this should also be 22. * External start port: [ ] ** External start port: The starting port number of the range you want to uscurrently in use. For example, you can use 2222.e for the external connection. You can choose any available port number not * External end port: [ ] ** External end port: The ending port number of the range you want to use for the external connection. In this case, it should also be 2222 (the same as the external start port). * Protocol: [Please choose] * Enabled: [Please choose] My configs in these case: * Local IP: 192.168.0.[35] * Local start port: [22] * Local end port: [22] * External start port: [2222] * External end port: [2222] * Protocol: [TCP] * Enabled: [On] And click '''Add rule''' now we should have port forwarding to are jail we can access from outside of network. ===Append Firewall rules to allow connection to Tunnel Jail=== * These rules are to be done (appended) on host/server and not in jail! * Firewall rules before allow access to 192.168.0.35 <pre> cat /etc/ipfw.rules #!/bin/sh # Flush existing rules ipfw -q flush # Allow loopback traffic ipfw -q add 00001 allow all from any to any via lo0 # Allow established connections ipfw -q add 01000 allow tcp from any to any established in # Allow incoming SSH traffic on port 22 ipfw -q add 00100 allow tcp from any to any 22 in setup keep-state # Allow all outgoing traffic ipfw -q add 00200 allow all from any to any out keep-state # Allow incoming traffic for jail's IP (192.168.0.33) ipfw -q add 00200 allow all from any to 192.168.0.33 in # Allow outgoing traffic for jail's IP (192.168.0.33) ipfw -q add 00210 allow all from 192.168.0.33 to any out # Set default policies ipfw -q add 10000 allow all from any to any out ipfw -q add 20000 deny all from any to any in # Log everything else ipfw -q add 65000 deny log all from any to any </pre> * after allowing jail 192.168.0.35 to be connected to <pre> #!/bin/sh # Flush existing rules ipfw -q flush # Allow loopback traffic ipfw -q add 00001 allow all from any to any via lo0 # Allow established connections ipfw -q add 01000 allow tcp from any to any established in # Allow incoming SSH traffic on port 22 ipfw -q add 00100 allow tcp from any to any 22 in setup keep-state # Allow all outgoing traffic ipfw -q add 00200 allow all from any to any out keep-state # Allow incoming traffic for jail's IP (192.168.0.33) ipfw -q add 00200 allow all from any to 192.168.0.33 in # Allow outgoing traffic for jail's IP (192.168.0.33) ipfw -q add 00210 allow all from 192.168.0.33 to any out # Allow incoming SSH traffic on port 22 for 'remotewiki' jail's IP (192.168.0.35) ipfw -q add 00220 allow tcp from any to 192.168.0.35 22 in setup keep-state # Allow outgoing traffic for 'remotewiki' jail's IP (192.168.0.35) ipfw -q add 00230 allow all from 192.168.0.35 to any out # Set default policies ipfw -q add 10000 allow all from any to any out ipfw -q add 20000 deny all from any to any in # Log everything else ipfw -q add 65000 deny log all from any to any </pre> :* Allow incoming SSH traffic on port 22 for 'remotewiki' jail's IP (192.168.0.35): <code>ipfw -q add 00220 allow tcp from any to 192.168.0.35 22 in setup keep-state</code> :* Allow outgoing traffic for 'remotewiki' jail's IP (192.168.0.35): <code>ipfw -q add 00230 allow all from 192.168.0.35 to any out</code> * After making these changes to '''/etc/ipfw.rules''', you can apply the new rules by running the script: <code>sh /etc/ipfw.rules</code> Now, incoming connections to the 'remotewiki' jail (192.168.0.35) will be allowed only on port 22. ===Access your 'mediawiki' jail through the SSH tunnel=== * Connect to the '''remotewiki''' jail from outside your network using an SSH tunnel : On your local machine, create an SSH tunnel using the following command: <code>ssh -i /path/to/your/private_key -L 8080:192.168.0.33:80 -p 2222 user@your_external_ip</code> * to find your public IP addess - when on home network in terminal run: ** <code>curl ifconfig.me</code> * Not as tidy as '''curl''' but if on FreeBSD you can use '''fetch''' ** <code>fetch -o - http://ifconfig.me</code> ** the '''-o''' - option is used to output the result to stdout <code>ssh -i .ssh/remotewiki -L 8080:192.168.0.33:80 -p 2222 remote@<ip_address></code> Replace '''/path/to/your/private_key''' with the path to your private SSH key, user with the username you're using to connect, and '''your_external_ip''' with your external IP address. This command will create a tunnel from your local machine's port 8080 to the '''mediawiki''' jail's IP (192.168.0.33) on port 80. : Open a web browser on your local machine and navigate to '''http://localhost:8080'''. You should now be able to access your '''Local Mediawiki''' remotely. ===Make '''.ssh/config''' entry for easy login=== <code>$EDITOR ~/.ssh/config</code> * Append <pre> Host remote HostName your_external_ip User remote Port 2222 IdentityFile /path/to/your/private_key LocalForward 8080 192.168.0.33:80 </pre> : Should now be able to login with <code>ssh remote</code> 0ng2c8bk8v8lnj15smxk1qb7ksbffgc 0 112 405 2023-05-05T19:03:04Z AwesomO 5 Created page with "==Hosting a Local Wiki in a FreeBSD Jail== [[FreeBSD_13.2_Jails|View the FreeBSD 13.2 Jails page to setup a jail in freebsd]] This tut will will assume you have: * Jail setup at path '''/pods/mediawiki''' * Allowed Jail IP through Firewall * copied over your '''resolv.conf''' to jail ===jail.conf=== Create a configuration file for your jail. The following example assumes you're using the jail utility provided by FreeBSD: Edit '''/etc/jail.conf''' and add the followi..." 405 wikitext text/x-wiki ==Hosting a Local Wiki in a FreeBSD Jail== [[FreeBSD_13.2_Jails|View the FreeBSD 13.2 Jails page to setup a jail in freebsd]] This tut will will assume you have: * Jail setup at path '''/pods/mediawiki''' * Allowed Jail IP through Firewall * copied over your '''resolv.conf''' to jail ===jail.conf=== Create a configuration file for your jail. The following example assumes you're using the jail utility provided by FreeBSD: Edit '''/etc/jail.conf''' and add the following jail configuration: : If '''/etc/jail.conf''' does not exist, create it with <code>touch /etc/jail.conf</code> <code>$EDITOR /etc/jail.conf</code> <pre> localwiki { host.hostname = "local.wiki"; ip4.addr = "re0|192.168.0.33"; path = "/pods/mediawiki"; exec.start = "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; exec.clean; mount.devfs; } </pre> :* Replace :** '''localwiki''' to what you would like your jail called :** '''host.hostname = "<the_host_name_for_jail>";''' :** '''ip4.addr = <ip_address_for_jail_to_use>;''' :*** '''"re0|192.168.0.33"''' where 're0' is my '''Network Interface Card (NIC)'''. :*** You can find your '''Network Interface Card (NIC)''' by running the command <code>ifconfig</code>. :*** '''192.168.0.33''' is the IP address I want to assign to the jail within the 192.168.0.0/24 subnet of my network. :** '''path = "</path/to/jail>";''' :*** The path where the jail resides (e.g., "/pods/mediawiki"). :* NOTES (this was not needed): :** '''allow.sysvipc''': Allows System V IPC primitives to be used within the jail. This might be necessary for some PHP extensions or applications that rely on shared memory. :** '''allow.raw_sockets''': Allows raw sockets to be used within the jail. This might be required for certain PHP functions or extensions that use raw socket communication. ===Login to jail and Install required '''packages'''=== * Start jail '''localwiki''' and login <code>sudo jail -c localwiki</code> <code>sudo jexec localwiki /bin/sh</code> * Initialize pkg <code>pkg update</code> * Install packages <code>pkg install nginx mediawiki139-php82-1.39.3 py39-pygments mysql80-server unzip</code> <div class="toccolours mw-collapsible mw-collapsed"> Check for the latest packages required (info here): <div class="mw-collapsible-content"> The package names might have changed due to newer versions being available. You can search for the latest package names using the pkg search command. :* mysql80-server :** <code>pkg search mysql | grep server</code> :** mysql80-server is still the highest version number :* py38-pygments :** <code>pkg search pygments</code> :** A higher version is available: py39-pygments :* Mediawiki :** <code>pkg search mediawiki</code> Installing mediawiki from pkg will also install the php extensions required for mediawiki to work <pre> pkg install mediawiki139-php82-1.39.3 Updating FreeBSD repository catalogue... FreeBSD repository is up to date. All repositories are up to date. Updating database digests format: 100% The following 49 package(s) will be affected (of 0 checked): New packages to be INSTALLED: ca_root_nss: 3.89 curl: 8.0.1 cyrus-sasl: 2.1.28 groff: 1.22.4_4 hidapi: 0.13.1 icu: 72.1,1 indexinfo: 0.3.1 libargon2: 20190702 libcbor: 0.10.2 libcjson: 1.7.15_1 libedit: 3.1.20221030,1 libevent: 2.1.12 libfido2: 1.13.0 libiconv: 1.17 libidn2: 2.3.4 liblz4: 1.9.4,1 libnghttp2: 1.52.0 libpaper: 1.1.28 libpsl: 0.21.2_2 libssh2: 1.10.0_1,3 libunistring: 1.1 libunwind: 20211201_1 libxml2: 2.10.4 mediawiki139-php82: 1.39.3 mysql80-client: 8.0.32 oniguruma: 6.9.8_1 openldap26-client: 2.6.4 pcre2: 10.42 perl5: 5.32.1_3 php82: 8.2.4 php82-ctype: 8.2.4 php82-dom: 8.2.4 php82-fileinfo: 8.2.4 php82-filter: 8.2.4 php82-iconv: 8.2.4 php82-intl: 8.2.4 php82-mbstring: 8.2.4 php82-mysqli: 8.2.4 php82-readline: 8.2.4 php82-session: 8.2.4 php82-sockets: 8.2.4 php82-xml: 8.2.4 php82-xmlreader: 8.2.4 php82-zlib: 8.2.4 protobuf: 3.21.12,1 psutils: 1.17_5 readline: 8.2.0 uchardet: 0.0.8 zstd: 1.5.4 Number of packages to be installed: 49 The process will require 582 MiB more space. 88 MiB to be downloaded. </pre> </div> </div> ==Start Nginx on FreeBSD and configure it to point to MediaWik== * Mediawiki when installed with '''pkg''' will install in path '''/usr/local/www/mediawiki''' To start Nginx on FreeBSD and configure it to point to MediaWiki installed in '''/usr/local/www/mediawiki''', follow these steps: ===Enable Nginx by adding the following line to the '''/etc/rc.conf''' file=== <code>sysrc nginx_enable="YES"</code> === Start Nginx using the service command=== <code>service nginx start</code> * can now test by visiting your jails IP on a web browser - should see 'Welcome to nginx' page ** Note: use '''http''' and not '''https''' ===Enable and Start '''php-fpm'''=== <code>sysrc php_fpm_enable="YES"</code> <code>service php-fpm start</code> Make sure the PHP-FPM pool is using the Unix socket '''/var/run/php-fpm.sock'''. Open the PHP-FPM configuration file: <code>$EDITOR /usr/local/etc/php-fpm.d/www.conf</code> Look for the listen directive in the configuration file. If it's set to an IP address and port (e.g., '''listen = 127.0.0.1:9000'''), change it to use the Unix socket '''/var/run/php-fpm.sock''': <pre>listen = /var/run/php-fpm.sock </pre> : In the same configuration file, ensure that the listen.owner, listen.group, and listen.mode directives are set as follows: <pre> listen.owner = www listen.group = www listen.mode = 0660 </pre> These settings ensure that Nginx can access the PHP-FPM Unix socket. : Save the configuration file and exit the editor. : Restart PHP-FPM to apply the changes: <code>service php-fpm restart</code> : Check if the '''/var/run/php-fpm.sock''' file is now present: <code>ls -l /var/run/php-fpm.sock</code> === Create a new Nginx server block configuration file for your MediaWiki site. === * '''/usr/local/etc/nginx/nginx.conf''' is already backed up in '''/usr/local/etc/nginx/nginx.conf-dist''' <code>$EDITOR /usr/local/etc/nginx/nginx.conf</code> : Add the following server block configuration to the file: <pre> worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; server { listen 80; server_name localhost; root /usr/local/www/mediawiki; index index.php; location / { try_files $uri $uri/ @mediawiki; } location @mediawiki { rewrite ^/([^?]*)(?:\?(.*))? /index.php?title=$1&$2 last; } location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } } </pre> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>/usr/local/etc/nginx/nginx.conf</code> Content: <div class="mw-collapsible-content"> the key components of the file: : '''worker_processes 1;''': This directive sets the number of worker processes, which handle incoming connections and process requests. In this case, it's set to 1, meaning only one worker process will handle requests. : '''events { worker_connections 1024; }''': This block configures the event-driven processing model. The worker_connections directive sets the maximum number of simultaneous connections that each worker process can handle. In this case, it's set to 1024. :* The '''http block''' contains the main configuration settings for HTTP(S) servers. Within this block: : '''include mime.types;''': Includes the MIME types configuration file, which maps file extensions to their respective MIME types. : '''default_type application/octet-stream;''': Sets the default MIME type for files that don't match any of the defined MIME types. : '''sendfile on;''': Enables the use of the sendfile() system call for more efficient file transfers. : '''keepalive_timeout 65;''': Sets the timeout for keep-alive connections, which allows multiple requests to be sent over a single connection. :* The '''server block''' defines the configuration for a specific virtual server. Within this block: : '''listen 80;''': Specifies that the server listens on port 80 (the default HTTP port) for incoming connections. : '''server_name localhost;''': Sets the server name to "localhost" for this configuration. : '''root /usr/local/www/mediawiki;''': Sets the root directory for the Mediawiki website. : '''index index.php;''': Sets the default index file for directory requests. :* The '''location blocks''' configure how Nginx handles different types of requests: : The first location block attempts to serve the requested URI as a file or a directory. If that fails, it falls back to the @mediawiki named location. : The @mediawiki location block rewrites the request URI to pass it to Mediawiki's index.php script with the appropriate query parameters. : The location ~ \.php$ block processes PHP files by passing them to the FastCGI server (PHP-FPM) using a Unix domain socket (unix:/var/run/php-fpm.sock). The fastcgi_param and include fastcgi_params; directives configure FastCGI settings. </div> </div> : Test the Nginx configuration: <code>nginx -t</code> : If the configuration test is successful, reload Nginx to apply the changes: <code>service nginx reload</code> Now you should be able to access your MediaWiki installation by visiting your domain name or IP address in your browser. '''But Wait''' there's more, need to setup the MySQL database. ==Setting up MySQL== Set up the MySQL server and create a database for MediaWiki on FreeBSD: ===Initialize the MySQL server=== <code>/usr/local/libexec/mysqld --initialize --user=mysql --datadir=/var/db/mysql </code> Explanation of the command and its options: :* '''/usr/local/libexec/mysqld''': The full path to the MySQL server binary on FreeBSD. :* '''--initialize''': This option initializes the data directory and creates the system tables required for the MySQL server to function properly. :* '''--user=mysql''': Specifies the system user that the MySQL server will run as. On FreeBSD, the default user for the MySQL server is '''mysql'''. This option ensures that the created files and directories have the proper ownership. :* '''--datadir=/var/db/mysql''': Specifies the data directory for the MySQL server. The data directory is where the server stores its databases, tables, and related files. On FreeBSD, the default location for the MySQL data directory is '''/var/db/mysql'''. Output should be something like this: <pre> # /usr/local/libexec/mysqld --initialize --user=mysql --datadir=/var/db/mysql 2023-05-01T18:17:53.389205Z 0 [System] [MY-013169] [Server] /usr/local/libexec/mysqld (mysqld 8.0.32) initializing of server in progress as process 2170 mysqld: Error on delete of '/var/db/mysql/auto.cnf' (OS errno 2 - No such file or directory) 2023-05-01T18:17:53.458035Z 0 [Warning] [MY-010107] [Server] World-writable config file '/var/db/mysql/auto.cnf' has been removed. 2023-05-01T18:17:53.471999Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started. 2023-05-01T18:17:54.808131Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended. 2023-05-01T18:17:58.661498Z 6 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: q17mjt8qnl:I </pre> This will create the necessary system tables and set up the initial MySQL data directory structure. The output will also display a temporary password for the '''root user''', which you will need to use when running '''mysql_secure_installation'''. Make sure to note this temporary password, as you will be prompted to change it during the '''mysql_secure_installation''' process. Enable the MySQL server to start automatically when the jail boots by appending the following line to the jail's '''rc.conf''' file. Make sure to use >> to append the configuration without overwriting the existing content: <code>sysrc mysql_enable="YES"</code> ===Start the MySQL server=== <code>service mysql-server start</code> Secure the MySQL installation by running the security script. You'll be prompted to set the root password and answer a series of questions to secure the installation: <code>mysql_secure_installation</code> Log in to the MySQL server using the root user and the password you set during the security script: <code>mysql -u root -p</code> Once logged in, create a new user and database for MediaWiki: <code>CREATE USER 'username'@'localhost' IDENTIFIED BY 'passwd';</code> <code>CREATE DATABASE my_wiki_db;</code> <code>GRANT ALL ON my_wiki_db.* TO 'username'@'localhost';</code> <code>FLUSH PRIVILEGES;</code> <code>quit;</code> Replace '''username''', '''passwd''', and '''my_wiki_db''' with the desired username, password, and database name. Now you should have a working MySQL server and a database ready for your MediaWiki installation. Proceed with configuring MediaWiki to use this database. ==Configure Mediawiki== Visit the IP address of your jail in a web browser using '''http''' and NOT '''https''' (we have not setup and ssl certs) You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.39.3 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:'''localhost'''<br \> Database name:'''my_wiki_db'''<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:'''username'''<br \> Database password:'''passwd'''<br \> Replace: '''my_wiki_db''', '''username''' and '''passwd''' with your '''Database Name''', '''Database Username''' and '''Database Password''' you setup in the MySQL stage. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the mediawiki jail. In my case the '''jail''' is running on a headless nuc '''home server''' and i have the file on a ubuntu '''laptop''' so: :1. Send '''LocalSettings.php''' to '''home server''' <code>scp Downloads/LocalSetting.php <user>@<home_server_IP>:/usr/home/<user>/</code> :2. Send to mediawiki directory in '''jail''' <code>cp LocalSettings.php /pods/mediawiki/usr/local/www/mediawiki/</code> * Do Not Refresh the Web Page or you will Redownload '''LocalSettings.php''' * Revisit your jails IP in web browser and you should see your wiki up and running. ===Add Extensions to Mediawiki=== ====Youtube==== https://www.mediawiki.org/wiki/Extension:YouTube <code>wget https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /var/www/html/mediawiki/extensions/</code> * FreeBSD <code>fetch https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /usr/local/www/mediawiki/extensions/</code> * Append to '''LocalSettings.php''' <code>wfLoadExtension( 'YouTube' );</code> * On wiki page ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> <youtube>wB4gvSgYmfY</youtube> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> <youtube width="800" height="400">wB4gvSgYmfY</youtube> ===Syntax highlighting=== We have already Installed <b>pygments</b><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> ==Importing a mediawiki xml dump to your localwiki== <code>fetch https://xml.completenoobs.com/xmlDumps/01_05_23.Noobs/01_05_23.Noobs.xml</code> <code>php /usr/local/www/mediawiki/maintenance/importDump.php --conf /usr/local/www/mediawiki/LocalSettings.php 01_05_23.Noobs.xml</code> <code>php /usr/local/www/mediawiki/maintenance/rebuildrecentchanges.php && php /usr/local/www/mediawiki/maintenance/initSiteStats.php && php /usr/local/www/mediawiki/maintenance/rebuildall.php</code> ==Visit Jails IP Address on web browser== A Basic local wiki should be run and running qemkjkd00ysu1glrz2goecij51rn4r5 407 405 2023-05-10T11:07:54Z Noob 1 /* Create a new Nginx server block configuration file for your MediaWiki site. */ 407 wikitext text/x-wiki ==Hosting a Local Wiki in a FreeBSD Jail== [[FreeBSD_13.2_Jails|View the FreeBSD 13.2 Jails page to setup a jail in freebsd]] This tut will will assume you have: * Jail setup at path '''/pods/mediawiki''' * Allowed Jail IP through Firewall * copied over your '''resolv.conf''' to jail ===jail.conf=== Create a configuration file for your jail. The following example assumes you're using the jail utility provided by FreeBSD: Edit '''/etc/jail.conf''' and add the following jail configuration: : If '''/etc/jail.conf''' does not exist, create it with <code>touch /etc/jail.conf</code> <code>$EDITOR /etc/jail.conf</code> <pre> localwiki { host.hostname = "local.wiki"; ip4.addr = "re0|192.168.0.33"; path = "/pods/mediawiki"; exec.start = "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; exec.clean; mount.devfs; } </pre> :* Replace :** '''localwiki''' to what you would like your jail called :** '''host.hostname = "<the_host_name_for_jail>";''' :** '''ip4.addr = <ip_address_for_jail_to_use>;''' :*** '''"re0|192.168.0.33"''' where 're0' is my '''Network Interface Card (NIC)'''. :*** You can find your '''Network Interface Card (NIC)''' by running the command <code>ifconfig</code>. :*** '''192.168.0.33''' is the IP address I want to assign to the jail within the 192.168.0.0/24 subnet of my network. :** '''path = "</path/to/jail>";''' :*** The path where the jail resides (e.g., "/pods/mediawiki"). :* NOTES (this was not needed): :** '''allow.sysvipc''': Allows System V IPC primitives to be used within the jail. This might be necessary for some PHP extensions or applications that rely on shared memory. :** '''allow.raw_sockets''': Allows raw sockets to be used within the jail. This might be required for certain PHP functions or extensions that use raw socket communication. ===Login to jail and Install required '''packages'''=== * Start jail '''localwiki''' and login <code>sudo jail -c localwiki</code> <code>sudo jexec localwiki /bin/sh</code> * Initialize pkg <code>pkg update</code> * Install packages <code>pkg install nginx mediawiki139-php82-1.39.3 py39-pygments mysql80-server unzip</code> <div class="toccolours mw-collapsible mw-collapsed"> Check for the latest packages required (info here): <div class="mw-collapsible-content"> The package names might have changed due to newer versions being available. You can search for the latest package names using the pkg search command. :* mysql80-server :** <code>pkg search mysql | grep server</code> :** mysql80-server is still the highest version number :* py38-pygments :** <code>pkg search pygments</code> :** A higher version is available: py39-pygments :* Mediawiki :** <code>pkg search mediawiki</code> Installing mediawiki from pkg will also install the php extensions required for mediawiki to work <pre> pkg install mediawiki139-php82-1.39.3 Updating FreeBSD repository catalogue... FreeBSD repository is up to date. All repositories are up to date. Updating database digests format: 100% The following 49 package(s) will be affected (of 0 checked): New packages to be INSTALLED: ca_root_nss: 3.89 curl: 8.0.1 cyrus-sasl: 2.1.28 groff: 1.22.4_4 hidapi: 0.13.1 icu: 72.1,1 indexinfo: 0.3.1 libargon2: 20190702 libcbor: 0.10.2 libcjson: 1.7.15_1 libedit: 3.1.20221030,1 libevent: 2.1.12 libfido2: 1.13.0 libiconv: 1.17 libidn2: 2.3.4 liblz4: 1.9.4,1 libnghttp2: 1.52.0 libpaper: 1.1.28 libpsl: 0.21.2_2 libssh2: 1.10.0_1,3 libunistring: 1.1 libunwind: 20211201_1 libxml2: 2.10.4 mediawiki139-php82: 1.39.3 mysql80-client: 8.0.32 oniguruma: 6.9.8_1 openldap26-client: 2.6.4 pcre2: 10.42 perl5: 5.32.1_3 php82: 8.2.4 php82-ctype: 8.2.4 php82-dom: 8.2.4 php82-fileinfo: 8.2.4 php82-filter: 8.2.4 php82-iconv: 8.2.4 php82-intl: 8.2.4 php82-mbstring: 8.2.4 php82-mysqli: 8.2.4 php82-readline: 8.2.4 php82-session: 8.2.4 php82-sockets: 8.2.4 php82-xml: 8.2.4 php82-xmlreader: 8.2.4 php82-zlib: 8.2.4 protobuf: 3.21.12,1 psutils: 1.17_5 readline: 8.2.0 uchardet: 0.0.8 zstd: 1.5.4 Number of packages to be installed: 49 The process will require 582 MiB more space. 88 MiB to be downloaded. </pre> </div> </div> ==Start Nginx on FreeBSD and configure it to point to MediaWik== * Mediawiki when installed with '''pkg''' will install in path '''/usr/local/www/mediawiki''' To start Nginx on FreeBSD and configure it to point to MediaWiki installed in '''/usr/local/www/mediawiki''', follow these steps: ===Enable Nginx by adding the following line to the '''/etc/rc.conf''' file=== <code>sysrc nginx_enable="YES"</code> === Start Nginx using the service command=== <code>service nginx start</code> * can now test by visiting your jails IP on a web browser - should see 'Welcome to nginx' page ** Note: use '''http''' and not '''https''' ===Enable and Start '''php-fpm'''=== <code>sysrc php_fpm_enable="YES"</code> <code>service php-fpm start</code> Make sure the PHP-FPM pool is using the Unix socket '''/var/run/php-fpm.sock'''. Open the PHP-FPM configuration file: <code>$EDITOR /usr/local/etc/php-fpm.d/www.conf</code> Look for the listen directive in the configuration file. If it's set to an IP address and port (e.g., '''listen = 127.0.0.1:9000'''), change it to use the Unix socket '''/var/run/php-fpm.sock''': <pre>listen = /var/run/php-fpm.sock </pre> : In the same configuration file, ensure that the listen.owner, listen.group, and listen.mode directives are set as follows: <pre> listen.owner = www listen.group = www listen.mode = 0660 </pre> These settings ensure that Nginx can access the PHP-FPM Unix socket. : Save the configuration file and exit the editor. : Restart PHP-FPM to apply the changes: <code>service php-fpm restart</code> : Check if the '''/var/run/php-fpm.sock''' file is now present: <code>ls -l /var/run/php-fpm.sock</code> === Create a new Nginx server block configuration file for your MediaWiki site. === * '''/usr/local/etc/nginx/nginx.conf''' is already backed up in '''/usr/local/etc/nginx/nginx.conf-dist''' <code>$EDITOR /usr/local/etc/nginx/nginx.conf</code> : Add the following server block configuration to the file: <pre> user www www; worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; server { listen 80; server_name localhost; root /usr/local/www/mediawiki; index index.php; location / { try_files $uri $uri/ @mediawiki; } location @mediawiki { rewrite ^/([^?]*)(?:\?(.*))? /index.php?title=$1&$2 last; } location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } } </pre> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>/usr/local/etc/nginx/nginx.conf</code> Content: <div class="mw-collapsible-content"> the key components of the file: : '''user www www;''': specifies the user and group that the Nginx worker processes will run as. In this case, both the user and group are set to www. : '''worker_processes 1;''': This directive sets the number of worker processes, which handle incoming connections and process requests. In this case, it's set to 1, meaning only one worker process will handle requests. : '''events { worker_connections 1024; }''': This block configures the event-driven processing model. The worker_connections directive sets the maximum number of simultaneous connections that each worker process can handle. In this case, it's set to 1024. :* The '''http block''' contains the main configuration settings for HTTP(S) servers. Within this block: : '''include mime.types;''': Includes the MIME types configuration file, which maps file extensions to their respective MIME types. : '''default_type application/octet-stream;''': Sets the default MIME type for files that don't match any of the defined MIME types. : '''sendfile on;''': Enables the use of the sendfile() system call for more efficient file transfers. : '''keepalive_timeout 65;''': Sets the timeout for keep-alive connections, which allows multiple requests to be sent over a single connection. :* The '''server block''' defines the configuration for a specific virtual server. Within this block: : '''listen 80;''': Specifies that the server listens on port 80 (the default HTTP port) for incoming connections. : '''server_name localhost;''': Sets the server name to "localhost" for this configuration. : '''root /usr/local/www/mediawiki;''': Sets the root directory for the Mediawiki website. : '''index index.php;''': Sets the default index file for directory requests. :* The '''location blocks''' configure how Nginx handles different types of requests: : The first location block attempts to serve the requested URI as a file or a directory. If that fails, it falls back to the @mediawiki named location. : The @mediawiki location block rewrites the request URI to pass it to Mediawiki's index.php script with the appropriate query parameters. : The location ~ \.php$ block processes PHP files by passing them to the FastCGI server (PHP-FPM) using a Unix domain socket (unix:/var/run/php-fpm.sock). The fastcgi_param and include fastcgi_params; directives configure FastCGI settings. </div> </div> : Test the Nginx configuration: <code>nginx -t</code> : If the configuration test is successful, reload Nginx to apply the changes: <code>service nginx reload</code> Now you should be able to access your MediaWiki installation by visiting your domain name or IP address in your browser. '''But Wait''' there's more, need to setup the MySQL database. ==Setting up MySQL== Set up the MySQL server and create a database for MediaWiki on FreeBSD: ===Initialize the MySQL server=== <code>/usr/local/libexec/mysqld --initialize --user=mysql --datadir=/var/db/mysql </code> Explanation of the command and its options: :* '''/usr/local/libexec/mysqld''': The full path to the MySQL server binary on FreeBSD. :* '''--initialize''': This option initializes the data directory and creates the system tables required for the MySQL server to function properly. :* '''--user=mysql''': Specifies the system user that the MySQL server will run as. On FreeBSD, the default user for the MySQL server is '''mysql'''. This option ensures that the created files and directories have the proper ownership. :* '''--datadir=/var/db/mysql''': Specifies the data directory for the MySQL server. The data directory is where the server stores its databases, tables, and related files. On FreeBSD, the default location for the MySQL data directory is '''/var/db/mysql'''. Output should be something like this: <pre> # /usr/local/libexec/mysqld --initialize --user=mysql --datadir=/var/db/mysql 2023-05-01T18:17:53.389205Z 0 [System] [MY-013169] [Server] /usr/local/libexec/mysqld (mysqld 8.0.32) initializing of server in progress as process 2170 mysqld: Error on delete of '/var/db/mysql/auto.cnf' (OS errno 2 - No such file or directory) 2023-05-01T18:17:53.458035Z 0 [Warning] [MY-010107] [Server] World-writable config file '/var/db/mysql/auto.cnf' has been removed. 2023-05-01T18:17:53.471999Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started. 2023-05-01T18:17:54.808131Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended. 2023-05-01T18:17:58.661498Z 6 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: q17mjt8qnl:I </pre> This will create the necessary system tables and set up the initial MySQL data directory structure. The output will also display a temporary password for the '''root user''', which you will need to use when running '''mysql_secure_installation'''. Make sure to note this temporary password, as you will be prompted to change it during the '''mysql_secure_installation''' process. Enable the MySQL server to start automatically when the jail boots by appending the following line to the jail's '''rc.conf''' file. Make sure to use >> to append the configuration without overwriting the existing content: <code>sysrc mysql_enable="YES"</code> ===Start the MySQL server=== <code>service mysql-server start</code> Secure the MySQL installation by running the security script. You'll be prompted to set the root password and answer a series of questions to secure the installation: <code>mysql_secure_installation</code> Log in to the MySQL server using the root user and the password you set during the security script: <code>mysql -u root -p</code> Once logged in, create a new user and database for MediaWiki: <code>CREATE USER 'username'@'localhost' IDENTIFIED BY 'passwd';</code> <code>CREATE DATABASE my_wiki_db;</code> <code>GRANT ALL ON my_wiki_db.* TO 'username'@'localhost';</code> <code>FLUSH PRIVILEGES;</code> <code>quit;</code> Replace '''username''', '''passwd''', and '''my_wiki_db''' with the desired username, password, and database name. Now you should have a working MySQL server and a database ready for your MediaWiki installation. Proceed with configuring MediaWiki to use this database. ==Configure Mediawiki== Visit the IP address of your jail in a web browser using '''http''' and NOT '''https''' (we have not setup and ssl certs) You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.39.3 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:'''localhost'''<br \> Database name:'''my_wiki_db'''<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:'''username'''<br \> Database password:'''passwd'''<br \> Replace: '''my_wiki_db''', '''username''' and '''passwd''' with your '''Database Name''', '''Database Username''' and '''Database Password''' you setup in the MySQL stage. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the mediawiki jail. In my case the '''jail''' is running on a headless nuc '''home server''' and i have the file on a ubuntu '''laptop''' so: :1. Send '''LocalSettings.php''' to '''home server''' <code>scp Downloads/LocalSetting.php <user>@<home_server_IP>:/usr/home/<user>/</code> :2. Send to mediawiki directory in '''jail''' <code>cp LocalSettings.php /pods/mediawiki/usr/local/www/mediawiki/</code> * Do Not Refresh the Web Page or you will Redownload '''LocalSettings.php''' * Revisit your jails IP in web browser and you should see your wiki up and running. ===Add Extensions to Mediawiki=== ====Youtube==== https://www.mediawiki.org/wiki/Extension:YouTube <code>wget https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /var/www/html/mediawiki/extensions/</code> * FreeBSD <code>fetch https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /usr/local/www/mediawiki/extensions/</code> * Append to '''LocalSettings.php''' <code>wfLoadExtension( 'YouTube' );</code> * On wiki page ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> <youtube>wB4gvSgYmfY</youtube> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> <youtube width="800" height="400">wB4gvSgYmfY</youtube> ===Syntax highlighting=== We have already Installed <b>pygments</b><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> ==Importing a mediawiki xml dump to your localwiki== <code>fetch https://xml.completenoobs.com/xmlDumps/01_05_23.Noobs/01_05_23.Noobs.xml</code> <code>php /usr/local/www/mediawiki/maintenance/importDump.php --conf /usr/local/www/mediawiki/LocalSettings.php 01_05_23.Noobs.xml</code> <code>php /usr/local/www/mediawiki/maintenance/rebuildrecentchanges.php && php /usr/local/www/mediawiki/maintenance/initSiteStats.php && php /usr/local/www/mediawiki/maintenance/rebuildall.php</code> ==Visit Jails IP Address on web browser== A Basic local wiki should be run and running 87dfuujktwozyp6ov4h5ylqn5qisuul 408 407 2023-05-10T11:10:39Z Noob 1 /* Enable and Start php-fpm */ 408 wikitext text/x-wiki ==Hosting a Local Wiki in a FreeBSD Jail== [[FreeBSD_13.2_Jails|View the FreeBSD 13.2 Jails page to setup a jail in freebsd]] This tut will will assume you have: * Jail setup at path '''/pods/mediawiki''' * Allowed Jail IP through Firewall * copied over your '''resolv.conf''' to jail ===jail.conf=== Create a configuration file for your jail. The following example assumes you're using the jail utility provided by FreeBSD: Edit '''/etc/jail.conf''' and add the following jail configuration: : If '''/etc/jail.conf''' does not exist, create it with <code>touch /etc/jail.conf</code> <code>$EDITOR /etc/jail.conf</code> <pre> localwiki { host.hostname = "local.wiki"; ip4.addr = "re0|192.168.0.33"; path = "/pods/mediawiki"; exec.start = "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; exec.clean; mount.devfs; } </pre> :* Replace :** '''localwiki''' to what you would like your jail called :** '''host.hostname = "<the_host_name_for_jail>";''' :** '''ip4.addr = <ip_address_for_jail_to_use>;''' :*** '''"re0|192.168.0.33"''' where 're0' is my '''Network Interface Card (NIC)'''. :*** You can find your '''Network Interface Card (NIC)''' by running the command <code>ifconfig</code>. :*** '''192.168.0.33''' is the IP address I want to assign to the jail within the 192.168.0.0/24 subnet of my network. :** '''path = "</path/to/jail>";''' :*** The path where the jail resides (e.g., "/pods/mediawiki"). :* NOTES (this was not needed): :** '''allow.sysvipc''': Allows System V IPC primitives to be used within the jail. This might be necessary for some PHP extensions or applications that rely on shared memory. :** '''allow.raw_sockets''': Allows raw sockets to be used within the jail. This might be required for certain PHP functions or extensions that use raw socket communication. ===Login to jail and Install required '''packages'''=== * Start jail '''localwiki''' and login <code>sudo jail -c localwiki</code> <code>sudo jexec localwiki /bin/sh</code> * Initialize pkg <code>pkg update</code> * Install packages <code>pkg install nginx mediawiki139-php82-1.39.3 py39-pygments mysql80-server unzip</code> <div class="toccolours mw-collapsible mw-collapsed"> Check for the latest packages required (info here): <div class="mw-collapsible-content"> The package names might have changed due to newer versions being available. You can search for the latest package names using the pkg search command. :* mysql80-server :** <code>pkg search mysql | grep server</code> :** mysql80-server is still the highest version number :* py38-pygments :** <code>pkg search pygments</code> :** A higher version is available: py39-pygments :* Mediawiki :** <code>pkg search mediawiki</code> Installing mediawiki from pkg will also install the php extensions required for mediawiki to work <pre> pkg install mediawiki139-php82-1.39.3 Updating FreeBSD repository catalogue... FreeBSD repository is up to date. All repositories are up to date. Updating database digests format: 100% The following 49 package(s) will be affected (of 0 checked): New packages to be INSTALLED: ca_root_nss: 3.89 curl: 8.0.1 cyrus-sasl: 2.1.28 groff: 1.22.4_4 hidapi: 0.13.1 icu: 72.1,1 indexinfo: 0.3.1 libargon2: 20190702 libcbor: 0.10.2 libcjson: 1.7.15_1 libedit: 3.1.20221030,1 libevent: 2.1.12 libfido2: 1.13.0 libiconv: 1.17 libidn2: 2.3.4 liblz4: 1.9.4,1 libnghttp2: 1.52.0 libpaper: 1.1.28 libpsl: 0.21.2_2 libssh2: 1.10.0_1,3 libunistring: 1.1 libunwind: 20211201_1 libxml2: 2.10.4 mediawiki139-php82: 1.39.3 mysql80-client: 8.0.32 oniguruma: 6.9.8_1 openldap26-client: 2.6.4 pcre2: 10.42 perl5: 5.32.1_3 php82: 8.2.4 php82-ctype: 8.2.4 php82-dom: 8.2.4 php82-fileinfo: 8.2.4 php82-filter: 8.2.4 php82-iconv: 8.2.4 php82-intl: 8.2.4 php82-mbstring: 8.2.4 php82-mysqli: 8.2.4 php82-readline: 8.2.4 php82-session: 8.2.4 php82-sockets: 8.2.4 php82-xml: 8.2.4 php82-xmlreader: 8.2.4 php82-zlib: 8.2.4 protobuf: 3.21.12,1 psutils: 1.17_5 readline: 8.2.0 uchardet: 0.0.8 zstd: 1.5.4 Number of packages to be installed: 49 The process will require 582 MiB more space. 88 MiB to be downloaded. </pre> </div> </div> ==Start Nginx on FreeBSD and configure it to point to MediaWik== * Mediawiki when installed with '''pkg''' will install in path '''/usr/local/www/mediawiki''' To start Nginx on FreeBSD and configure it to point to MediaWiki installed in '''/usr/local/www/mediawiki''', follow these steps: ===Enable Nginx by adding the following line to the '''/etc/rc.conf''' file=== <code>sysrc nginx_enable="YES"</code> === Start Nginx using the service command=== <code>service nginx start</code> * can now test by visiting your jails IP on a web browser - should see 'Welcome to nginx' page ** Note: use '''http''' and not '''https''' ===Enable and Start '''php-fpm'''=== <code>sysrc php_fpm_enable="YES"</code> <code>service php-fpm start</code> Make sure the PHP-FPM pool is using the Unix socket '''/var/run/php-fpm.sock'''. Open the PHP-FPM configuration file: <code>$EDITOR /usr/local/etc/php-fpm.d/www.conf</code> Look for the listen directive in the configuration file. If it's set to an IP address and port (e.g., '''listen = 127.0.0.1:9000'''), change it to use the Unix socket '''/var/run/php-fpm.sock''': <pre>listen = /var/run/php-fpm.sock </pre> : In the same configuration file, ensure that the listen.owner, listen.group, and listen.mode directives are set as follows: * If you see these lines already in '''/usr/local/etc/php-fpm.d/www.conf''' make sure to remove the ''';''' comment from the start of the line. <pre> listen.owner = www listen.group = www listen.mode = 0660 </pre> These settings ensure that Nginx can access the PHP-FPM Unix socket. : Save the configuration file and exit the editor. : Restart PHP-FPM to apply the changes: <code>service php-fpm restart</code> : Check if the '''/var/run/php-fpm.sock''' file is now present: <code>ls -l /var/run/php-fpm.sock</code> === Create a new Nginx server block configuration file for your MediaWiki site. === * '''/usr/local/etc/nginx/nginx.conf''' is already backed up in '''/usr/local/etc/nginx/nginx.conf-dist''' <code>$EDITOR /usr/local/etc/nginx/nginx.conf</code> : Add the following server block configuration to the file: <pre> user www www; worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; server { listen 80; server_name localhost; root /usr/local/www/mediawiki; index index.php; location / { try_files $uri $uri/ @mediawiki; } location @mediawiki { rewrite ^/([^?]*)(?:\?(.*))? /index.php?title=$1&$2 last; } location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } } </pre> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>/usr/local/etc/nginx/nginx.conf</code> Content: <div class="mw-collapsible-content"> the key components of the file: : '''user www www;''': specifies the user and group that the Nginx worker processes will run as. In this case, both the user and group are set to www. : '''worker_processes 1;''': This directive sets the number of worker processes, which handle incoming connections and process requests. In this case, it's set to 1, meaning only one worker process will handle requests. : '''events { worker_connections 1024; }''': This block configures the event-driven processing model. The worker_connections directive sets the maximum number of simultaneous connections that each worker process can handle. In this case, it's set to 1024. :* The '''http block''' contains the main configuration settings for HTTP(S) servers. Within this block: : '''include mime.types;''': Includes the MIME types configuration file, which maps file extensions to their respective MIME types. : '''default_type application/octet-stream;''': Sets the default MIME type for files that don't match any of the defined MIME types. : '''sendfile on;''': Enables the use of the sendfile() system call for more efficient file transfers. : '''keepalive_timeout 65;''': Sets the timeout for keep-alive connections, which allows multiple requests to be sent over a single connection. :* The '''server block''' defines the configuration for a specific virtual server. Within this block: : '''listen 80;''': Specifies that the server listens on port 80 (the default HTTP port) for incoming connections. : '''server_name localhost;''': Sets the server name to "localhost" for this configuration. : '''root /usr/local/www/mediawiki;''': Sets the root directory for the Mediawiki website. : '''index index.php;''': Sets the default index file for directory requests. :* The '''location blocks''' configure how Nginx handles different types of requests: : The first location block attempts to serve the requested URI as a file or a directory. If that fails, it falls back to the @mediawiki named location. : The @mediawiki location block rewrites the request URI to pass it to Mediawiki's index.php script with the appropriate query parameters. : The location ~ \.php$ block processes PHP files by passing them to the FastCGI server (PHP-FPM) using a Unix domain socket (unix:/var/run/php-fpm.sock). The fastcgi_param and include fastcgi_params; directives configure FastCGI settings. </div> </div> : Test the Nginx configuration: <code>nginx -t</code> : If the configuration test is successful, reload Nginx to apply the changes: <code>service nginx reload</code> Now you should be able to access your MediaWiki installation by visiting your domain name or IP address in your browser. '''But Wait''' there's more, need to setup the MySQL database. ==Setting up MySQL== Set up the MySQL server and create a database for MediaWiki on FreeBSD: ===Initialize the MySQL server=== <code>/usr/local/libexec/mysqld --initialize --user=mysql --datadir=/var/db/mysql </code> Explanation of the command and its options: :* '''/usr/local/libexec/mysqld''': The full path to the MySQL server binary on FreeBSD. :* '''--initialize''': This option initializes the data directory and creates the system tables required for the MySQL server to function properly. :* '''--user=mysql''': Specifies the system user that the MySQL server will run as. On FreeBSD, the default user for the MySQL server is '''mysql'''. This option ensures that the created files and directories have the proper ownership. :* '''--datadir=/var/db/mysql''': Specifies the data directory for the MySQL server. The data directory is where the server stores its databases, tables, and related files. On FreeBSD, the default location for the MySQL data directory is '''/var/db/mysql'''. Output should be something like this: <pre> # /usr/local/libexec/mysqld --initialize --user=mysql --datadir=/var/db/mysql 2023-05-01T18:17:53.389205Z 0 [System] [MY-013169] [Server] /usr/local/libexec/mysqld (mysqld 8.0.32) initializing of server in progress as process 2170 mysqld: Error on delete of '/var/db/mysql/auto.cnf' (OS errno 2 - No such file or directory) 2023-05-01T18:17:53.458035Z 0 [Warning] [MY-010107] [Server] World-writable config file '/var/db/mysql/auto.cnf' has been removed. 2023-05-01T18:17:53.471999Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started. 2023-05-01T18:17:54.808131Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended. 2023-05-01T18:17:58.661498Z 6 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: q17mjt8qnl:I </pre> This will create the necessary system tables and set up the initial MySQL data directory structure. The output will also display a temporary password for the '''root user''', which you will need to use when running '''mysql_secure_installation'''. Make sure to note this temporary password, as you will be prompted to change it during the '''mysql_secure_installation''' process. Enable the MySQL server to start automatically when the jail boots by appending the following line to the jail's '''rc.conf''' file. Make sure to use >> to append the configuration without overwriting the existing content: <code>sysrc mysql_enable="YES"</code> ===Start the MySQL server=== <code>service mysql-server start</code> Secure the MySQL installation by running the security script. You'll be prompted to set the root password and answer a series of questions to secure the installation: <code>mysql_secure_installation</code> Log in to the MySQL server using the root user and the password you set during the security script: <code>mysql -u root -p</code> Once logged in, create a new user and database for MediaWiki: <code>CREATE USER 'username'@'localhost' IDENTIFIED BY 'passwd';</code> <code>CREATE DATABASE my_wiki_db;</code> <code>GRANT ALL ON my_wiki_db.* TO 'username'@'localhost';</code> <code>FLUSH PRIVILEGES;</code> <code>quit;</code> Replace '''username''', '''passwd''', and '''my_wiki_db''' with the desired username, password, and database name. Now you should have a working MySQL server and a database ready for your MediaWiki installation. Proceed with configuring MediaWiki to use this database. ==Configure Mediawiki== Visit the IP address of your jail in a web browser using '''http''' and NOT '''https''' (we have not setup and ssl certs) You will now find yourself on the mediawiki setup landing page.<br \> <blockquote> MediaWiki 1.39.3 LocalSettings.php not found. Please complete the installation and download LocalSettings.php. </blockquote> Click <b>complete the installation</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> Language Page <div class="mw-collapsible-content"> Just pick a language mate </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Welcome to MediaWiki! <div class="mw-collapsible-content"> read and click Continue </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Connect to database - going to need the details from when you created the database. <div class="mw-collapsible-content"> Database host:'''localhost'''<br \> Database name:'''my_wiki_db'''<br \> Database table prefix (no hyphens): <b>LEAVE BLANK</b><br \> Database username:'''username'''<br \> Database password:'''passwd'''<br \> Replace: '''my_wiki_db''', '''username''' and '''passwd''' with your '''Database Name''', '''Database Username''' and '''Database Password''' you setup in the MySQL stage. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Database Settings <div class="mw-collapsible-content"> Database account for web access<br \> [x]Use the same account as for installation<br \> <b>Leave ticked</b> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Name <div class="mw-collapsible-content"> <b>Name of wiki:</b>LocalWiki<br \> <b>Project namespace:</b><br \> [x]Same as the wiki name:<br \> [ ]Project<br \> [ ]Other (specify)<br \> <b>Administrator account</b> Will be the admin account on the wiki. <br \> <b>CLICK I'm bored already, just install the wiki.</b> </div> </div> At the end you would of downloaded a file called <b>LocalSettings.php</b><br \> Now lets send it to the mediawiki jail. In my case the '''jail''' is running on a headless nuc '''home server''' and i have the file on a ubuntu '''laptop''' so: :1. Send '''LocalSettings.php''' to '''home server''' <code>scp Downloads/LocalSetting.php <user>@<home_server_IP>:/usr/home/<user>/</code> :2. Send to mediawiki directory in '''jail''' <code>cp LocalSettings.php /pods/mediawiki/usr/local/www/mediawiki/</code> * Do Not Refresh the Web Page or you will Redownload '''LocalSettings.php''' * Revisit your jails IP in web browser and you should see your wiki up and running. ===Add Extensions to Mediawiki=== ====Youtube==== https://www.mediawiki.org/wiki/Extension:YouTube <code>wget https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /var/www/html/mediawiki/extensions/</code> * FreeBSD <code>fetch https://extdist.wmflabs.org/dist/extensions/YouTube-REL1_39-f272bb3.tar.gz</code> <code>tar -xzf YouTube-REL1_39-f272bb3.tar.gz -C /usr/local/www/mediawiki/extensions/</code> * Append to '''LocalSettings.php''' <code>wfLoadExtension( 'YouTube' );</code> * On wiki page ** https://www.youtube.com/watch?v=wB4gvSgYmfY ** After '''watch?v=''' ** <nowiki><youtube>wB4gvSgYmfY</youtube></nowiki> <youtube>wB4gvSgYmfY</youtube> * Defaults '''width'''=640 pixels '''height'''=385 pixels * Change defaults <nowiki><youtube width="800" height="400">wB4gvSgYmfY</youtube></nowiki> <youtube width="800" height="400">wB4gvSgYmfY</youtube> ===Syntax highlighting=== We have already Installed <b>pygments</b><br> Add to LocalSettings:<br> <code>wfLoadExtension( 'SyntaxHighlight_GeSHi' );</code><br> ==Importing a mediawiki xml dump to your localwiki== <code>fetch https://xml.completenoobs.com/xmlDumps/01_05_23.Noobs/01_05_23.Noobs.xml</code> <code>php /usr/local/www/mediawiki/maintenance/importDump.php --conf /usr/local/www/mediawiki/LocalSettings.php 01_05_23.Noobs.xml</code> <code>php /usr/local/www/mediawiki/maintenance/rebuildrecentchanges.php && php /usr/local/www/mediawiki/maintenance/initSiteStats.php && php /usr/local/www/mediawiki/maintenance/rebuildall.php</code> ==Visit Jails IP Address on web browser== A Basic local wiki should be run and running obmpoymemk2fbn9uquf5houy6fbardl 0 113 409 2023-05-11T18:32:24Z Noob 1 Created page with "==Swap Space== Swap space is an area on your hard drive that the Ubuntu operating system uses as a temporary storage location when your system runs out of physical memory (RAM). When your system's RAM is full, the operating system moves less frequently used data from RAM to the swap space, freeing up RAM for more critical processes. This process is called "swapping" or "paging." Ubuntu swap space is a dedicated partition or file on your hard drive that functions as virt..." 409 wikitext text/x-wiki ==Swap Space== Swap space is an area on your hard drive that the Ubuntu operating system uses as a temporary storage location when your system runs out of physical memory (RAM). When your system's RAM is full, the operating system moves less frequently used data from RAM to the swap space, freeing up RAM for more critical processes. This process is called "swapping" or "paging." Ubuntu swap space is a dedicated partition or file on your hard drive that functions as virtual memory for your Linux operating system. When your system runs out of physical RAM, it uses swap space to temporarily store data that is not actively being used. This enables the operating system to continue running smoothly and efficiently even when memory is scarce. Here are some reasons why you might need swap space: * '''Memory management''': Swap space acts as an overflow buffer for your system's memory. When your RAM is full, the least-used data is moved to swap space, freeing up RAM for more critical tasks. This helps prevent system crashes and slowdowns due to insufficient memory. * '''Hibernation''': If you use hibernation on your Ubuntu system, swap space is essential. During hibernation, the contents of your RAM are saved to swap space, allowing your system to power down entirely. When you power your computer back on, the data stored in swap space is loaded back into RAM, and you can continue where you left off. Determining whether you need swap space depends on your system's resources and usage patterns. Here are some general guidelines: * If you have a system with a large amount of RAM (16 GB or more), you might not need swap space unless you're running memory-intensive applications or using hibernation. * For systems with less RAM, it's generally a good idea to have some swap space available. A common rule of thumb is to allocate swap space equal to the amount of RAM in your system, but this may vary based on your specific needs. * If your system frequently runs out of RAM, increasing swap space can help alleviate the issue. However, it's important to note that swap space is slower than RAM because it uses your hard drive. If performance is a concern, consider upgrading your RAM. To summarize, swap space in Ubuntu serves as an extension of your system's RAM, providing extra memory when needed and enabling hibernation. Whether or not you need swap space depends on your system's resources and how you use your computer. ===Notes on SSD's=== For systems with SSDs, using swap space can increase wear on the drive due to frequent read and write operations. Unlike traditional hard drives, SSDs have a limited number of program/erase (P/E) cycles, which means that each memory cell can only be written and erased a certain number of times before it starts to degrade. When swap space is used on an SSD, it may lead to more write operations, potentially causing the drive to wear out faster. However, modern SSDs are designed with wear leveling algorithms that help distribute these write operations evenly across the drive, prolonging its lifespan. Additionally, SSD technology has improved significantly in recent years, and the P/E cycle limits of current SSDs are much higher than those of older models, making them more durable. To mitigate the potential wear and tear on your SSD from swap space usage, you can consider the following options: * Reduce swap usage - Explained on page * Allocate more RAM: If you have sufficient RAM, your system will rely less on swap space, reducing the number of write operations on your SSD. Consider upgrading your RAM if you frequently run memory-intensive applications. * Use a separate HDD for swap: If your system has both an SSD and a traditional hard drive (HDD), you can choose to allocate swap space on the HDD instead. This will spare your SSD from the additional wear caused by swap usage. ==Check your Swap Space== First check if you already have a swap space<br \> <code>free -m</code> <code>cat /proc/swaps</code> <code>swapon -s -v</code> ==Creating a swap space == preallocate a 2 gigabyte space to be used for swap.<br \> Note: you can name swapfile to anything you want. <code>fallocate -l 2G /swapfile</code> Initialize the /swapfile file with zeros - see "Working out the count size" to see how to work out the count size. <code>dd if=/dev/zero of=/swapfile bs=1024 count=2097152</code> <code>chmod 600 /swapfile</code> <code>mkswap /swapfile</code> <code>swapon /swapfile</code> Or <code>swapon -a</code> Or <code>mount -a</code> append to <code>/etc/fstab</code> so its mounted after reboot.<br \> <code>/swapfile swap swap defaults 0 0</code> and thats it, you can check swap with. <code>cat /proc/swaps</code> <code>swapon -s -v</code> <code>free -m</code> === Working out the count size === Working out count size to scale the swapsize. 1 kilobyte = 1024 bytes 1 megabyte = 1024 kilobyte 1 gigabyte = 1024 megabytes bs=1024 = 1 megabyte 1 gigabyte = 1024 megabyte to get count of 1 gigabyte 1024 * 1024 2 gigabyte (1024 * 2048 ) or 1048576 * 2 = 2,097,152 ==Reducing Swap Usage== : Reduce swap usage: You can configure your system to use swap space less aggressively by adjusting the "swappiness" parameter. A lower swappiness value (e.g., 10) will make the system use swap space less often, prioritizing the use of RAM instead. This can be done by editing the '''/etc/sysctl.conf''' file and adding or modifying the following line: <code>vm.swappiness=10</code> Then, save the file and reboot your system for the changes to take effect. The '''vm.swappiness''' parameter is a Linux kernel setting that controls how aggressively the kernel uses swap space. It is a value between 0 and 100, where a higher value makes the system more likely to use swap space, while a lower value makes the system prefer keeping data in RAM. The default value for most Linux distributions, including Ubuntu, is usually set to 60. Here's a more detailed explanation of how different '''vm.swappiness''' values affect system behavior: * A value of '''0''': The system will only use swap space when it has completely exhausted the available RAM, avoiding swap usage as much as possible. This is not recommended for most systems, as it can lead to poor performance and possible crashes when the system runs out of memory. * A value between '''1''' and '''100''': The higher the value, the more aggressively the system will use swap space. A higher swappiness value can help free up more RAM for caching, which might be beneficial on systems with limited memory. However, it may also increase the number of disk read and write operations, potentially affecting performance, especially on slower storage devices like HDDs. * A value of '''100''': The system will aggressively use swap space even when there's plenty of free RAM available. This setting is generally not recommended, as it can lead to excessive disk I/O and degrade system performance. Adjusting the '''vm.swappiness''' value allows you to fine-tune the balance between using RAM and swap space according to your system's resources and performance requirements. For example, if you have an SSD and want to reduce wear and tear on the drive, you can set a lower swappiness value (e.g., 10) to make the system use swap space less frequently. On the other hand, if you have an HDD and limited RAM, you might opt for a higher swappiness value to free up more RAM for caching and avoid running out of memory. To change the '''vm.swappiness''' value, edit the '''/etc/sysctl.conf''' file and add or modify the following line: <code>vm.swappiness=<your_desired_value></code> Replace '''<your_desired_value>''' with a number between 0 and 100 that suits your system's needs. After making the change, save the file and reboot your system for the changes to take effect. hd75q7iekglnx4v31tpayn98cxu7mik 0 114 411 2023-05-11T18:36:08Z Noob 1 Created page with "==Cron Quick Start== Cron already comes preinstalled - but if not, install with<br> <code>sudo apt install cron</code><br> <br> Cron is a time-based job scheduler in Ubuntu and other Unix-like operating systems. It allows users to schedule commands or scripts to run automatically at specific times or intervals. Cron jobs are very useful for automating repetitive tasks or performing maintenance tasks on a regular basis.<br> <br> To use cron on Ubuntu, you need to underst..." 411 wikitext text/x-wiki ==Cron Quick Start== Cron already comes preinstalled - but if not, install with<br> <code>sudo apt install cron</code><br> <br> Cron is a time-based job scheduler in Ubuntu and other Unix-like operating systems. It allows users to schedule commands or scripts to run automatically at specific times or intervals. Cron jobs are very useful for automating repetitive tasks or performing maintenance tasks on a regular basis.<br> <br> To use cron on Ubuntu, you need to understand the syntax of the cron schedule and how to set up a cron job.<br> <br> The cron schedule consists of five fields: minute, hour, day of the month, month, and day of the week. Each field can be specified with a single value, a range of values, or a list of values separated by commas. Asterisks (*) can be used as wildcards to specify all possible values.<br> <br> To set up a cron job, you can use the crontab command to edit the cron table. This table contains a list of cron jobs for the current user. Each cron job is specified on a separate line, and consists of the schedule and the command to be executed.<br> <br> For example, to schedule a script to run every day at midnight, you would add the following line to the crontab:<br> <code>0 0 * * * /path/to/script.sh</code><br> This cron job runs the script.sh file located at /path/to/ every day at midnight (00:00).<br> <br> <code>*</code> is an asterisk is a wildcard variable that represents all, every day, every hour ... etc<br> <br> Syntax: From left to right.<br> The first 5 are for time. When to run.<br> Minute: <b>0-59</b><br> Hour: <b>0-23</b><br> Day (of the month): <b>1-31</b><br> Month: <b>1-12</b> or <b>JAN-DEC</b><br> Day (of the week): <b>0-6</b> or <b>SUN-SAT</b><br> <code>/</code> can be used to create a step value.<br> <br> Followed by the Command or Script:<br> <code>0 5 * * SUN /usr/local/bin/script.sh</code> will run the script at 5am on sunday.<br> <br> <code>*/1 * * * SUN,MON /usr/local/bin/test.sh</code> will run every minute on sundays and mondays.<br> <br> <code>30 3 */3 * * /usr/local/bin/test.sh</code> will run script at 3:30am every 3 days.<br> <code>crontab -e</code> to edit your cron file.<br> <div class="toccolours mw-collapsible mw-collapsed"> Example to play with: <div class="mw-collapsible-content"> Create a quick shell script that will export a time stamp to a log file.<br> <code>$EDITOR /usr/local/bin/test-cron.sh</code><br> <pre> #!/bin/bash time_stamp=$(date '+%d_%m_%y %H_%M') echo $time_stamp >> /var/log/noob-test.log </pre> <code>chmod +x /usr/local/bin/test-cron.sh</code><br> Setup Cron to run script every minute:<br> <code>crontab -e</code><br> <pre>*/1 * * * * /usr/local/bin/test.sh</pre><br> Check your log file:<br> <code>cat /var/log/noob-test.sh</code><br> With cron you can now play around with the dates and time when you want the script to run, and can see time stamp on log file to see if you where correct.<br> </div> </div> 3efzjoqx6sm8qbrffn6ycaae6j84ta5 0 115 412 2023-05-11T18:38:49Z Noob 1 Created page with " ==With DNS - cert by LetsEncrypt== [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04#No_DNS_using_IP_and_SelfSigned_Certs|No DNS Using IP and Self Signed Certs for https]] ===Spin up a Server === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $5 a month, 1 cpu, 1024MB ram, 25GB ssd, 1000GB Bandwidth.<br \> I have been given the IP:<b>192.248.155.201</b> <br \> ===DNS=== make a <b>A RECORD</b> for subdomain server IP address<br> {| class="wiki..." 412 wikitext text/x-wiki ==With DNS - cert by LetsEncrypt== [[Nginx_Server_For_Hosting_Files_Ubuntu_22.04#No_DNS_using_IP_and_SelfSigned_Certs|No DNS Using IP and Self Signed Certs for https]] ===Spin up a Server === Using <b>Vultr</b> i am going to deploy a <b>Ubuntu 20.04</b> Server.<br \> $5 a month, 1 cpu, 1024MB ram, 25GB ssd, 1000GB Bandwidth.<br \> I have been given the IP:<b>192.248.155.201</b> <br \> ===DNS=== make a <b>A RECORD</b> for subdomain server IP address<br> {| class="wikitable" |+ Dns |- |Type |Host |Ip address |TTL |- |A record |xml |192.248.155.201 |auto |- |} ===Enable Basic FireWall=== <code>ufw allow 22/tcp</code><br> <code>ufw allow 443/tcp</code><br> <code>ufw allow 80/tcp</code><br> <code>ufw enable</code><br \> ===Enable Auto Updates=== [[Ubuntu_unattended-upgrades#Quick_Start_-_Up_and_running_auto_updates|Setup Basic Auto Updates for your Server so you don't have to keep logging into server to update]] ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> <div class="toccolours mw-collapsible mw-collapsed"> Default NGINX Before Certbot - Placed here just for notes:<br> <code>cat /etc/nginx/sites-available/default</code> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} </pre> </div> </div> ===LetsEncrypt=== <code>snap install certbot --classic</code><br> <code> certbot --nginx -d xml.completenoobs.com</code><br> You should now be able to view the <b>Welcome to nginx!</b> page with <b>https</b><br> ===Setup NGINX=== CertBot did the work for us :) Good Bot.<br> The nginx default site should look like this:<br> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat /etc/nginx/sites-available/default</code><br> <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> We just need to add one line <code>autoindex on;</code>in the <b>location { }</b> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <div class="toccolours mw-collapsible mw-collapsed"> <code> /etc/nginx/sites-available/default</code> After appending <code>autoindex on;</code>: <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Same File with Comments removed for easier read: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ====More Info==== <div class="toccolours mw-collapsible mw-collapsed"> <b>autoindex on;</b> directive: <div class="mw-collapsible-content"> The <b>autoindex on;</b> directive in an Nginx configuration file enables directory listing for the specified location. In other words, if a user requests a URL that corresponds to a directory (rather than a specific file), and '''autoindex on;''' is specified for that location in the Nginx configuration file, then Nginx will generate a directory listing page that shows the contents of that directory. This can be useful for making files available for download or for providing an easy way to browse the contents of a directory. However, it can also be a security risk if sensitive files are inadvertently made available for download or if a user gains access to a directory listing page that they should not be able to access. To mitigate this risk, it's important to ensure that the '''autoindex on;''' directive is only used when necessary and is not enabled for sensitive directories or files. It's also a good idea to customize the appearance of the directory listing page to make it clear what files are available and to restrict access to the directory listing page using Nginx authentication or other security measures. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Nginx Config File: <div class="mw-collapsible-content"> <pre> # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; ######^^^ These two lines specify that the server block is listening on port 80 (the default HTTP port) for IPv4 and IPv6 connections. The default_server parameter indicates that this block will be used as the default server block for any incoming connections that do not match any other server blocks. ################################################# root /var/www/html; ######^^ This line sets the root directory for the server block. This is the directory where Nginx will look for files to serve in response to incoming requests. ########################################## # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; ##########^^ This line specifies the order in which Nginx should look for index files in the root directory when serving requests. In this case, Nginx will first look for index.html, then index.htm, and then index.nginx-debian.html. ########################################################## server_name _; #######^^ This line specifies the server name for the block. The underscore _ indicates a catch-all server name, meaning that this block will handle any requests that do not match a server name defined in another server block. ####################################################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; ###############^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. ###################################################### } } server { root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot ######^^ This block specifies the server configuration for requests that match the server name xml.completenoobs.com. The root directive specifies the root directory for this server block, and the index directive specifies the order in which Nginx should look for index files when serving requests. The server_name directive specifies the name of the server that this block handles. ###################### location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } ###########^^ This block specifies the location directive for requests that match the root directory of the server block. The try_files directive specifies that Nginx should first try to serve the request as a file, then as a directory, and then return a 404 error if the file or directory cannot be found. The autoindex directive enables directory listing for this location. ############################## listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } ##################^^ These lines specify the SSL configuration for the server block, including the SSL certificates and keys, the SSL protocol settings, and the SSL Diffie-Hellman parameters. The listen directive specifies that the server block should listen for HTTPS connections on port 443, and the ssl parameter indicates that SSL/TLS should be used for these connections. The remaining lines specify the SSL certificates and keys, as well as the SSL options and Diffie-Hellman parameters managed by Certbot. ######################### server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot ########^^ This block specifies that if the incoming request matches the server name xml.completenoobs.com, Nginx should return a 301 HTTP status code (Moved Permanently) and redirect the request to HTTPS. ####################### listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } ##########^^ These lines specify the server configuration for requests that match the server name xml.completenoobs.com on port 80 (the default HTTP port). The listen directives specify that the server block should listen for HTTP connections on both IPv4 and IPv6. The server_name directive specifies the name of the server that this block handles. The return 404 directive specifies that Nginx should return a 404 HTTP status code for all requests that match this server block. Note that this server block is likely intended to be used in conjunction with another server block that handles HTTPS requests for xml.completenoobs.com, since the HTTP requests will be redirected to HTTPS by the if directive in this block. ############################ </pre> </div> </div> ===Hosting XML files for easy Downloading=== we are going to delete the default index page and create another.<br> <code>rm /var/www/html/index.nginx-debian.html</code><br> <code>$EDITOR /var/www/html/index.html</code><br> Insert:<br> <pre> <!DOCTYPE html> <html> <head> <title>CompleteNoobs-XML_Dumps</title> </head> <body> <h1> <a href="xmlDumps/">Click here for are latest XML Dumps</a>.</p> </h1> </body> </html> </pre> <br> Create a Directory to place are dumps<br> <code>mkdir /var/www/html/xmlDumps</code><br> This is the directory we will place are dumps for sharing and easy downloads.<br> <code>chown -R www-data:www-data /var/www/html/xmlDumps</code><br> <code>systemctl restart nginx</code><br> now create a test file with some content and test.<br> <code>$EDITOR /var/www/html/xmlDumps/test.txt</code><br> Check you can see/read on web browser.<br> This is the directory where we will send are mediawiki dumps.<br> ==Transfer Files to Sharing Directory== NOTE: [[Scp_only|If you are receiving file from another server (setup server to send with script and ssh-keys), you may wish to create another account which can only receive '''scp''' to path]] ===scp=== Check [[SCP_Examples|SCP_Examples]] for more examples:<br> To send direct from MediaWiki server (Example file 'xmlDump-03-03-2023')<br> Will be prompted to enter password:<br> <code>scp /path/to/xmlDump-03-03-2023 root@xml.completenoobs.com:/var/www/html/xmlDumps/</code><br> ===sshfs=== [[Sshfs_ubuntu|Read the sshfs page for more info]]<br> Can be useful if you are transferring a large number of files from your computer to server and want to use the GUI file explorer.<br> <br> NOTE:replace $USER with your user account (Example: mine is 'ubunix' so i will replace '$USER' with 'ubunix') <br> Install sshfs on your computer<br> <code>sudo apt install sshfs</code><br> Create a Directory you are going to mount remote server directory to:<br> <code>mkdir /home/$USER/ServerMount</code><br> <br> <code>sudo sshfs -o allow_other,default_permissions root@xml.completenoobs.com:/var/www/html/xmlDumps/ /home/$USER/ServerMount/</code><br> To umount use:<br> <code>sudo umount /home/$USER/ServerMount</code><br> ===sftp=== ===Rsync=== ===syncthing=== ===FreeFileSync=== ===Seafile=== ==Require Username and Password to view website/files (Optional - Placed here for educational reasons)== <code>apt install apache2-utils</code><br> In your <code>/etc/nginx/sites-available/default</code><br> Append the lines(see before and after files to see where):<br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: Before <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: After <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ===Create a login Username and Password to view your website=== Add user; change <b>user1</b> to username of your choice; you will be prompted for password.<br \> <code>htpasswd -c /etc/nginx/.htpasswd user1</code><br \> The <b>-c</b> flag is only needed the first time to create the file <b>/etc/nginx/.htpasswd</b><br \> Add second user; the same method is used to add has many users has you want.<br \> <code>htpasswd /etc/nginx/.htpasswd user2</code> <br \> To update or change passwd for user, repeat command with username of account you wish to change; enter new password.<br \> <code>htpasswd /etc/nginx/.htpasswd user1</code><br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> And try site. ===Fail2Ban to Block IP's Which Enter Incorrect Username and/or Password=== Install Fail2Ban:<br> <code>apt install fail2ban</code><br> <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code><br> <code>$EDITOR /etc/fail2ban/jail.local</code><br> Note: Can append to the very bottom of the page.<br> <pre> # Reject Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s [nginx-cup] #the name in brackets above is what you use for status # fail2ban-client status nginx-cup enabled = true filter = nginx-correct-up port = http,https logpath = /var/log/nginx/error.log findtime = 3m bantime = 3m maxretry = 3 #ignoreip = <your-ipaddress> #Note: Can find your ipaddress using `curl ifconfig.me` or visit `whatismyip.com` </pre> <br \> <code>$EDITOR /etc/fail2ban/filter.d/nginx-correct-up.conf</code><br \> <pre> [Definition] failregex = client:\s<HOST> ignoreregex = </pre> ===Check Fail2Ban for errors=== <code>fail2ban-client -d</code><br \> ===restart nginx and fail2ban so updated setting can take effect=== <code>systemctl restart fail2ban.service</code><br \> <code>systemctl restart nginx.service</code><br \> And test. ===Remove need for username and password=== Comment out (or delete) the following lines from your nginx config file:<br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Can comment out lines by placing a '#' in front.<br> <pre> #auth_basic "Hello Please Login"; #auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> jyfh8pa378ocwfmszn8bs0dmr6nez4t 0 116 413 2023-05-11T18:42:21Z Noob 1 Created page with "==Nano Ubuntu== ===Getting Started=== : Open your terminal or command prompt. : Type nano followed by the name of the file you want to edit. For example, if you want to edit a file called '''myfile.txt''', you would type '''nano myfile.txt'''. : Once Nano opens, you should see the contents of the file you're editing. ===Navigating the File=== Nano uses keyboard shortcuts for most commands. Here are some of the most useful navigation commands: :* '''Ctr..." 413 wikitext text/x-wiki ==Nano Ubuntu== ===Getting Started=== : Open your terminal or command prompt. : Type nano followed by the name of the file you want to edit. For example, if you want to edit a file called '''myfile.txt''', you would type '''nano myfile.txt'''. : Once Nano opens, you should see the contents of the file you're editing. ===Navigating the File=== Nano uses keyboard shortcuts for most commands. Here are some of the most useful navigation commands: :* '''Ctrl+F''' - Move forward one character :* '''Ctrl+B''' - Move backward one character :* '''Ctrl+N''' - Move to the next line :* '''Ctrl+P''' - Move to the previous line :* '''Ctrl+A''' - Move to the beginning of the current line :* '''Ctrl+E''' - Move to the end of the current line :* '''Ctrl+V''' - Move forward one page :* '''Ctrl+Y''' - Move backward one page ===Editing Text=== Here are some commands for editing text in Nano: :* '''Ctrl+K''' - Cut the current line or selected text :* '''Ctrl+U''' - Uncut (paste) the last cut text :* '''Ctrl+Shift+6''' - Mark the beginning of a selection :* '''Ctrl+Shift+7''' - Mark the end of a selection :* '''Ctrl+T''' - Transpose two characters :* '''Ctrl+O''' - Save the changes to the file :* '''Ctrl+X''' - Exit Nano without saving the changes <div class="toccolours mw-collapsible mw-collapsed"> Wipe Entire File: <div class="mw-collapsible-content"> :* Move the cursor to the beginning of the file by pressing Ctrl+Y repeatedly until you reach the top of the file. :* Press '''Ctrl+Shift+6''' to set the beginning of the selection. :* Move the cursor to the end of the file by pressing '''Ctrl+V''' repeatedly until you reach the end of the file. :* Press '''Ctrl+K''' to cut the selected text. :* To paste the cut text, move the cursor to the desired location and press '''Ctrl+U'''. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Transpose: <div class="mw-collapsible-content"> The '''Ctrl+T''' command is used to transpose (swap) the characters at the current cursor position with the characters immediately before the cursor position. Here's how to use the '''Ctrl+T''' command: : Move the cursor to the position between two characters that you want to swap. : Press '''Ctrl+T'''. : The two characters will be swapped, and the cursor will move to the right by one character. For example, let's say you have the following line of text in Nano: <pre> This is a test. ^ Cursor is here </pre> If you want to swap the characters "s" and "i" in the word "is", you would do the following: : Move the cursor to the position between the "s" and the "i", like this: <pre> This is a test. ^ Cursor is here </pre> : Press '''Ctrl+T'''. : The characters "s" and "i" will be swapped, like this: <pre> This si a test. ^ Cursor moves here </pre> The '''Ctrl+T''' command is a useful tool for quickly making small edits to text. I hope this explanation helps clarify its use. If you have any further questions or need any additional assistance, please don't hesitate to ask. </div> </div> ===Searching for Text=== To search for text in Nano, use the following commands: :* '''Ctrl+W''' - Search for a word or phrase in the current file :* '''Alt+W''' - Repeat the last search ===Replacing Text === To replace text in Nano, use the following commands: :* '''Alt+R''' - Replace the current occurrence of a search term ===Increasing and Decreasing Text Size=== To increase or decrease the size of the text in Nano, use the following commands: :* '''Ctrl'''+'''+''' - Increase the size of the text :* '''Ctrl'''+'''-''' - Decrease the size of the text ===Other Useful Commands=== :* '''Ctrl+G''' - Display the Nano help menu :* '''Ctrl+'''_ - Go to a specific line and column number :* '''Ctrl+Y''' - Scroll up one line at a time :* '''Ctrl+V''' - Scroll down one page at a time jwbxutfcpvvrtsk503pweb77pq3fsnj 442 413 2023-05-18T17:07:11Z AwesomO 5 /* Editing Text */ 442 wikitext text/x-wiki ==Nano Ubuntu== ===Getting Started=== : Open your terminal or command prompt. : Type nano followed by the name of the file you want to edit. For example, if you want to edit a file called '''myfile.txt''', you would type '''nano myfile.txt'''. : Once Nano opens, you should see the contents of the file you're editing. ===Navigating the File=== Nano uses keyboard shortcuts for most commands. Here are some of the most useful navigation commands: :* '''Ctrl+F''' - Move forward one character :* '''Ctrl+B''' - Move backward one character :* '''Ctrl+N''' - Move to the next line :* '''Ctrl+P''' - Move to the previous line :* '''Ctrl+A''' - Move to the beginning of the current line :* '''Ctrl+E''' - Move to the end of the current line :* '''Ctrl+V''' - Move forward one page :* '''Ctrl+Y''' - Move backward one page ===Editing Text=== Here are some commands for editing text in Nano: :* '''Ctrl+K''' - Cut the current line or selected text :* '''Ctrl+U''' - Uncut (paste) the last cut text :* '''Ctrl+Shift+6''' - Mark the beginning of a selection :* '''Ctrl+Shift+7''' - Mark the end of a selection :* '''Ctrl+T''' - Transpose two characters :* '''Ctrl+O''' - Save the changes to the file :* '''Ctrl+X''' - Exit Nano without saving the changes <div class="toccolours mw-collapsible mw-collapsed"> Wipe Entire File: <div class="mw-collapsible-content"> :* Move the cursor to the beginning of the file by pressing Ctrl+Y repeatedly until you reach the top of the file. :* Press '''Ctrl+Shift+6''' to set the beginning of the selection. :* Move the cursor to the end of the file by pressing '''Ctrl+V''' repeatedly until you reach the end of the file. :* Press '''Ctrl+K''' to cut the selected text. :* To paste the cut text, move the cursor to the desired location and press '''Ctrl+U'''. To wipe a file in terminal you can also use <code>> /path/to/file.txt</code> to wipe the file. * The '''>''' operator is used to redirect standard output to a file. If the file doesn't exist, it will be created; if it does exist, it will be overwritten. * So, this command would effectively create an empty file at '''/path/to/file.txt''' if the file doesn't exist, or clear the contents of the file if it already exists. * Be Careful when using this, as it becomes easier to nuke the wrong file. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Transpose: <div class="mw-collapsible-content"> The '''Ctrl+T''' command is used to transpose (swap) the characters at the current cursor position with the characters immediately before the cursor position. Here's how to use the '''Ctrl+T''' command: : Move the cursor to the position between two characters that you want to swap. : Press '''Ctrl+T'''. : The two characters will be swapped, and the cursor will move to the right by one character. For example, let's say you have the following line of text in Nano: <pre> This is a test. ^ Cursor is here </pre> If you want to swap the characters "s" and "i" in the word "is", you would do the following: : Move the cursor to the position between the "s" and the "i", like this: <pre> This is a test. ^ Cursor is here </pre> : Press '''Ctrl+T'''. : The characters "s" and "i" will be swapped, like this: <pre> This si a test. ^ Cursor moves here </pre> The '''Ctrl+T''' command is a useful tool for quickly making small edits to text. I hope this explanation helps clarify its use. If you have any further questions or need any additional assistance, please don't hesitate to ask. </div> </div> ===Searching for Text=== To search for text in Nano, use the following commands: :* '''Ctrl+W''' - Search for a word or phrase in the current file :* '''Alt+W''' - Repeat the last search ===Replacing Text === To replace text in Nano, use the following commands: :* '''Alt+R''' - Replace the current occurrence of a search term ===Increasing and Decreasing Text Size=== To increase or decrease the size of the text in Nano, use the following commands: :* '''Ctrl'''+'''+''' - Increase the size of the text :* '''Ctrl'''+'''-''' - Decrease the size of the text ===Other Useful Commands=== :* '''Ctrl+G''' - Display the Nano help menu :* '''Ctrl+'''_ - Go to a specific line and column number :* '''Ctrl+Y''' - Scroll up one line at a time :* '''Ctrl+V''' - Scroll down one page at a time 23f4kppuvkwntuc10506bjxk2kxqbb5 482 442 2025-03-07T00:31:36Z AwesomO 5 482 wikitext text/x-wiki ==Nano Ubuntu== ===Getting Started=== To start using Nano on Ubuntu 22.04, follow these steps: # Open your terminal or command prompt. # Type <code>nano</code> followed by the name of the file you want to edit. For example, to edit a file called <code>myfile.txt</code>, type <code>nano myfile.txt</code>. # Once Nano opens, you will see the contents of the file you are editing. ===Navigating the File=== Nano uses keyboard shortcuts for navigation. Here are some essential navigation commands: * <code>Ctrl+F</code> - Move forward one character * <code>Ctrl+B</code> - Move backward one character * <code>Ctrl+N</code> - Move to the next line * <code>Ctrl+P</code> - Move to the previous line * <code>Ctrl+A</code> - Move to the beginning of the current line * <code>Ctrl+E</code> - Move to the end of the current line * <code>Ctrl+V</code> - Move forward one page * <code>Ctrl+Y</code> - Move backward one page ===Editing Text=== Here are the commands for editing text in Nano: * <code>Ctrl+K</code> - Cut the current line or selected text * <code>Ctrl+U</code> - Uncut (paste) the last cut text * <code>Ctrl+Shift+6</code> - Mark the beginning of a selection * <code>Ctrl+Shift+7</code> - Mark the end of a selection * <code>Ctrl+T</code> - Transpose two characters * <code>Ctrl+O</code> - Save the changes to the file * <code>Ctrl+X</code> - Exit Nano without saving the changes <div class="toccolours mw-collapsible mw-collapsed"> Wipe Entire File: <div class="mw-collapsible-content"> To wipe the entire content of a file in Nano: # Move the cursor to the beginning of the file by pressing <code>Ctrl+Y</code> repeatedly until you reach the top. # Press <code>Ctrl+Shift+6</code> to set the beginning of the selection. # Move the cursor to the end of the file by pressing <code>Ctrl+V</code> repeatedly until you reach the end. # Press <code>Ctrl+K</code> to cut the selected text. # To paste the cut text elsewhere, move the cursor to the desired location and press <code>Ctrl+U</code>. Alternatively, you can use the terminal command <code>> /path/to/file.txt</code> to wipe the file's contents. However, use this with caution as it can easily overwrite the wrong file. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Transpose: <div class="mw-collapsible-content"> The <code>Ctrl+T</code> command is used to transpose (swap) the characters at the current cursor position with the characters immediately before the cursor position. To use <code>Ctrl+T</code>: # Move the cursor to the position between two characters you want to swap. # Press <code>Ctrl+T</code>. # The two characters will be swapped, and the cursor will move to the right by one character. For example: <pre> This is a test. ^ Cursor is here </pre> To swap "s" and "i" in "is": # Move the cursor between "s" and "i": <pre> This is a test. ^ Cursor is here </pre> # Press <code>Ctrl+T</code>. # The characters "s" and "i" will be swapped: <pre> This si a test. ^ Cursor moves here </pre> </div> </div> ===Searching for Text=== To search for text in Nano: * <code>Ctrl+W</code> - Search for a word or phrase in the current file * <code>Alt+W</code> - Repeat the last search ===Replacing Text=== To replace text in Nano: * <code>Alt+R</code> - Replace the current occurrence of a search term ===Other Useful Commands=== * <code>Ctrl+G</code> - Display the Nano help menu * <code>Ctrl+_</code> - Go to a specific line and column number * <code>Ctrl+Y</code> - Move backward one page * <code>Ctrl+V</code> - Move forward one page '''Note:''' To scroll line by line, use the arrow keys or <code>Ctrl+P</code> (previous line) and <code>Ctrl+N</code> (next line). '''Note:''' Nano does not have built-in commands to increase or decrease text size. To adjust text size, use your terminal emulator's settings or shortcuts. For example, in GNOME Terminal, use <code>Ctrl+Shift+'+'</code> to increase and <code>Ctrl+'-'</code> to decrease text size. nyt8v3p2upia5qg0byxh9eo464ydag4 0 117 414 2023-05-11T18:43:42Z Noob 1 Created page with "==Done in a Vultr VPS to Capture Passwords== * could only get working on 18.04 - failed on 20.04 and 22.04 * Spin up a Ubuntu 18.04 server on VPS * Login to VPS terminal UFW firewall is enabled at default on Vultr Ubuntu 18.04 (at current time testing).<br> <code>ufw allow 8889/tcp</code><br> <code>echo 'Port 8889' >> /etc/ssh/sshd_config</code> <div class="toccolours mw-collapsible mw-collapsed"> Warning: Make sure you do not use SINGLE <code>></code> it will TRUNCATE..." 414 wikitext text/x-wiki ==Done in a Vultr VPS to Capture Passwords== * could only get working on 18.04 - failed on 20.04 and 22.04 * Spin up a Ubuntu 18.04 server on VPS * Login to VPS terminal UFW firewall is enabled at default on Vultr Ubuntu 18.04 (at current time testing).<br> <code>ufw allow 8889/tcp</code><br> <code>echo 'Port 8889' >> /etc/ssh/sshd_config</code> <div class="toccolours mw-collapsible mw-collapsed"> Warning: Make sure you do not use SINGLE <code>></code> it will TRUNCATE the file! <div class="mw-collapsible-content"> Lets learn by testing safely<br> <code>echo 'Hello World' > test.txt</code><br> Will create a file called <b>test.txt</b> with the text <b>Hello World</b><br> <code>echo 'Hello Again' >> text.txt</code> will append <b>Hello Again</b> to a new line.<br> Use <b>cat</b> to print the content of a file onto the standard output stream.<br> <code>cat test.txt</code><br> Should return:<br> <pre> Hello World Hello Again </pre> Now lets try the following.<br> <code>echo 'One more time' > text.txt</code><br> <code>cat test.txt</code><br> Single <code>></code> will TRUNCATE.<br> Double <code>>></code> will APPEND.<br> Can delete <b>test.txt</b> with <code>rm test.txt</code><br> Of course you can do this with a text editor.<br> <code>$EDITOR /etc/ssh/sshd_config</code> </div> </div> Restart sshd for new port to take effect.Existing connections will not be disconnected, new connections will need to use port 8889.<br> <code>systemctl restart sshd</code><br> Disconnect from Server and reconnect with port 8889<br> <code>ssh -p 8889 root@SERVERIP</code><br> ===Build second OpenSSH-Server to capture passwords=== <code>mkdir -pv /opt/openssh/dist</code><br> <code>wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.0p1.tar.gz</code><br> <code>tar zxvf openssh-8.0p1.tar.gz -C /opt/openssh/</code><br> <code>$EDITOR /opt/openssh/openssh-8.0p1/auth-passwd.c</code><br> Insert the following line(check before and after to see where):<br> <pre>logit("Failed Username:%s Password:%s", authctxt->user, password);</pre> Before <pre> /* * Tries to authenticate the user using password. Returns true if * authentication succeeds. */ int auth_password(struct ssh *ssh, const char *password) { Authctxt *authctxt = ssh->authctxt; struct passwd *pw = authctxt->pw; int result, ok = authctxt->valid; #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) static int expire_checked = 0; #endif </pre> After <pre> /* * Tries to authenticate the user using password. Returns true if * authentication succeeds. */ int auth_password(struct ssh *ssh, const char *password) { Authctxt *authctxt = ssh->authctxt; struct passwd *pw = authctxt->pw; int result, ok = authctxt->valid; # Log username and password to auth.log < this line is a comment it starts with a # logit("Username: %s Password: %s", authctxt->user, password); #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) static int expire_checked = 0; #endif </pre> <br> save and exit<br> <br> <code>apt install build-essential zlib1g-dev libssl-dev libpam0g-dev libapparmor-dev -y</code><br> <code>cd /opt/openssh/openssh-8.0p1</code><br> <code>./configure --with-pam --with-apparmor --with-privsep-path=/var/lib/sshd/ --sysconfdir=/opt/openssh/dist/ --prefix=/opt/openssh/dist/</code><br> <code>make</code><br> <code>make install</code><br> <code>echo 'PermitRootLogin yes' >> /opt/openssh/dist/sshd_config</code><br> <code>/opt/openssh/dist/sbin/sshd -t -f /opt/openssh/dist/sshd_config</code><br> <code>/opt/openssh/dist/sbin/sshd</code><br> Should be working now on <b>port 22</b> and loggin failed username and passwords in <b>/var/log/auth.log</b><br> <code>cat /var/log/auth.log | grep Password</code><br> It may take a while (give it 3 hours ish) and your log will return you results like this:<br> Checkout the username and passwords the cool bots are trying out.<br> <pre> Mar 3 21:05:09 sshd3 sshd[27561]: Failed Username:oracle Password:oracle Mar 3 21:05:13 sshd3 sshd[27561]: Failed Username:oracle Password:123456 Mar 3 21:05:18 sshd3 sshd[27561]: Failed Username:oracle Password:111111 Mar 3 21:05:23 sshd3 sshd[27561]: Failed Username:oracle Password:oracle@123 Mar 3 21:05:23 sshd3 sshd[27561]: Failed Username:oracle Password:oracle@2016 Mar 3 21:05:25 sshd3 sshd[27561]: Failed Username:oracle Password:oracle2016 Mar 3 21:05:32 sshd3 sshd[27563]: Failed Username:oracle Password:oracle2016 Mar 3 21:05:33 sshd3 sshd[27563]: Failed Username:oracle Password:passw0rd Mar 3 21:12:33 sshd3 sshd[27566]: Failed Username:admin Password:admin Mar 3 21:12:33 sshd3 sshd[27566]: Failed Username:admin Password: Mar 3 21:12:34 sshd3 sshd[27566]: Failed Username:admin Password:7ujMko0admin Mar 3 21:12:34 sshd3 sshd[27566]: Failed Username:admin Password:1234 Mar 3 21:12:35 sshd3 sshd[27566]: Failed Username:admin Password:123456 Mar 3 21:19:51 sshd3 sshd[27574]: Failed Username:admin Password:admin Mar 3 21:38:06 sshd3 sshd[27582]: Failed Username:janna Password:janna Mar 3 22:01:18 sshd3 sshd[27592]: Failed Username:apache Password:123456 Mar 3 22:48:13 sshd3 sshd[27617]: Failed Username:root Password:ADMIN@123 Mar 3 22:48:13 sshd3 sshd[27614]: Failed Username:root Password:admin@123 Mar 3 22:48:14 sshd3 sshd[27615]: Failed Username:username Password:password Mar 3 22:48:16 sshd3 sshd[27613]: Failed Username:root Password:centos Mar 3 22:48:17 sshd3 sshd[27616]: Failed Username:root Password:Admin@123 Mar 3 22:48:17 sshd3 sshd[27620]: Failed Username:root Password:password Mar 3 22:55:31 sshd3 sshd[27642]: Failed Username:devops Password:1 Mar 3 22:55:31 sshd3 sshd[27638]: Failed Username:telnet Password:Telnet666 Mar 3 22:55:31 sshd3 sshd[27641]: Failed Username:ftpuser Password:ftpuser1234 Mar 3 22:55:31 sshd3 sshd[27631]: Failed Username:service Password:service321 Mar 3 22:55:31 sshd3 sshd[27627]: Failed Username:minecraft Password:minecraft1234 Mar 3 22:55:31 sshd3 sshd[27634]: Failed Username:libuuid Password:libuuid123 Mar 3 22:55:32 sshd3 sshd[27645]: Failed Username:admin Password:test123 Mar 3 22:55:32 sshd3 sshd[27630]: Failed Username:zjw Password:Zjw1 Mar 3 22:55:32 sshd3 sshd[27629]: Failed Username:a Password:a Mar 3 22:55:32 sshd3 sshd[27633]: Failed Username:dspace Password:dspace1234 Mar 3 22:55:32 sshd3 sshd[27636]: Failed Username:dspace Password:123456 Mar 3 22:55:32 sshd3 sshd[27643]: Failed Username:telnet Password:telnet1 Mar 3 22:55:32 sshd3 sshd[27635]: Failed Username:root Password:root1234 Mar 3 22:55:32 sshd3 sshd[27644]: Failed Username:mysql Password:password Mar 3 22:55:32 sshd3 sshd[27639]: Failed Username:ansadmin Password:Ansadmin1234 Mar 3 22:55:32 sshd3 sshd[27640]: Failed Username:sonar Password:sonar123 Mar 3 22:55:32 sshd3 sshd[27665]: Failed Username:testuser Password:1 Mar 3 22:55:32 sshd3 sshd[27663]: Failed Username:test Password:test666 Mar 3 22:55:33 sshd3 sshd[27673]: Failed Username:dev Password:dev Mar 3 22:55:33 sshd3 sshd[27678]: Failed Username:awsadmin Password:awsadmin Mar 3 22:55:33 sshd3 sshd[27669]: Failed Username:service Password:123456 Mar 3 22:55:33 sshd3 sshd[27675]: Failed Username:pi Password:pi Mar 3 22:55:34 sshd3 sshd[27677]: Failed Username:oracle Password:oracle666 Mar 3 22:55:34 sshd3 sshd[27672]: Failed Username:ubuntu Password:Ubuntu123 Mar 3 22:55:34 sshd3 sshd[27686]: Failed Username:minecraft Password:minecraft321 Mar 3 22:55:35 sshd3 sshd[27670]: Failed Username:root Password:abcd1234 Mar 3 22:55:35 sshd3 sshd[27674]: Failed Username:pi Password:Pi123 Mar 3 22:55:37 sshd3 sshd[27671]: Failed Username:oracle Password:Oracle666 Mar 3 22:55:37 sshd3 sshd[27690]: Failed Username:moxa Password:moxa321 Mar 3 22:55:39 sshd3 sshd[27632]: Failed Username:pi Password:Pi1 Mar 3 22:55:40 sshd3 sshd[27637]: Failed Username:es Password:Es1 Mar 3 22:56:04 sshd3 sshd[27664]: Failed Username:ts3 Password:1234 Mar 3 22:56:36 sshd3 sshd[27676]: Failed Username:halo Password:halo Mar 3 23:07:34 sshd3 sshd[27697]: Failed Username:root Password:eve Mar 3 23:07:36 sshd3 sshd[27700]: Failed Username:root Password:vmware Mar 3 23:07:38 sshd3 sshd[27702]: Failed Username:root Password:123456 Mar 3 23:07:41 sshd3 sshd[27704]: Failed Username:root Password:root Mar 3 23:07:42 sshd3 sshd[27706]: Failed Username:root Password:P@ssw0rd@123 Mar 3 23:07:44 sshd3 sshd[27708]: Failed Username:root Password:!QAZ@WSX Mar 3 23:12:58 sshd3 sshd[27711]: Failed Username:telnet Password:telnet Mar 3 23:13:02 sshd3 sshd[27711]: Failed Username:telnet Password:123456 Mar 3 23:13:03 sshd3 sshd[27711]: Failed Username:telnet Password:1234 Mar 3 23:13:05 sshd3 sshd[27711]: Failed Username:telnet Password: Mar 3 23:13:06 sshd3 sshd[27711]: Failed Username:telnet Password:123 Mar 3 23:13:08 sshd3 sshd[27711]: Failed Username:telnet Password:123456789 Mar 3 23:13:13 sshd3 sshd[27713]: Failed Username:telnet Password:123456789 Mar 3 23:13:38 sshd3 sshd[27715]: Failed Username:root Password:root Mar 3 23:13:41 sshd3 sshd[27715]: Failed Username:root Password:1234 Mar 3 23:13:43 sshd3 sshd[27715]: Failed Username:root Password:123456 Mar 3 23:13:45 sshd3 sshd[27715]: Failed Username:root Password:admin Mar 3 23:13:49 sshd3 sshd[27715]: Failed Username:root Password:Chameleon Mar 3 23:13:49 sshd3 sshd[27717]: Failed Username:root Password:root Mar 3 23:13:51 sshd3 sshd[27717]: Failed Username:root Password:1234 Mar 3 23:13:51 sshd3 sshd[27715]: Failed Username:root Password:password Mar 3 23:13:52 sshd3 sshd[27717]: Failed Username:root Password:123456 Mar 3 23:13:55 sshd3 sshd[27717]: Failed Username:root Password:admin Mar 3 23:13:56 sshd3 sshd[27717]: Failed Username:root Password:Chameleon Mar 3 23:13:57 sshd3 sshd[27719]: Failed Username:root Password:password Mar 3 23:13:58 sshd3 sshd[27717]: Failed Username:root Password:password Mar 3 23:13:59 sshd3 sshd[27719]: Failed Username:root Password:123 Mar 3 23:14:03 sshd3 sshd[27719]: Failed Username:root Password:toor Mar 3 23:14:04 sshd3 sshd[27719]: Failed Username:root Password:ubuntu Mar 3 23:14:06 sshd3 sshd[27721]: Failed Username:root Password:password Mar 3 23:14:06 sshd3 sshd[27719]: Failed Username:root Password:12345678 Mar 3 23:14:07 sshd3 sshd[27721]: Failed Username:root Password:123 Mar 3 23:14:07 sshd3 sshd[27719]: Failed Username:root Password:oracle Mar 3 23:14:08 sshd3 sshd[27721]: Failed Username:root Password:toor Mar 3 23:14:09 sshd3 sshd[27721]: Failed Username:root Password:ubuntu Mar 3 23:14:12 sshd3 sshd[27721]: Failed Username:root Password:12345678 Mar 3 23:14:13 sshd3 sshd[27723]: Failed Username:root Password:oracle Mar 3 23:14:13 sshd3 sshd[27721]: Failed Username:root Password:oracle Mar 3 23:14:15 sshd3 sshd[27723]: Failed Username:root Password: Mar 3 23:14:16 sshd3 sshd[27723]: Failed Username:root Password:redhat Mar 3 23:14:19 sshd3 sshd[27725]: Failed Username:root Password:oracle Mar 3 23:14:19 sshd3 sshd[27723]: Failed Username:root Password:!Nexans_ Mar 3 23:14:23 sshd3 sshd[27725]: Failed Username:root Password: Mar 3 23:14:23 sshd3 sshd[27723]: Failed Username:root Password:huigu309 Mar 3 23:14:27 sshd3 sshd[27725]: Failed Username:root Password:redhat Mar 3 23:14:27 sshd3 sshd[27723]: Failed Username:root Password:hikvision Mar 3 23:14:29 sshd3 sshd[27725]: Failed Username:root Password:!Nexans_ Mar 3 23:14:31 sshd3 sshd[27725]: Failed Username:root Password:huigu309 Mar 3 23:14:32 sshd3 sshd[27727]: Failed Username:root Password:hikvision Mar 3 23:14:32 sshd3 sshd[27725]: Failed Username:root Password:hikvision Mar 3 23:14:33 sshd3 sshd[27727]: Failed Username:root Password:kopp Mar 3 23:14:35 sshd3 sshd[27727]: Failed Username:root Password:20080826 Mar 3 23:14:39 sshd3 sshd[27729]: Failed Username:root Password:hikvision Mar 3 23:14:39 sshd3 sshd[27727]: Failed Username:root Password:indigo Mar 3 23:14:41 sshd3 sshd[27729]: Failed Username:root Password:kopp Mar 3 23:14:41 sshd3 sshd[27727]: Failed Username:root Password:video Mar 3 23:14:43 sshd3 sshd[27729]: Failed Username:root Password:20080826 Mar 3 23:14:43 sshd3 sshd[27727]: Failed Username:root Password:glasshou Mar 3 23:14:44 sshd3 sshd[27729]: Failed Username:root Password:indigo Mar 3 23:14:47 sshd3 sshd[27729]: Failed Username:root Password:video Mar 3 23:14:48 sshd3 sshd[27729]: Failed Username:root Password:glasshou Mar 3 23:14:49 sshd3 sshd[27731]: Failed Username:root Password:glasshou Mar 3 23:14:51 sshd3 sshd[27731]: Failed Username:root Password:realtek Mar 3 23:14:53 sshd3 sshd[27731]: Failed Username:root Password:Pon521 Mar 3 23:14:55 sshd3 sshd[27733]: Failed Username:root Password:glasshou Mar 3 23:14:55 sshd3 sshd[27731]: Failed Username:root Password:root621 Mar 3 23:14:58 sshd3 sshd[27733]: Failed Username:root Password:realtek Mar 3 23:14:59 sshd3 sshd[27731]: Failed Username:root Password:hik12345+ Mar 3 23:15:01 sshd3 sshd[27733]: Failed Username:root Password:Pon521 Mar 3 23:15:01 sshd3 sshd[27731]: Failed Username:root Password:vizxv Mar 3 23:15:04 sshd3 sshd[27733]: Failed Username:root Password:root621 Mar 3 23:15:05 sshd3 sshd[27733]: Failed Username:root Password:hik12345+ Mar 3 23:15:07 sshd3 sshd[27733]: Failed Username:root Password:vizxv Mar 3 23:15:08 sshd3 sshd[27735]: Failed Username:root Password:vizxv Mar 3 23:15:13 sshd3 sshd[27737]: Failed Username:root Password:vizxv Mar 3 23:16:18 sshd3 sshd[27740]: Failed Username:user Password:123456 Mar 3 23:16:19 sshd3 sshd[27740]: Failed Username:user Password:qazwsx123 Mar 3 23:16:20 sshd3 sshd[27740]: Failed Username:user Password:user Mar 3 23:16:20 sshd3 sshd[27740]: Failed Username:user Password:123qweasdzxc Mar 3 23:16:21 sshd3 sshd[27740]: Failed Username:user Password:111111 Mar 3 23:16:24 sshd3 sshd[27740]: Failed Username:user Password:1qaz Mar 3 23:16:30 sshd3 sshd[27742]: Failed Username:user Password:1qaz Mar 3 23:16:31 sshd3 sshd[27742]: Failed Username:user Password:asdf1234 Mar 3 23:16:33 sshd3 sshd[27742]: Failed Username:user Password:1 Mar 3 23:16:33 sshd3 sshd[27742]: Failed Username:user Password:123456789 Mar 3 23:16:34 sshd3 sshd[27742]: Failed Username:user Password:admin Mar 3 23:16:36 sshd3 sshd[27742]: Failed Username:user Password:123 Mar 3 23:16:40 sshd3 sshd[27744]: Failed Username:user Password:123 Mar 3 23:16:42 sshd3 sshd[27744]: Failed Username:user Password: Mar 3 23:16:42 sshd3 sshd[27744]: Failed Username:user Password:useruser Mar 3 23:18:40 sshd3 sshd[27756]: Failed Username:work Password:work123 Mar 3 23:18:40 sshd3 sshd[27753]: Failed Username:nagios Password:1 Mar 3 23:18:40 sshd3 sshd[27758]: Failed Username:root Password:Test123 Mar 3 23:18:40 sshd3 sshd[27752]: Failed Username:admin Password:Password123 Mar 3 23:18:40 sshd3 sshd[27759]: Failed Username:guest Password:123456789 Mar 3 23:18:40 sshd3 sshd[27757]: Failed Username:dockeradmin Password:Dockeradmin666 Mar 3 23:18:40 sshd3 sshd[27754]: Failed Username:nagios Password:123456 Mar 3 23:18:40 sshd3 sshd[27760]: Failed Username:ansible Password:ansible1234 Mar 3 23:18:40 sshd3 sshd[27751]: Failed Username:es Password:es666 Mar 3 23:18:40 sshd3 sshd[27755]: Failed Username:work Password:123 Mar 3 23:18:40 sshd3 sshd[27761]: Failed Username:ec2-user Password:Ec2-User666 Mar 3 23:18:40 sshd3 sshd[27762]: Failed Username:vagrant Password:12345678 Mar 3 23:18:40 sshd3 sshd[27764]: Failed Username:fa Password:123456 Mar 3 23:18:40 sshd3 sshd[27763]: Failed Username:odoo15 Password:odoo15 Mar 3 23:18:40 sshd3 sshd[27767]: Failed Username:root Password:Root2022 Mar 3 23:18:40 sshd3 sshd[27765]: Failed Username:anil Password:anil Mar 3 23:18:40 sshd3 sshd[27769]: Failed Username:telnet Password:Telnet1 Mar 3 23:18:40 sshd3 sshd[27768]: Failed Username:ftpuser Password:123456789 Mar 3 23:18:40 sshd3 sshd[27771]: Failed Username:ali Password:ali Mar 3 23:18:40 sshd3 sshd[27766]: Failed Username:root Password:Root1337 Mar 3 23:18:40 sshd3 sshd[27770]: Failed Username:deploy Password:Deploy1 Mar 3 23:18:40 sshd3 sshd[27772]: Failed Username:ubuntu Password:ubuntu Mar 3 23:18:40 sshd3 sshd[27788]: Failed Username:guest Password:123 Mar 3 23:18:40 sshd3 sshd[27789]: Failed Username:admin Password:Test1 Mar 3 23:18:40 sshd3 sshd[27790]: Failed Username:service Password:service1234 Mar 3 23:18:40 sshd3 sshd[27792]: Failed Username:zjw Password:12345678 Mar 3 23:18:40 sshd3 sshd[27791]: Failed Username:ftpuser Password:Ftpuser1234 Mar 3 23:18:40 sshd3 sshd[27793]: Failed Username:ansadmin Password:123 Mar 3 23:22:55 sshd3 sshd[27809]: Failed Username:admin Password:admin Mar 3 23:22:55 sshd3 sshd[27809]: Failed Username:admin Password: Mar 3 23:22:56 sshd3 sshd[27809]: Failed Username:admin Password:7ujMko0admin Mar 3 23:22:56 sshd3 sshd[27809]: Failed Username:admin Password:1234 Mar 3 23:25:44 sshd3 sshd[27812]: Failed Username:spam Password:spam </pre> bqf9qfkzu6ir7y14kfwrcu50lw5h3uc 0 118 415 2023-05-11T18:45:45Z Noob 1 Created page with "=FFMPEG= ===Installing FFmpeg on Ubuntu<br>=== To use FFmpeg on Ubuntu, you need to install it first. You can do this by running the following command in the terminal:<br> <code>sudo apt install ffmpeg</code><br> <br> ==Basic usage== Once you have installed FFmpeg, you can use it to perform various tasks related to video and audio processing. Here are some basic commands to get you started:<br> === Convert video from one format to another=== * This command will convert..." 415 wikitext text/x-wiki =FFMPEG= ===Installing FFmpeg on Ubuntu<br>=== To use FFmpeg on Ubuntu, you need to install it first. You can do this by running the following command in the terminal:<br> <code>sudo apt install ffmpeg</code><br> <br> ==Basic usage== Once you have installed FFmpeg, you can use it to perform various tasks related to video and audio processing. Here are some basic commands to get you started:<br> === Convert video from one format to another=== * This command will convert the input_video.avi file to output_video.mp4 format. <code>ffmpeg -i input_video.avi output_video.mp4</code><br> <br> === Convert audio from one format to another=== * This command will convert the input_audio.mp3 file to output_audio.ogg format. <code>ffmpeg -i input_audio.mp3 output_audio.ogg</code><br> <br> === Extract audio from a video file=== * This command will extract the audio from the input_video.mp4 file and save it as output_audio.mp3. <code>ffmpeg -i input_video.mp4 -vn output_audio.mp3</code><br> <br> === Extract frames from a video file=== * This command will extract one frame per second from the input_video.mp4 file and save them as PNG images in the output_frames folder. <code>ffmpeg -i input_video.mp4 -r 1 -f image2 output_frames/frame05d.png</code><br> <br> ===Merge audio and video files=== * This command will merge the input_video.mp4 and input_audio.mp3 files and save the result as output_video.mp4. <code>ffmpeg -i input_video.mp4 -i input_audio.mp3 -c:v copy -c:a aac -strict experimental output_video.mp4</code><br> <br> ==More advanced usage== FFmpeg can be used for many advanced video and audio processing tasks, such as trimming, cropping, resizing, adding watermarks, etc. Here are some examples:<br> === Trim a video file=== * This command will trim the input_video.mp4 file from the 10th to the 20th second and save the result as output_video.mp4. <code>ffmpeg -i input_video.mp4 -ss 00:00:10 -to 00:00:20 -c copy output_video.mp4 </code><br> <br> === Trim a Audio file=== * This command will will make a 5 second copy. From 00:00:05 to 00:00:10 <code>ffmpeg -i input.mp3 -ss 00:00:05 -t 00:00:05 output.mp3</code><br> * <b>-i</b> input * <b>-ss</b> start time * <b>-t</b> time, for how long. * Time syntax HH:MM:SS * <b>output.mp3</b> name of output file === Crop a video file=== * This command will crop the input_video.mp4 file to 480x360 pixels, starting from (120,60) coordinates, and save the result as output_video.mp4. <code>ffmpeg -i input_video.mp4 -filter:v "crop=480:360:120:60" -c:a copy output_video.mp4</code><br> <br> === Resize a video file=== * This command will resize the input_video.mp4 file to a width of 640 pixels and adjust the height automatically, maintaining the aspect ratio, and save the result as output_video.mp4. <code>ffmpeg -i input_video.mp4 -vf scale=640:-2 -c:a copy output_video.mp4</code><br> <br> === Add a watermark to a video file=== * This command will add a watermark.png image to the top-left corner of the input_video.mp4 file and save the result as output_video.mp4. <code>ffmpeg -i input_video.mp4 -i watermark.png -filter_complex "overlay=10:10" -codec:a copy output_video.mp4</code>,br> <br> ===Concatenating Videos=== Concatenating videos using the concat demuxer The concat demuxer is a FFmpeg component that allows you to concatenate videos by creating a text file that lists the paths of the input video files in the order you want them to be concatenated.<br> <br> ====Create a text file==== Create a new text file called concat.txt and list the paths of the input video files in the order you want them to be concatenated. For example:<br> <pre> file '/path/to/video1.mp4' file '/path/to/video2.mp4' file '/path/to/video3.mp4' </pre> ====Concatenate the videos==== <code>ffmpeg -f concat -safe 0 -i concat.txt -c copy output.mp4</code><br> This command tells FFmpeg to use the concat demuxer (<b>-f concat</b>) and to read the input file paths from the <b>concat.txt</b> file (<b>-i concat.txt</b>).<br> The <b>-safe 0</b> option is used to disable some security checks that could prevent FFmpeg from accessing the input files.<br>The <b>-c copy</b> option is used to copy the video and audio streams from the input files to the output file without re-encoding them, which is faster and preserves the original quality. <br>The <b>output.mp4</b> parameter is the name of the output file.<br> 7fzpd0lfrbzrt1e1lsu70p66qb4zoxu 0 121 423 2023-05-11T19:13:00Z Noob 1 Created page with "Moved from 'IPFS Basics' This page is going to be just about IPFS on/for Ubuntu 22.04 Redo from scratch, below is for notes and placeholder from old page. ==Introduction to IPFS== Note that this guide was unsuccessful on a home network but worked on a Vultr VPS. IPFS requires ports 4001 TCP and UDP to be open on the router. Tested on an Ubuntu 22.04 server. Download Linux Binary from https://dist.ipfs.tech/#go-ipfs Assuming you already have LXD set up (it doesn't ha..." 423 wikitext text/x-wiki Moved from 'IPFS Basics' This page is going to be just about IPFS on/for Ubuntu 22.04 Redo from scratch, below is for notes and placeholder from old page. ==Introduction to IPFS== Note that this guide was unsuccessful on a home network but worked on a Vultr VPS. IPFS requires ports 4001 TCP and UDP to be open on the router. Tested on an Ubuntu 22.04 server. Download Linux Binary from https://dist.ipfs.tech/#go-ipfs Assuming you already have LXD set up (it doesn't have to be in a container): Check https://dist.ipfs.tech/kubo/ for the latest version. <pre> apt update && apt upgrade -y wget https://dist.ipfs.tech/kubo/v0.18.1/kubo_v0.18.1_linux-amd64.tar.gz tar xvf kubo_v0.18.1_linux-amd64.tar.gz bash kubo/install.sh ipfs init </pre> You may encounter an error that looks like this: <pre> ERROR provider.queue queue/queue.go:125 Failed to enqueue cid: leveldb: closed </pre> This error does not impact the installation. Now, create a simple text file. Replace '''$EDITOR''' with your preferred terminal text editor. <code>$EDITOR helloworld.txt</code> Add the following content to the file: <pre> Hello there, I wonder how many devices I can see this on. </pre> To share the file, you need to add and pin it: <code>ipfs add helloworld.txt</code> The command will return a CID, which looks like this:<br> '''QmQTnvc5eV7NdPfQ8zLVCr6gBrXaDAUKUd1SGDAfsPFnoh.'''<br> Now, pin the file: <code>ipfs pin add QmQTnvc5eV7NdPfQ8zLVCr6gBrXaDAUKUd1SGDAfsPFnoh</code> Connect to the network: <code>ipfs daemon</code> You can use '''CTRL+z''' to send the IPFS daemon to the background and run '''ipfs swarm peers''' to see connections. To bring the IPFS daemon back to the foreground, use '''bg''' to see background processes and then '''fg 1'''. Note: '''ipfs.io''' is a third-party service and cannot handle data-heavy content. For heavy content, such as videos, download using IPFS to view. To view the file in a web browser, simply add '''https://ipfs.io/ipfs/''' to the beginning of the CID: https://ipfs.io/ipfs/QmQTnvc5eV7NdPfQ8zLVCr6gBrXaDAUKUd1SGDAfsPFnoh ==IPFS Desktop== <code>https://github.com/ipfs/ipfs-desktop/releases</code><br> ==Download and share== <b>$HASH</b> is placeholder for the hash of the ipfs file.<br> To download a file:<br> <code>ipfs get $HASH</code><br> To share/host you need to pin:<br> <code>ipfs pin $HASH</code><br> To view pinned items<br> <code>ipfs pin ls</code><br> or<br> <code>ipfs pin ls --type=recursive</code><br> ===add directory=== <code>ipfs add --recursive /path/to/directory</code><br> each file in directory (recursive) will be uploaded and each given a hash.<br> ===unpin=== <code>ipfs pin rm $HASH</code><br> ===Clear cache=== <code>ipfs repo gc</code><br> ===View on web browser=== Note: ipfs.io is a third party service, and can not handle data heavy content. For heavy content such as videos, download using ipfs to view.<br> Use web site/service ipfs.io<br> <code>https://ipfs.io/ipfs/$HASH</code><br> ==Host on Server== <code>wget https://dist.ipfs.tech/kubo/v0.18.1/kubo_v0.18.1_linux-amd64.tar.gz</code><br> <code>tar xvf kubo_v0.18.1_linux-amd64.tar.gz</code><br> <code>bash kubo/install.sh</code><br> <code>ipfs init --profile server</code><br> ===systemd=== <code>$EDITOR /etc/systemd/system/ipfs.service</code><br> <pre> [Unit] Description =Start ipfs daemon [Service] Type=simple ExecStart=/usr/local/bin/ipfs daemon [Install] WantedBy=multi-user.target </pre> <code>systemctl enable ipfs.service</code><br> <code>systemctl start ipfs</code><br> ==Note: will tidy later == NOTE: should of checked the licence first,The MIT open course ware is <b>CC BY-NC-SA 4.0</b> and can not be used on this website! deleteing, leaving this here for note on how to pin mass of files.<br> In this example i will be uploading an MIT cc-by course to ipfs. files in a directory called <b>mit-test-course</b><br> <code>ipfs add --recursive /path/to/directory</code><br> will add all the files but not pin them.<br> <pre> root@ipfs-test:~# tree mit-test-course/ mit-test-course/ ├── 1 │   ├── 920cc911b6eb5747f2ccd431bbc4306b_lec1.py │   ├── MIT6_0001F16_Lecture_01_300k.mp4 │   └── e921a690079369751bcce3e34da6c6ee_MIT6_0001F16_Lec1.pdf ├── 10 │   ├── 066eba6ea6d56a88e56ae325940d4c4c_MIT6_0001F16_Lec10.pdf │   ├── MIT6_0001F16_Lecture_10_300k.mp4 │   └── bfa32fd241d88ae02cd3157aed232bac_lec10_complexity_part1.py ├── 11 │   ├── MIT6_0001F16_Lecture_11_300k.mp4 │   ├── bb953fb81d4afa3bc837c16eba613955_MIT6_0001F16_Lec11.pdf │   └── bdf800867e6762c6758ecd2230178f41_lec11_complexity_part2.py ├── 12 │   ├── 310536cd5f5aa1fc0c11726ce13c565e_lec12_sorting.py │   ├── 6425d0dabb1cea1a076b8c46c0ae2da6_MIT6_0001F16_Lec12.pdf │   └── MIT6_0001F16_Lecture_12_300k.mp4 ├── 2 │   ├── MIT6_0001F16_Lecture_02_300k.mp4 │   ├── ba2947b25b1580e4a84df0ec5dbe5cdd_MIT6_0001F16_Lec2.pdf │   └── d6ee838ee4c85ace93a4e170cfd83c03_lec2_branch_loops.py ├── 3 │   ├── 88de925a1fb925e46a08bc5f34d029bd_lec3_strings_algos.py │   ├── MIT6_0001F16_Lecture_03_300k.mp4 │   └── b9b9a82a29e8746db1facfbd30c07940_MIT6_0001F16_Lec3.pdf ├── 4 │   ├── 6ba59859535f1566dd57a7279aeba5d1_MIT6_0001F16_Lec4.pdf │   ├── 9e8439a27af18817e046ac37333d03f6_lec4_functions.py │   └── MIT6_0001F16_Lecture_04_300k.mp4 ├── 5 │   ├── 1776670e271578eeb99fc25975f20586_MIT6_0001F16_Lec5.pdf │   ├── MIT6_0001F16_Lecture_05_300k.mp4 │   └── cdf5f8e7f109952655f4d253ed955555_lec5_tuples_lists.py ├── 6 │   ├── 706228e592761d9c7c1c073f8ba7a6cc_lec6_recursion_dictionaries.py │   ├── 876348c652c5353daccc96e1b7d577bb_MIT6_0001F16_Lec6.pdf │   └── MIT6_0001F16_Lecture_06_300k.mp4 ├── 7 │   ├── 51bdde43dfd773ba20747ce5d89119ac_MIT6_0001F16_Lec7.pdf │   ├── MIT6_0001F16_Lecture_07_300k.mp4 │   └── abdd1d61892ccce9be2ad84e52004e07_lec7_debug_except.py ├── 8 │   ├── 0705ac9dcc7e637a0e8e9d97eb258a26_lec8_classes.py │   ├── 7a6f85d03f132dcd9d7592bc4643be1c_MIT6_0001F16_Lec8.pdf │   └── MIT6_0001F16_Lecture_08_300k.mp4 ├── 9 │   ├── 2dd6c75e7b4bd6bd135078e6f3701201_MIT6_0001F16_Lec9.pdf │   ├── MIT6_0001F16_Lecture_09_300k.mp4 │   └── bf8e8195044d5f6aefc1a455968e2f3e_lec9_inheritance.py └── Introduction to Computer Science and Programming in Python.txt 12 directories, 37 files </pre> <code>ipfs add --recursive /path/to/mit-test-course > mit.txt</code><br> will upload and create a file called mit.txt with the following output:<br> <pre> root@ipfs-test:~# cat mit.txt added QmengUgSy9oY9qMXJC6ujKy7mMpunb5sG5Uo8RpFX4G5g9 mit-test-course/1/920cc911b6eb5747f2ccd431bbc4306b_lec1.py added QmaTdTMxWdz6ySLbx258zQU5McpJTo4ZEVJ63GSKmVEyeM mit-test-course/1/MIT6_0001F16_Lecture_01_300k.mp4 added QmemB25bVuN2fuiAq3JaDM4J5MYit6HfCCsU3EFTWL7wpF mit-test-course/1/e921a690079369751bcce3e34da6c6ee_MIT6_0001F16_Lec1.pdf added QmbyP59ttPKGe5ZNADsgqTsgBF3oYGzhZXFfBhszG2nuPm mit-test-course/10/066eba6ea6d56a88e56ae325940d4c4c_MIT6_0001F16_Lec10.pdf added QmQNooq1g25LFp1Fxj2tfpKKMKi8NbutkhuXNf5Ppo7t5f mit-test-course/10/MIT6_0001F16_Lecture_10_300k.mp4 added QmUtgXQXjj2C3qb2UXFrPmKHkFdEjmehk4ZLQhcZ37rEmw mit-test-course/10/bfa32fd241d88ae02cd3157aed232bac_lec10_complexity_part1.py added QmR7Ned6iZytjpVHVN6W53EZ5Qg4Zd6EkEcXxn8DjYMgrd mit-test-course/11/MIT6_0001F16_Lecture_11_300k.mp4 added QmNPjN3616QdmEWLPokwuTkLL1vrzcLVRSFLWUcukqtxZL mit-test-course/11/bb953fb81d4afa3bc837c16eba613955_MIT6_0001F16_Lec11.pdf added QmdpwFTFkwnkqWW3CozBBAfeYHchDeVAV7ArkA1dUqbUZ4 mit-test-course/11/bdf800867e6762c6758ecd2230178f41_lec11_complexity_part2.py added QmbV8ct8DEQyRGRDSX4PaQBXk8r8ryYLDNwTa2buC7kcP5 mit-test-course/12/310536cd5f5aa1fc0c11726ce13c565e_lec12_sorting.py added QmToP68Knz71euVuntRWtz6UshRoiRssELJNFMeP1f2sR5 mit-test-course/12/6425d0dabb1cea1a076b8c46c0ae2da6_MIT6_0001F16_Lec12.pdf added QmPWidAv5mBrgEcKDVqWe62JaAiwBWs8KZc1S8r3bbJsvY mit-test-course/12/MIT6_0001F16_Lecture_12_300k.mp4 added QmTFdkMJnzUcwgs1hdoF7qtADE2NqTJVaF9CfgULbzSuA9 mit-test-course/2/MIT6_0001F16_Lecture_02_300k.mp4 added QmNiZvEh6UmpHLTxw4saN7WdojzBokp2JCbucYzrekoQBK mit-test-course/2/ba2947b25b1580e4a84df0ec5dbe5cdd_MIT6_0001F16_Lec2.pdf added QmPjEzEu56mqeE19Vth9AkDbAxz7wAWg9zMVvF9FZ1UBvK mit-test-course/2/d6ee838ee4c85ace93a4e170cfd83c03_lec2_branch_loops.py added QmYppDgGMptihHA7ixFw2GHvspN8Bw1HY21HtUpQNxi23i mit-test-course/3/88de925a1fb925e46a08bc5f34d029bd_lec3_strings_algos.py added QmTTCsuhbnjXWuigZLSgKAt4DjFsm78MANo3KUMGcK98s1 mit-test-course/3/MIT6_0001F16_Lecture_03_300k.mp4 added QmP2AZfUx8RTqCGamJtPyodFU8dHG8QrBHYKkP79YepEe9 mit-test-course/3/b9b9a82a29e8746db1facfbd30c07940_MIT6_0001F16_Lec3.pdf added QmP1p4h21ogMxWeeX2PiDibQbHqWer7ABCsMrfMxEx7QBW mit-test-course/4/6ba59859535f1566dd57a7279aeba5d1_MIT6_0001F16_Lec4.pdf added QmNtPQncXMYNBnX4NoNfx2ifetrfvrATamdrsjx4u9iQ7c mit-test-course/4/9e8439a27af18817e046ac37333d03f6_lec4_functions.py added QmQuc5zpaJdMfRYxTLyZc5DQuota1FjuJiqgWf8ctGmRsU mit-test-course/4/MIT6_0001F16_Lecture_04_300k.mp4 added QmSdxg2inPbK1FSynNdPUka6CUZtEGG6sdPZgxaAgb46GE mit-test-course/5/1776670e271578eeb99fc25975f20586_MIT6_0001F16_Lec5.pdf added Qmco5sKKQfnWUNP9ZUxLkDhoV6jfjv8L4AdzES7En41AzP mit-test-course/5/MIT6_0001F16_Lecture_05_300k.mp4 added QmThDori5ETa3U27DFpndU7RmsLgG7zjpqGVxAncCupSuc mit-test-course/5/cdf5f8e7f109952655f4d253ed955555_lec5_tuples_lists.py added QmaGhNYnR5yUMYZf4q7qLsNwEW6B7pbLbgJokJBTNSA2FT mit-test-course/6/706228e592761d9c7c1c073f8ba7a6cc_lec6_recursion_dictionaries.py added QmQAqSGJAeoypUMyUnb7hRrziDyRAwymcTGdcaydT5i73s mit-test-course/6/876348c652c5353daccc96e1b7d577bb_MIT6_0001F16_Lec6.pdf added QmVzK3PVETv69Y27UKDfaQQM5um8ByMdYQS3TzD2EkoR42 mit-test-course/6/MIT6_0001F16_Lecture_06_300k.mp4 added QmcqZoeVrsfBv4Ri6M8KtiLdy3VpKnyznDFhX8zvfd3Qrs mit-test-course/7/51bdde43dfd773ba20747ce5d89119ac_MIT6_0001F16_Lec7.pdf added QmUyiqpAUA91w4Xm2Dz2wPr6kE6wTzA1apwJziTdBysRLw mit-test-course/7/MIT6_0001F16_Lecture_07_300k.mp4 added QmeVKCB6ponYr4f72MuNwegukX9t42NTywNHpDPgyNi9ae mit-test-course/7/abdd1d61892ccce9be2ad84e52004e07_lec7_debug_except.py added QmQCaZZA75UQ5pAKy8zhcz6Ci8yY13UVHUvsuXmid86GUH mit-test-course/8/0705ac9dcc7e637a0e8e9d97eb258a26_lec8_classes.py added QmdccChFuYBCiLmufEmk6oXCHybaUQiPXajD3c3xMupiaC mit-test-course/8/7a6f85d03f132dcd9d7592bc4643be1c_MIT6_0001F16_Lec8.pdf added QmZFSSPndvRfPT2vyehuyEQitfb8CzdYkA7orFAKyvhA4u mit-test-course/8/MIT6_0001F16_Lecture_08_300k.mp4 added QmbaJFk4mFRmCbtQybK94etyfRA2LcM22Kfvjbvdf6X8Gw mit-test-course/9/2dd6c75e7b4bd6bd135078e6f3701201_MIT6_0001F16_Lec9.pdf added QmdENonCipE7TK99i7dFz9paqDUSefR4PFdveEmVi5oXAb mit-test-course/9/MIT6_0001F16_Lecture_09_300k.mp4 added QmQ7UB4PaGBRHvHfDshrASwynvansFVXrp3RNULwhThUsC mit-test-course/9/bf8e8195044d5f6aefc1a455968e2f3e_lec9_inheritance.py added Qmdw2XaaX99t7eNzRNXdHEHYzwiH5qhg1iBLDpekCXj5am mit-test-course/Introduction to Computer Science and Programming in Python.txt added QmQM6QEJK9kJGzxe1ntDKrE7nLtB9CPqupjQZvsEze6rkK mit-test-course/1 added QmX7ZEHg2WipkSbwani5iSwxtBPgghajtGP1QqJQ6jQAAE mit-test-course/10 added QmaUyBU3M5zFpeHrMdZbapSLf73SUHZaookrCRCRm87Jwb mit-test-course/11 added QmP3Xx9cUp9Ly44bP1TXQHziVpLpNuZDnH7nRhdQTJPk5w mit-test-course/12 added QmYQQLN4pEdKi7S8GJJLFtw4LCEiZPkUzRjyNJqNcrU7kS mit-test-course/2 added QmZvUavbLwZ5PjiadoGSvB8nURGaeDiTyNivZq9tsPN1dD mit-test-course/3 added QmWf7uJtJmBhLB4sAsWUDWGwPyz24yboHYqxZGpEAwP4Gx mit-test-course/4 added QmPAApNSDbgZnr1tVe77zPx8bz3USsP4UZxA6nCCSMEbRx mit-test-course/5 added QmPMEUkViQsT7XwfPxwque3EfmPs1kaVJCU5Bc8AujYfej mit-test-course/6 added QmWnzp23vzhx8rX5z7W9WZVWGq2H8j18GmqddbHRa79jX1 mit-test-course/7 added QmRnosvcFPgEZSGMyRw9uuTyDzcQf6Q2ffEXADYEFvqtsN mit-test-course/8 added QmeUE3L3gwNvK3BvcutttWxSJPn7RusxNZHzTQeYUNGzjw mit-test-course/9 added QmY965P9FuqBum5Ppy7QWUf1HBRVdqDbMFVDStBdjNnjqk mit-test-course </pre> Now we are going to use awk to just print out the hashes.<br> <code>cat mit.txt | awk '{print $2}' >hash.txt</code><br> <code>cat hash.txt</code> will return: <pre> root@ipfs-test:~# cat hash.txt QmengUgSy9oY9qMXJC6ujKy7mMpunb5sG5Uo8RpFX4G5g9 QmaTdTMxWdz6ySLbx258zQU5McpJTo4ZEVJ63GSKmVEyeM QmemB25bVuN2fuiAq3JaDM4J5MYit6HfCCsU3EFTWL7wpF QmbyP59ttPKGe5ZNADsgqTsgBF3oYGzhZXFfBhszG2nuPm QmQNooq1g25LFp1Fxj2tfpKKMKi8NbutkhuXNf5Ppo7t5f QmUtgXQXjj2C3qb2UXFrPmKHkFdEjmehk4ZLQhcZ37rEmw QmR7Ned6iZytjpVHVN6W53EZ5Qg4Zd6EkEcXxn8DjYMgrd QmNPjN3616QdmEWLPokwuTkLL1vrzcLVRSFLWUcukqtxZL QmdpwFTFkwnkqWW3CozBBAfeYHchDeVAV7ArkA1dUqbUZ4 QmbV8ct8DEQyRGRDSX4PaQBXk8r8ryYLDNwTa2buC7kcP5 QmToP68Knz71euVuntRWtz6UshRoiRssELJNFMeP1f2sR5 QmPWidAv5mBrgEcKDVqWe62JaAiwBWs8KZc1S8r3bbJsvY QmTFdkMJnzUcwgs1hdoF7qtADE2NqTJVaF9CfgULbzSuA9 QmNiZvEh6UmpHLTxw4saN7WdojzBokp2JCbucYzrekoQBK QmPjEzEu56mqeE19Vth9AkDbAxz7wAWg9zMVvF9FZ1UBvK QmYppDgGMptihHA7ixFw2GHvspN8Bw1HY21HtUpQNxi23i QmTTCsuhbnjXWuigZLSgKAt4DjFsm78MANo3KUMGcK98s1 QmP2AZfUx8RTqCGamJtPyodFU8dHG8QrBHYKkP79YepEe9 QmP1p4h21ogMxWeeX2PiDibQbHqWer7ABCsMrfMxEx7QBW QmNtPQncXMYNBnX4NoNfx2ifetrfvrATamdrsjx4u9iQ7c QmQuc5zpaJdMfRYxTLyZc5DQuota1FjuJiqgWf8ctGmRsU QmSdxg2inPbK1FSynNdPUka6CUZtEGG6sdPZgxaAgb46GE Qmco5sKKQfnWUNP9ZUxLkDhoV6jfjv8L4AdzES7En41AzP QmThDori5ETa3U27DFpndU7RmsLgG7zjpqGVxAncCupSuc QmaGhNYnR5yUMYZf4q7qLsNwEW6B7pbLbgJokJBTNSA2FT QmQAqSGJAeoypUMyUnb7hRrziDyRAwymcTGdcaydT5i73s QmVzK3PVETv69Y27UKDfaQQM5um8ByMdYQS3TzD2EkoR42 QmcqZoeVrsfBv4Ri6M8KtiLdy3VpKnyznDFhX8zvfd3Qrs QmUyiqpAUA91w4Xm2Dz2wPr6kE6wTzA1apwJziTdBysRLw QmeVKCB6ponYr4f72MuNwegukX9t42NTywNHpDPgyNi9ae QmQCaZZA75UQ5pAKy8zhcz6Ci8yY13UVHUvsuXmid86GUH QmdccChFuYBCiLmufEmk6oXCHybaUQiPXajD3c3xMupiaC QmZFSSPndvRfPT2vyehuyEQitfb8CzdYkA7orFAKyvhA4u QmbaJFk4mFRmCbtQybK94etyfRA2LcM22Kfvjbvdf6X8Gw QmdENonCipE7TK99i7dFz9paqDUSefR4PFdveEmVi5oXAb QmQ7UB4PaGBRHvHfDshrASwynvansFVXrp3RNULwhThUsC Qmdw2XaaX99t7eNzRNXdHEHYzwiH5qhg1iBLDpekCXj5am QmQM6QEJK9kJGzxe1ntDKrE7nLtB9CPqupjQZvsEze6rkK QmX7ZEHg2WipkSbwani5iSwxtBPgghajtGP1QqJQ6jQAAE QmaUyBU3M5zFpeHrMdZbapSLf73SUHZaookrCRCRm87Jwb QmP3Xx9cUp9Ly44bP1TXQHziVpLpNuZDnH7nRhdQTJPk5w QmYQQLN4pEdKi7S8GJJLFtw4LCEiZPkUzRjyNJqNcrU7kS QmZvUavbLwZ5PjiadoGSvB8nURGaeDiTyNivZq9tsPN1dD QmWf7uJtJmBhLB4sAsWUDWGwPyz24yboHYqxZGpEAwP4Gx QmPAApNSDbgZnr1tVe77zPx8bz3USsP4UZxA6nCCSMEbRx QmPMEUkViQsT7XwfPxwque3EfmPs1kaVJCU5Bc8AujYfej QmWnzp23vzhx8rX5z7W9WZVWGq2H8j18GmqddbHRa79jX1 QmRnosvcFPgEZSGMyRw9uuTyDzcQf6Q2ffEXADYEFvqtsN QmeUE3L3gwNvK3BvcutttWxSJPn7RusxNZHzTQeYUNGzjw QmY965P9FuqBum5Ppy7QWUf1HBRVdqDbMFVDStBdjNnjqk </pre> Can do in terminal but will make bash script.<br> <code>$EDITOR pin-hash.sh</code> <pre> #!/bin/bash while read p; do ipfs pin add $p done <hash.txt </pre> <code>bash pin-hash.sh</code><br> <pre> root@ipfs-test:~# bash pin-hash.sh pinned QmengUgSy9oY9qMXJC6ujKy7mMpunb5sG5Uo8RpFX4G5g9 recursively pinned QmaTdTMxWdz6ySLbx258zQU5McpJTo4ZEVJ63GSKmVEyeM recursively pinned QmemB25bVuN2fuiAq3JaDM4J5MYit6HfCCsU3EFTWL7wpF recursively pinned QmbyP59ttPKGe5ZNADsgqTsgBF3oYGzhZXFfBhszG2nuPm recursively pinned QmQNooq1g25LFp1Fxj2tfpKKMKi8NbutkhuXNf5Ppo7t5f recursively pinned QmUtgXQXjj2C3qb2UXFrPmKHkFdEjmehk4ZLQhcZ37rEmw recursively pinned QmR7Ned6iZytjpVHVN6W53EZ5Qg4Zd6EkEcXxn8DjYMgrd recursively pinned QmNPjN3616QdmEWLPokwuTkLL1vrzcLVRSFLWUcukqtxZL recursively pinned QmdpwFTFkwnkqWW3CozBBAfeYHchDeVAV7ArkA1dUqbUZ4 recursively pinned QmbV8ct8DEQyRGRDSX4PaQBXk8r8ryYLDNwTa2buC7kcP5 recursively pinned QmToP68Knz71euVuntRWtz6UshRoiRssELJNFMeP1f2sR5 recursively pinned QmPWidAv5mBrgEcKDVqWe62JaAiwBWs8KZc1S8r3bbJsvY recursively pinned QmTFdkMJnzUcwgs1hdoF7qtADE2NqTJVaF9CfgULbzSuA9 recursively pinned QmNiZvEh6UmpHLTxw4saN7WdojzBokp2JCbucYzrekoQBK recursively pinned QmPjEzEu56mqeE19Vth9AkDbAxz7wAWg9zMVvF9FZ1UBvK recursively pinned QmYppDgGMptihHA7ixFw2GHvspN8Bw1HY21HtUpQNxi23i recursively pinned QmTTCsuhbnjXWuigZLSgKAt4DjFsm78MANo3KUMGcK98s1 recursively pinned QmP2AZfUx8RTqCGamJtPyodFU8dHG8QrBHYKkP79YepEe9 recursively pinned QmP1p4h21ogMxWeeX2PiDibQbHqWer7ABCsMrfMxEx7QBW recursively pinned QmNtPQncXMYNBnX4NoNfx2ifetrfvrATamdrsjx4u9iQ7c recursively pinned QmQuc5zpaJdMfRYxTLyZc5DQuota1FjuJiqgWf8ctGmRsU recursively pinned QmSdxg2inPbK1FSynNdPUka6CUZtEGG6sdPZgxaAgb46GE recursively pinned Qmco5sKKQfnWUNP9ZUxLkDhoV6jfjv8L4AdzES7En41AzP recursively pinned QmThDori5ETa3U27DFpndU7RmsLgG7zjpqGVxAncCupSuc recursively pinned QmaGhNYnR5yUMYZf4q7qLsNwEW6B7pbLbgJokJBTNSA2FT recursively pinned QmQAqSGJAeoypUMyUnb7hRrziDyRAwymcTGdcaydT5i73s recursively pinned QmVzK3PVETv69Y27UKDfaQQM5um8ByMdYQS3TzD2EkoR42 recursively pinned QmcqZoeVrsfBv4Ri6M8KtiLdy3VpKnyznDFhX8zvfd3Qrs recursively pinned QmUyiqpAUA91w4Xm2Dz2wPr6kE6wTzA1apwJziTdBysRLw recursively pinned QmeVKCB6ponYr4f72MuNwegukX9t42NTywNHpDPgyNi9ae recursively pinned QmQCaZZA75UQ5pAKy8zhcz6Ci8yY13UVHUvsuXmid86GUH recursively pinned QmdccChFuYBCiLmufEmk6oXCHybaUQiPXajD3c3xMupiaC recursively pinned QmZFSSPndvRfPT2vyehuyEQitfb8CzdYkA7orFAKyvhA4u recursively pinned QmbaJFk4mFRmCbtQybK94etyfRA2LcM22Kfvjbvdf6X8Gw recursively pinned QmdENonCipE7TK99i7dFz9paqDUSefR4PFdveEmVi5oXAb recursively pinned QmQ7UB4PaGBRHvHfDshrASwynvansFVXrp3RNULwhThUsC recursively pinned Qmdw2XaaX99t7eNzRNXdHEHYzwiH5qhg1iBLDpekCXj5am recursively pinned QmQM6QEJK9kJGzxe1ntDKrE7nLtB9CPqupjQZvsEze6rkK recursively pinned QmX7ZEHg2WipkSbwani5iSwxtBPgghajtGP1QqJQ6jQAAE recursively pinned QmaUyBU3M5zFpeHrMdZbapSLf73SUHZaookrCRCRm87Jwb recursively pinned QmP3Xx9cUp9Ly44bP1TXQHziVpLpNuZDnH7nRhdQTJPk5w recursively pinned QmYQQLN4pEdKi7S8GJJLFtw4LCEiZPkUzRjyNJqNcrU7kS recursively pinned QmZvUavbLwZ5PjiadoGSvB8nURGaeDiTyNivZq9tsPN1dD recursively pinned QmWf7uJtJmBhLB4sAsWUDWGwPyz24yboHYqxZGpEAwP4Gx recursively pinned QmPAApNSDbgZnr1tVe77zPx8bz3USsP4UZxA6nCCSMEbRx recursively pinned QmPMEUkViQsT7XwfPxwque3EfmPs1kaVJCU5Bc8AujYfej recursively pinned QmWnzp23vzhx8rX5z7W9WZVWGq2H8j18GmqddbHRa79jX1 recursively pinned QmRnosvcFPgEZSGMyRw9uuTyDzcQf6Q2ffEXADYEFvqtsN recursively pinned QmeUE3L3gwNvK3BvcutttWxSJPn7RusxNZHzTQeYUNGzjw recursively pinned QmY965P9FuqBum5Ppy7QWUf1HBRVdqDbMFVDStBdjNnjqk recursively </pre> ==bash script to pin recursive directory to IPFS== to use <code>script.sh /path/to/directory</code><br> <syntaxhighlight lang="bash" line> #!/bin/bash # Check if directory argument is provided if [ -z "$1" ]; then echo "Usage: script.sh /path/to/directory" exit 1 fi # Check if IPFS is installed if ! command -v ipfs &> /dev/null; then echo "IPFS is not installed. Please install it first." exit 1 fi # Set directory path and filenames dir_path="$1" ipfs_list="/tmp/ipfs_$(date +'%Y%m%d%H%M%S').list" ipfs_hash="/tmp/ipfs_$(date +'%Y%m%d%H%M%S').hash" # Add directory to IPFS and save output to temporary file ipfs add --recursive "$dir_path" > "$ipfs_list" # Extract IPFS hashes from list and save to temporary file cat "$ipfs_list" | awk '{print $2}' > "$ipfs_hash" # Pin each hash from temporary file while read -r hash; do ipfs pin add "$hash" done < "$ipfs_hash" # Clean up temporary files rm "$ipfs_list" "$ipfs_hash" </syntaxhighlight> Here's how the script works: : It first checks if a directory path argument is provided. If not, it prints the usage instructions and exits. : It checks if IPFS is installed by checking if the ipfs command is available. If not, it prints an error message and exits. : It sets the directory path and temporary filenames for the IPFS list and hash. : It adds the specified directory to IPFS recursively using the ipfs add command and saves the output to the temporary IPFS list file. : It extracts the IPFS hashes from the list file and saves them to the temporary IPFS hash file. : It loops through each hash in the temporary hash file and pins it using the ipfs pin add command. : Finally, it cleans up the temporary files. Note that this script will create new temporary files with a timestamp appended to the filename each time it is run. This is to avoid overwriting any existing temporary files with the same name. o5pfbjggqwogxg5h55ge0xnp1s6hoei 0 122 424 2023-05-11T19:41:22Z Noob 1 Created page with "Tar is not a compression tool, but rather a file archiving utility commonly used on Linux systems. The tar command is used to create an archive of one or more files and directories, which can then be compressed using a compression tool like gzip, bzip2, xz, or zstd to reduce its size for storage or transfer purposes. Tar can also be used to extract files from an archive, or to list the contents of an archive without extracting it. There are several types of compression..." 424 wikitext text/x-wiki Tar is not a compression tool, but rather a file archiving utility commonly used on Linux systems. The tar command is used to create an archive of one or more files and directories, which can then be compressed using a compression tool like gzip, bzip2, xz, or zstd to reduce its size for storage or transfer purposes. Tar can also be used to extract files from an archive, or to list the contents of an archive without extracting it. There are several types of compression available on Linux, including: :* '''gzip''': This is a widely used compression tool that uses the Lempel-Ziv algorithm. It is commonly used to compress individual files and is often used in combination with the tar command to create compressed archives. :* '''bzip2''': This is another popular compression tool that uses the Burrows-Wheeler algorithm. It is often used for compressing larger files, as it typically achieves higher compression ratios than gzip. :* '''xz''': This is a newer compression tool that uses the LZMA algorithm. It is often used to compress large files, as it can achieve very high compression ratios. :* '''lz4''': This is a high-speed compression tool that is designed for use in real-time systems. It is often used for compressing data in network communications and storage systems. :* '''zstd''': This is a relatively new compression tool that uses the Zstandard compression algorithm. It is designed to offer high compression ratios and fast compression and decompression speeds. In addition to these tools, there are also several other compression tools available on Linux, including compress, pack, and rar, among others. ==Gzip tar compression== The tar command is a utility used on Linux systems to create and manage archives of files and directories. The -zcvf options are used to create a compressed archive of one or more files or directories using gzip compression. '''Syntax''' <br> <code>tar -zcvf archive_name.tar.gz file_or_directory</code><br> <code>tar -zcvf /path/store/archive.tar.gz /home/$USER/Documents/testDIR</code><br> Options The '''-z''' option is used to compress the archive using gzip. Without this option, the archive will not be compressed. The '''-c''' option is used to create a new archive. Without this option, the command will attempt to extract files from an existing archive. The '''-v''' option is used to display the progress of the archive creation. Without this option, the command will run silently. The '''-f''' option is used to specify the filename of the archive. ===Compressing a single file=== To create a compressed archive of a single file, you can use the following command: <code>tar -zcvf file_name.tar.gz file_name</code> This will create a new compressed archive called file_name.tar.gz in the current directory, and include the contents of file_name in the archive. ===Compressing a directory=== To create a compressed archive of a directory and its contents, you can use the following command: <code>tar -zcvf directory_name.tar.gz directory_name</code> This will create a new compressed archive called directory_name.tar.gz in the current directory, and include the contents of directory_name and its subdirectories in the archive. ===Compressing multiple files and directories=== To create a compressed archive of multiple files and directories, you can list them all as arguments to the tar command: <code>tar -zcvf archive_name.tar.gz file_or_directory_1 file_or_directory_2 ...</code> This will create a new compressed archive called archive_name.tar.gz in the current directory, and include the contents of all specified files and directories in the archive. ===Compressing and excluding files or directories=== You can use the --exclude option to exclude specific files or directories from the archive. For example, to exclude a directory named exclude_dir from an archive, you can use the following command: <code>tar -zcvf archive_name.tar.gz --exclude=exclude_dir file_or_directory</code> This will create a new compressed archive called archive_name.tar.gz in the current directory, and include the contents of file_or_directory in the archive while excluding the exclude_dir directory. To exclude multiple files or directories using the --exclude option with the tar command, you can separate them with a space character. For example, to exclude two directories named exclude_dir1 and exclude_dir2 from an archive, you can use the following command: <code>tar -zcvf archive_name.tar.gz --exclude=exclude_dir1 --exclude=exclude_dir2 file_or_directory</code> This will create a new compressed archive called archive_name.tar.gz in the current directory, and include the contents of file_or_directory in the archive while excluding the exclude_dir1 and exclude_dir2 directories. ===Preserve file permissions=== To preserve file permissions when creating a compressed archive with tar, you can use the -p option. The -p option stands for "preserve permissions", and it tells tar to include the file permissions (ownership, group, and mode) in the archive. So, to create a compressed archive of a file or directory and preserve its permissions, you can use the following command: <code>tar -zcvpf archive_name.tar.gz file_or_directory</code> Note that the -p option should be used with caution, as it can potentially create security vulnerabilities if you are extracting the archive as a privileged user. It's generally recommended to use the -p option only when necessary and with a clear understanding of its implications. Also note that if you are extracting the archive on a different system or with a different user account, the file permissions may not be preserved exactly as they were in the original system, depending on the destination file system and user account settings. ==Gzip Tar Extraction== The basic syntax for extracting a tar archive compressed with gzip is as follows: <code>tar -zxvf archive_name.tar.gz</code> Options: The -z option is used to decompress the archive using gzip. The -x option is used to extract the contents of the archive. The -v option is used to display the progress of the extraction. The -f option is used to specify the filename of the archive. ====View the contents of a '''gzip''' archive without extracting it using '''zcat'''==== The zcat command is similar to the cat command, but it is used specifically for viewing the contents of gzip compressed files. Here's an example command to view the contents of a gzip archive without extracting it: <code>zcat archive_name.tar.gz | less</code> This command will display the contents of the gzip archive in the less pager, allowing you to scroll through the contents of the archive without extracting it. If you want to search for a specific file or pattern within the archive, you can pipe the output of zcat to the grep command. Here's an example command to search for a file named file.txt within a gzip archive: <code>zcat archive_name.tar.gz | grep file.txt</code> This command will display any lines within the gzip archive that contain the string "file.txt". Note that the zcat command is only used for viewing the contents of gzip compressed files. If you are working with a tar archive that has been compressed with gzip, you will need to use the tar command in conjunction with zcat to view the contents of the archive. Here's an example command to view the contents of a tar archive compressed with gzip without extracting it: <code>zcat archive_name.tar.gz | tar tvf -</code> This command will display a listing of the files and directories within the tar archive, allowing you to see its contents without extracting it. ===Extracting a single file=== To extract a single file from a compressed tar archive, you can use the following command: <code>tar -zxvf archive_name.tar.gz path/to/file</code> This will extract the specified file from the compressed archive. ===Extracting a directory=== To extract a directory and its contents from a compressed tar archive, you can use the following command: <code>tar -zxvf archive_name.tar.gz path/to/directory</code> This will extract the specified directory and its contents from the compressed archive. ===Extracting multiple files and directories=== To extract multiple files and directories from a compressed tar archive, you can list them all as arguments to the tar command: <code>tar -zxvf archive_name.tar.gz file_or_directory_1 file_or_directory_2 ...</code> This will extract the specified files and directories from the compressed archive. ===Extracting to a specific directory=== To extract the contents of a compressed tar archive to a specific directory, you can use the -C option followed by the directory path. For example: <code>tar -zxvf archive_name.tar.gz -C /path/to/directory</code> This will extract the contents of the compressed archive to the specified directory. db9p37qk5rqpmn1hb4a4ltkze6bhmgi 425 424 2023-05-11T19:42:15Z Noob 1 425 wikitext text/x-wiki ==Tar== Tar is not a compression tool, but rather a file archiving utility commonly used on Linux systems. The tar command is used to create an archive of one or more files and directories, which can then be compressed using a compression tool like gzip, bzip2, xz, or zstd to reduce its size for storage or transfer purposes. Tar can also be used to extract files from an archive, or to list the contents of an archive without extracting it. There are several types of compression available on Linux, including: :* '''gzip''': This is a widely used compression tool that uses the Lempel-Ziv algorithm. It is commonly used to compress individual files and is often used in combination with the tar command to create compressed archives. :* '''bzip2''': This is another popular compression tool that uses the Burrows-Wheeler algorithm. It is often used for compressing larger files, as it typically achieves higher compression ratios than gzip. :* '''xz''': This is a newer compression tool that uses the LZMA algorithm. It is often used to compress large files, as it can achieve very high compression ratios. :* '''lz4''': This is a high-speed compression tool that is designed for use in real-time systems. It is often used for compressing data in network communications and storage systems. :* '''zstd''': This is a relatively new compression tool that uses the Zstandard compression algorithm. It is designed to offer high compression ratios and fast compression and decompression speeds. In addition to these tools, there are also several other compression tools available on Linux, including compress, pack, and rar, among others. ===Gzip tar compression=== The tar command is a utility used on Linux systems to create and manage archives of files and directories. The -zcvf options are used to create a compressed archive of one or more files or directories using gzip compression. '''Syntax''' <br> <code>tar -zcvf archive_name.tar.gz file_or_directory</code><br> <code>tar -zcvf /path/store/archive.tar.gz /home/$USER/Documents/testDIR</code><br> Options The '''-z''' option is used to compress the archive using gzip. Without this option, the archive will not be compressed. The '''-c''' option is used to create a new archive. Without this option, the command will attempt to extract files from an existing archive. The '''-v''' option is used to display the progress of the archive creation. Without this option, the command will run silently. The '''-f''' option is used to specify the filename of the archive. ===Compressing a single file=== To create a compressed archive of a single file, you can use the following command: <code>tar -zcvf file_name.tar.gz file_name</code> This will create a new compressed archive called file_name.tar.gz in the current directory, and include the contents of file_name in the archive. ===Compressing a directory=== To create a compressed archive of a directory and its contents, you can use the following command: <code>tar -zcvf directory_name.tar.gz directory_name</code> This will create a new compressed archive called directory_name.tar.gz in the current directory, and include the contents of directory_name and its subdirectories in the archive. ===Compressing multiple files and directories=== To create a compressed archive of multiple files and directories, you can list them all as arguments to the tar command: <code>tar -zcvf archive_name.tar.gz file_or_directory_1 file_or_directory_2 ...</code> This will create a new compressed archive called archive_name.tar.gz in the current directory, and include the contents of all specified files and directories in the archive. ===Compressing and excluding files or directories=== You can use the --exclude option to exclude specific files or directories from the archive. For example, to exclude a directory named exclude_dir from an archive, you can use the following command: <code>tar -zcvf archive_name.tar.gz --exclude=exclude_dir file_or_directory</code> This will create a new compressed archive called archive_name.tar.gz in the current directory, and include the contents of file_or_directory in the archive while excluding the exclude_dir directory. To exclude multiple files or directories using the --exclude option with the tar command, you can separate them with a space character. For example, to exclude two directories named exclude_dir1 and exclude_dir2 from an archive, you can use the following command: <code>tar -zcvf archive_name.tar.gz --exclude=exclude_dir1 --exclude=exclude_dir2 file_or_directory</code> This will create a new compressed archive called archive_name.tar.gz in the current directory, and include the contents of file_or_directory in the archive while excluding the exclude_dir1 and exclude_dir2 directories. ===Preserve file permissions=== To preserve file permissions when creating a compressed archive with tar, you can use the -p option. The -p option stands for "preserve permissions", and it tells tar to include the file permissions (ownership, group, and mode) in the archive. So, to create a compressed archive of a file or directory and preserve its permissions, you can use the following command: <code>tar -zcvpf archive_name.tar.gz file_or_directory</code> Note that the -p option should be used with caution, as it can potentially create security vulnerabilities if you are extracting the archive as a privileged user. It's generally recommended to use the -p option only when necessary and with a clear understanding of its implications. Also note that if you are extracting the archive on a different system or with a different user account, the file permissions may not be preserved exactly as they were in the original system, depending on the destination file system and user account settings. ===Gzip Tar Extraction=== The basic syntax for extracting a tar archive compressed with gzip is as follows: <code>tar -zxvf archive_name.tar.gz</code> Options: The -z option is used to decompress the archive using gzip. The -x option is used to extract the contents of the archive. The -v option is used to display the progress of the extraction. The -f option is used to specify the filename of the archive. ====View the contents of a '''gzip''' archive without extracting it using '''zcat'''==== The zcat command is similar to the cat command, but it is used specifically for viewing the contents of gzip compressed files. Here's an example command to view the contents of a gzip archive without extracting it: <code>zcat archive_name.tar.gz | less</code> This command will display the contents of the gzip archive in the less pager, allowing you to scroll through the contents of the archive without extracting it. If you want to search for a specific file or pattern within the archive, you can pipe the output of zcat to the grep command. Here's an example command to search for a file named file.txt within a gzip archive: <code>zcat archive_name.tar.gz | grep file.txt</code> This command will display any lines within the gzip archive that contain the string "file.txt". Note that the zcat command is only used for viewing the contents of gzip compressed files. If you are working with a tar archive that has been compressed with gzip, you will need to use the tar command in conjunction with zcat to view the contents of the archive. Here's an example command to view the contents of a tar archive compressed with gzip without extracting it: <code>zcat archive_name.tar.gz | tar tvf -</code> This command will display a listing of the files and directories within the tar archive, allowing you to see its contents without extracting it. ===Extracting a single file=== To extract a single file from a compressed tar archive, you can use the following command: <code>tar -zxvf archive_name.tar.gz path/to/file</code> This will extract the specified file from the compressed archive. ===Extracting a directory=== To extract a directory and its contents from a compressed tar archive, you can use the following command: <code>tar -zxvf archive_name.tar.gz path/to/directory</code> This will extract the specified directory and its contents from the compressed archive. ===Extracting multiple files and directories=== To extract multiple files and directories from a compressed tar archive, you can list them all as arguments to the tar command: <code>tar -zxvf archive_name.tar.gz file_or_directory_1 file_or_directory_2 ...</code> This will extract the specified files and directories from the compressed archive. ===Extracting to a specific directory=== To extract the contents of a compressed tar archive to a specific directory, you can use the -C option followed by the directory path. For example: <code>tar -zxvf archive_name.tar.gz -C /path/to/directory</code> This will extract the contents of the compressed archive to the specified directory. 20ycz8r5ufac0evpf248veaow8no3gs 0 123 426 2023-05-11T19:47:01Z Noob 1 Created page with "==No DNS using IP and SelfSigned Certs== ===Update system=== <code>apt update && apt upgrade -y</code><br \> ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> ===Create keys for encrypted https connection=== Note: If you are just building a quick website to test this..." 426 wikitext text/x-wiki ==No DNS using IP and SelfSigned Certs== ===Update system=== <code>apt update && apt upgrade -y</code><br \> ===Install NGINX=== <code>apt install nginx -y</code><br> You should now be able to see the <b>Welcome to nginx!</b> site on your subdomain (or just use server ip address).<br> Only <b>http</b> will work as we have not yet setup are <b>https</b><br> ===Create keys for encrypted https connection=== Note: If you are just building a quick website to test this out you can use <b>Blank</b> (just press enter) for all fields and it will still work.<br \> <code>openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt</code><br \> <div class="toccolours mw-collapsible mw-collapsed"> quick explanation: <div class="mw-collapsible-content"> :* '''openssl''': This command invokes the OpenSSL tool, which is a software library that provides a variety of cryptographic functions and utilities. :* '''req''': This is a subcommand of OpenSSL that is used for creating and managing X.509 certificate signing requests (CSRs) and self-signed certificates. :* -'''x509''': This option specifies that the output should be a self-signed X.509 certificate rather than a CSR. :* '''-nodes''': This option specifies that the private key should not be encrypted with a password, allowing for automatic startup of services that use SSL/TLS. :* -days 365: This option specifies the number of days that the certificate will be valid for before it expires. :* '''-newkey rsa:4096''': This option generates a new RSA private key with a key length of 4096 bits, which provides a higher level of security than shorter key lengths. :* '''-keyout /etc/ssl/private/nginx-selfsigned.key''': This option specifies the path and filename of the private key file that will be generated by OpenSSL. :* '''-out /etc/ssl/certs/nginx-selfsigned.crt''': This option specifies the path and filename of the self-signed certificate file that will be generated by OpenSSL. Overall, this command generates a self-signed SSL/TLS certificate and private key that can be used to secure an Nginx web server. The certificate and key are saved to the specified locations for use in the Nginx server configuration. It's important to note that while self-signed certificates can provide some level of encryption for your web traffic, they do not provide any form of authentication or verification of identity, and should not be used in production environments where security is a top priority. </div> </div> /etc/ssl/private/nginx-selfsigned.key<br> /etc/ssl/certs/nginx-selfsigned.crt ===Create diffhelman=== <code>openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048</code><br \> You can upgrade from 2048 to 4096 but it might take a while.<br \> <code>$EDITOR /etc/nginx/snippets/ssl-params.conf</code><br> Nginx configuration directives related to SSL/TLS: <pre> ssl_protocols TLSv1.2; #This directive specifies the SSL/TLS protocols that the server will use for secure connections. In this case, only TLS version 1.2 is allowed. ssl_prefer_server_ciphers on; #This directive tells the server to prefer the ciphers specified by the server over those requested by the client. ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL !LOW !DSS !MD5 !RC4 !EXP !PSK !SRP !CAMELLIA !SEED'; #This directive specifies the SSL/TLS ciphers that the server will use for secure connections. These ciphers prioritize the use of elliptic curve cryptography (ECDHE) for key exchange and advanced encryption algorithms such as AES256 and CHACHA20-POLY1305 for encryption. ssl_ecdh_curve secp384r1; #This directive specifies the elliptic curve Diffie-Hellman (ECDH) curve that the server will use for key exchange. In this case, the secp384r1 curve is used. ssl_session_cache shared:SSL:10m; ssl_session_tickets off; #These directives configure SSL session caching, which can improve performance by allowing the server to reuse SSL session parameters for multiple connections. The ssl_session_cache directive specifies the type of session cache to use, and the ssl_session_tickets directive specifies whether session tickets should be used. # need to turn ssl_stapling off for selfsigned or will get errors in /var/log/nginx/error.log ssl_stapling off; ssl_stapling_verify off; #These directives configure OCSP stapling, which can improve security by allowing the server to provide proof of the SSL/TLS certificate's validity without requiring the client to contact the certificate authority. The ssl_stapling directive specifies whether stapling should be used, and the ssl_stapling_verify directive specifies whether the server should verify the OCSP response from the certificate authority. resolver 8.8.8.8 80.80.80.80 valid=300s; resolver_timeout 5s; #These directives configure DNS resolution for OCSP stapling. The resolver directive specifies the DNS servers to use for resolving OCSP requests, and the valid parameter specifies the duration for which DNS responses will be cached. The resolver_timeout directive specifies the timeout value for DNS resolution. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; #These directives add security-related HTTP headers to responses sent by the server. The Strict-Transport-Security header specifies that SSL/TLS should always be used for connections to the server, and the X-Frame-Options and X-Content-Type-Options headers help protect against clickjacking and MIME sniffing attacks, respectively. ssl_dhparam /etc/ssl/certs/dhparam.pem; #This directive specifies the location of the Diffie-Hellman parameters file used for SSL/TLS key exchange. The ssl_dhparam directive is used to specify the path to the file that contains the Diffie-Hellman parameters. ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; # self-signed certificate file ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; # private key file </pre> ====Nginx==== <code>$EDITOR /etc/nginx/sites-available/default</code><br \> <b>MAKE SURE TO CHANGE IP 12.34.56.78 to YOUR servers Public IP address</b><br \> <pre> server { listen 80 default_server; listen [::]:80 default_server; server_name 12.34.56.78; ## change ip to match your server ip return 302 https://$server_name$request_uri; } server { # SSL configuration # listen 443 ssl default_server; listen [::]:443 ssl default_server; include snippets/ssl-params.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; } } </pre> ====Restart Nginx==== <code> systemctl restart nginx</code><br \> ====Allow Nginx pass firewall==== <code>ufw allow 80/tcp</code><br \> <code>ufw allow 443/tcp</code><br \> ====Create a Directory to share store files==== <code>mkdir /var/www/html/files</code><br \> ====Create an html file==== <code>$EDITOR /var/www/html/index.html</code><br \> <pre> <!DOCTYPE html> <html> <head> <title>Files For Download</title> </head> <body> <a href="files">Click here for are latest files</a>.</p> </body> </html> </pre> ==Transfer Files to Sharing Directory== NOTE: [[Scp_only|If you are receiving file from another server (setup server to send with script and ssh-keys), you may wish to create another account which can only receive '''scp''' to path]] ===scp=== Check [[SCP_Examples|SCP_Examples]] for more examples:<br> To send direct from MediaWiki server (Example file 'xmlDump-03-03-2023')<br> Will be prompted to enter password:<br> <code>scp /path/to/file2send <user>@<server_address>:/var/www/html/files/</code><br> Example:<code>scp /path/to/file2send ubuntu@111.222.33.444:/var/www/html/files/</code><br> ===sshfs=== [[Sshfs_ubuntu|Read the sshfs page for more info]]<br> Can be useful if you are transferring a large number of files from your computer to server and want to use the GUI file explorer.<br> <br> NOTE:replace $USER with your user account (Example: mine is 'ubunix' so i will replace '$USER' with 'ubunix') <br> Install sshfs on your computer<br> <code>sudo apt install sshfs</code><br> Create a Directory you are going to mount remote server directory to:<br> <code>mkdir /home/$USER/ServerMount</code><br> <br> <code>sudo sshfs -o allow_other,default_permissions <user>@<server_address>:/var/www/html/files/ /home/$USER/ServerMount/</code><br> To umount use:<br> <code>sudo umount /home/$USER/ServerMount</code><br> ===sftp=== ===Rsync=== ===syncthing=== ===FreeFileSync=== ===Seafile=== ==Require Username and Password to view website/files (Optional - Placed here for educational reasons)== <code>apt install apache2-utils</code><br> In your <code>/etc/nginx/sites-available/default</code><br> Append the lines(see before and after files to see where):<br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: Before <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> <code>/etc/nginx/sites-available/default</code>: After <div class="mw-collapsible-content"> <pre> ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name xml.completenoobs.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # To allow browsing of directory autoindex on; auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/xml.completenoobs.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xml.completenoobs.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = xml.completenoobs.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name xml.completenoobs.com; return 404; # managed by Certbot } </pre> </div> </div> ===Create a login Username and Password to view your website=== Add user; change <b>user1</b> to username of your choice; you will be prompted for password.<br \> <code>htpasswd -c /etc/nginx/.htpasswd user1</code><br \> The <b>-c</b> flag is only needed the first time to create the file <b>/etc/nginx/.htpasswd</b><br \> Add second user; the same method is used to add has many users has you want.<br \> <code>htpasswd /etc/nginx/.htpasswd user2</code> <br \> To update or change passwd for user, repeat command with username of account you wish to change; enter new password.<br \> <code>htpasswd /etc/nginx/.htpasswd user1</code><br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> And try site. ===Fail2Ban to Block IP's Which Enter Incorrect Username and/or Password=== Install Fail2Ban:<br> <code>apt install fail2ban</code><br> <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code><br> <code>$EDITOR /etc/fail2ban/jail.local</code><br> Note: Can append to the very bottom of the page.<br> <pre> # Reject Connections that failed username password _action_tcp_udp = %(banaction)s[name=%(__name__)s-tcp, protocol="tcp", port="%(port)s", blocktype="REJECT --reject-with tcp-reset", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, protocol="udp", port="%(port)s", blocktype="REJECT --reject-with icmp-port-unreachable", chain="%(chain)s", actname=%(banaction)s-udp] actionx = %(_action_tcp_udp)s [nginx-cup] #the name in brackets above is what you use for status # fail2ban-client status nginx-cup enabled = true filter = nginx-correct-up port = http,https logpath = /var/log/nginx/error.log findtime = 3m bantime = 3m maxretry = 3 #ignoreip = <your-ipaddress> #Note: Can find your ipaddress using `curl ifconfig.me` or visit `whatismyip.com` </pre> <br \> <code>$EDITOR /etc/fail2ban/filter.d/nginx-correct-up.conf</code><br \> <pre> [Definition] failregex = client:\s<HOST> ignoreregex = </pre> ===Check Fail2Ban for errors=== <code>fail2ban-client -d</code><br \> ===restart nginx and fail2ban so updated setting can take effect=== <code>systemctl restart fail2ban.service</code><br \> <code>systemctl restart nginx.service</code><br \> And test. ===Remove need for username and password=== Comment out (or delete) the following lines from your nginx config file:<br> <code>$EDITOR /etc/nginx/sites-available/default</code><br> <pre> auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Can comment out lines by placing a '#' in front.<br> <pre> #auth_basic "Hello Please Login"; #auth_basic_user_file /etc/nginx/.htpasswd; </pre> <br> Restart Nginx:<br> <code>systemctl restart nginx</code><br> ==Script for Server== <syntaxhighlight lang="bash" line> #!/bin/bash # Update and upgrade packages apt update && apt upgrade -y # Install nginx and apache2-utils apt install nginx apache2-utils -y # Set up UFW rules ufw allow 80/tcp ufw allow 443/tcp # Create self-signed SSL certificate openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt # Generate Diffie-Hellman parameters openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 # Get server IP address server_ip=$(curl -s ifconfig.me) # Create an SSL configuration snippet cat > /etc/nginx/snippets/ssl-params.conf <<EOL ssl_protocols TLSv1.2; ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL !LOW !DSS !MD5 !RC4 !EXP !PSK !SRP !CAMELLIA !SEED'; ssl_ecdh_curve secp384r1; ssl_session_cache shared:SSL:10m; ssl_session_tickets off; ssl_stapling off; ssl_stapling_verify off; resolver 8.8.8.8 8.8.4.4 valid=300s; resolver_timeout 5s; add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; ssl_dhparam /etc/ssl/certs/dhparam.pem; ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; EOL # Get username and password for basic authentication read -p "Enter a username for basic authentication: " username read -sp "Enter a password for basic authentication: " password echo # Create .htpasswd file htpasswd -cb /etc/nginx/.htpasswd "$username" "$password" # Replace the default Nginx server configuration cat > /etc/nginx/sites-available/default <<EOL server { listen 80 default_server; listen [::]:80 default_server; server_name $server_ip; return 302 https://\$server_name\$request_uri; } server { listen 443 ssl default_server; listen [::]:443 ssl default_server; include snippets/ssl-params.conf; root /var/www/html; index index.html index.htm index.nginx-debian.html; server_name _; auth_basic "Hello Please Login"; auth_basic_user_file /etc/nginx/.htpasswd; location / { try_files \$uri \$uri/ =404; autoindex on; } } EOL # Update the server_name directive with the server_ip obtained from ifconfig.me sed -i "s/\$server_ip/$server_ip/g" /etc/nginx/sites-available/default # Restart Nginx systemctl restart nginx # Create directory for files mkdir /var/www/html/files # Create index.html file cat > /var/www/html/index.html <<EOL <!DOCTYPE html> <html> <head> <title>Files For Download</title> </head> <body> <a href="files">Click here for our latest files</a>.</p> </body> </html> EOL # Inform the user of the server IP address echo "You can visit your server at https://$server_ip" echo "Transfer files to $server_ip:/var/www/html/files" </syntaxhighlight> o3pm341gz8u0vkpspjyew5fkz2kqav5 0 124 427 2023-05-11T19:48:47Z Noob 1 Created page with "==Introduction== SSHFS (Secure SHell FileSystem) is a file system that allows you to mount a remote file system over a secure SSH connection. This allows you to access files and directories on a remote server as if they were local files on your own machine. This guide will walk you through the process of installing SSHFS on Ubuntu and using it to mount a remote file system. ==Install SSHFS== <code>sudo apt-get install sshfs</code> ==Create a mount point== You will n..." 427 wikitext text/x-wiki ==Introduction== SSHFS (Secure SHell FileSystem) is a file system that allows you to mount a remote file system over a secure SSH connection. This allows you to access files and directories on a remote server as if they were local files on your own machine. This guide will walk you through the process of installing SSHFS on Ubuntu and using it to mount a remote file system. ==Install SSHFS== <code>sudo apt-get install sshfs</code> ==Create a mount point== You will need to create a directory on your local machine that will be used as the mount point for the remote file system. You can create a directory in your home directory using the following command:<br> <code>mkdir ~/remote_mount</code> ==Mount the remote file system== To mount the remote file system, you will need to use the '''sshfs''' command in the following format:<br> <code>sshfs <username>@<remote_server>:<remote_directory> <local_mount_point></code> Replace <username> with your username on the remote server, <remote_server> with the IP address or hostname of the remote server, <remote_directory> with the directory you want to mount on the remote server, and <local_mount_point> with the local mount point you created in the previous step. For example, if you want to mount the directory /home/user/files on the remote server with the IP address 192.168.1.100 using your username user and the local mount point ~/remote_mount, you would run the following command: <code>sshfs user@192.168.1.100:/home/user/files ~/remote_mount</code> You will be prompted for the password for the remote server. ==Access the remote files== Once you have mounted the remote file system, you can access the files and directories on the remote server as if they were local files on your own machine. You can use your file manager to browse the files, or you can use the terminal to navigate to the mount point and use standard command-line tools to work with the files. ==IdentityFile - aka ssh-key== To use the IdentityFile option with SSHFS, you can add it to the command when you mount the remote file system. The IdentityFile option allows you to specify the path to the private key file that you want to use for authentication. This can be useful if you have multiple SSH keys, or if you want to use a specific key for a particular connection. Here's an example of how you can use the IdentityFile option with SSHFS: <code>sshfs -o IdentityFile=/path/to/private/key <username>@<remote_server>:<remote_directory> <local_mount_point></code> Replace /path/to/private/key with the path to the private key file that you want to use, <username> with your username on the remote server, <remote_server> with the IP address or hostname of the remote server, <remote_directory> with the directory you want to mount on the remote server, and <local_mount_point> with the local mount point you created in the previous step. For example, if you have a private key file called mykey.pem in your home directory, and you want to use it to mount the directory /home/user/files on the remote server with the IP address 192.168.1.100 using your username user and the local mount point ~/remote_mount, you would run the following command: <code>sshfs -o IdentityFile=$HOME/mykey.pem user@192.168.1.100:/home/user/files ~/remote_mount</code> This will mount the remote file system using the specified private key file for authentication. ==Options to customize sshfs behavior== :* allow_other: This option allows other users to access the mounted file system. By default, only the user who mounted the file system can access it. You can use this option by adding -o allow_other to the sshfs command. :* default_permissions: This option enables the use of default file permissions when accessing the mounted file system. By default, all files and directories on the mounted file system are owned by the user who mounted it, and are not accessible by other users. You can use this option by adding -o default_permissions to the sshfs command. :* reconnect: This option enables automatic reconnection to the remote server if the connection is lost. You can use this option by adding -o reconnect to the sshfs command. :* cache: This option enables caching of file attributes and directory entries, which can improve performance. You can use this option by adding -o cache=yes to the sshfs command. :* transform_symlinks: This option allows you to specify whether symbolic links should be resolved on the local or remote machine. You can use this option by adding -o transform_symlinks to the sshfs command. :* ssh_command: This option allows you to specify a custom SSH command to use for the connection. You can use this option by adding -o ssh_command="<command>" to the sshfs command, where <command> is the custom SSH command you want to use. Here's an example of how you can use some of these options with SSHFS: <code>sshfs -o allow_other,default_permissions,reconnect,cache=yes,transform_symlinks,ssh_command="ssh -p 2222" <username>@<remote_server>:<remote_directory> <local_mount_point></code> This command will mount the remote file system with the specified options, including allowing other users to access it, using default permissions, enabling automatic reconnection, caching file attributes and directory entries, transforming symbolic links, and using a custom SSH command to connect to the remote server on port 2222. ==Unmount the remote file system== When you are finished working with the remote files, you can unmount the remote file system using the following command:<br> <code>fusermount -u <local_mount_point></code><br> Replace <local_mount_point> with the local mount point you used to mount the remote file system. For example, to unmount the remote file system mounted at ~/remote_mount, you would run the following command:<br> <code>fusermount -u ~/remote_mount</code> qphe5dh6a5ypsefgxenozadfpkwbmn9 0 126 432 2023-05-16T11:38:05Z Noob 1 Created page with "==Understanding SSH== '''SSH''' is a protocol that uses encryption to secure data transmitted between a client and a server. <br> It enables users to execute commands, transfer files, and manage remote systems through an encrypted channel. <br> SSH is widely used by system administrators for managing servers, network devices, and other remote systems. ==Installing SSH== To start using SSH, you'll need to install and configure both the server and client components. *..." 432 wikitext text/x-wiki ==Understanding SSH== '''SSH''' is a protocol that uses encryption to secure data transmitted between a client and a server. <br> It enables users to execute commands, transfer files, and manage remote systems through an encrypted channel. <br> SSH is widely used by system administrators for managing servers, network devices, and other remote systems. ==Installing SSH== To start using SSH, you'll need to install and configure both the server and client components. * OpenSSH-Server ** Is required to allow '''ssh''' connections * OpenSSH-Client ** Is used to login/connect to OpenSSH-Server If you are using Ubuntu Desktop, the '''openssh client''' will be preinstalled, allowing you to connect to a server which is running '''openssh-server''' If you are using Ubuntu Server, both the '''ssh client''' and '''openssh server''' are preinstalled by default. === Installing OpenSSH Server=== On Ubuntu distributions, you can install the OpenSSH server by running: <code>sudo apt install openssh-server</code><br> Check the SSH server status with: <code>systemctl status ssh</code> ===Installing OpenSSH Client=== The OpenSSH client is usually pre-installed on most Linux and macOS systems. <br>For Windows, you can install the OpenSSH client by following the instructions on the official website:<br> https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse ==Basic SSH Commands and Usage== === Connecting to a remote server=== Connecting to a remote server using SSH is a fundamental task when managing remote systems. Here's how to connect to a remote server using the command-line interface. Install an SSH client: Ensure you have an SSH client installed on your local machine. Most Unix-based systems, including Linux and macOS, have an SSH client pre-installed. For Windows, you can use the built-in OpenSSH client (available in Windows 10 and later) or a third-party client like PuTTY. ====Gather connection information==== To connect to a remote server, you'll need the following information: * The remote server's IP address or hostname * The SSH port number (default is 22) * Your username on the remote server * The password for the user on remote server. ====Connect using SSH==== Open a terminal or command prompt on your local machine and use the following command to connect to the remote server: <code>ssh username@hostname_or_IP</code> Replace '''username''' with your username on the remote server, '''hostname_or_IP''' with the server's hostname or IP address. If OpenSSH-Server is running/listening on a port other than the default port '''22''' include the port with the '''-p''' flag. For example (If port 2222): : <code>ssh john@example.com -p 2222</code> Or : <code>ssh -p 2222 john@example.com</code> =====Connecting to a Remote Server ===== In this example, we connect to a remote Ubuntu VPS with the following credentials: <pre> Username: root IP address: 12.34.56.78 Password: password2simple </pre> Use the following command to connect to the remote server: <code>ssh root@12.34.56.78</code> You will be prompted to enter the password. Type password2simple and press Enter. This demonstrates how simple it can be to log into a remote computer with root access. * If your Server is hosting SSHD on a port other than default 'port 22' include port number with the '''-p''' flag Example with port 2222:<br> <code>ssh -p 2222 root@12.34.56.78</code> ====Authenticate==== When connecting for the first time, you'll see a prompt asking you to confirm the remote server's fingerprint. Verify the fingerprint and type "yes" to proceed. Next, you'll be prompted for your password. Enter your password to complete the authentication process. Once authenticated, you'll have access to the remote server's command line. You can now execute commands and manage the remote server as if you were working on it directly. Remember that you can use key-based authentication (with a private-public key pair) instead of a password for a more secure and convenient connection method. == Using SSH config file== An SSH config file allows you to define and manage multiple SSH connections, simplifying the process of connecting to remote servers. By creating an SSH config file, you can define custom options, such as port numbers, usernames, and key files, for each connection. The SSH config file is typically located in the '''~/.ssh''' directory and named config. Here's how to create and use an SSH config file: :* Create the SSH config file: If it doesn't exist, create the config file in the '''~/.ssh''' directory using a text editor: <code>$EDITOR ~/.ssh/config</code> :* Define a connection: To define a connection, you'll need to specify a Host entry followed by any options you want to apply to that connection. Here's an example: <pre> Host server1 HostName example.com User your_username Port 2222 IdentityFile ~/.ssh/id_rsa_server1 </pre> In this example, we've defined a connection called server1 with the following options: :* HostName: The hostname or IP address of the remote server (example.com in this case). :* User: The username to use when connecting to the remote server (replace your_username with your actual username). :* Port: The port number to use for the SSH connection (2222 in this example). :* IdentityFile: The path to the private key file to use for authentication (replace ~/.ssh/id_rsa_server1 with the path to your private key file). You can define multiple connections in the same config file by creating separate Host entries: <pre> Host server2 HostName 192.168.1.100 User another_username Port 22 IdentityFile ~/.ssh/id_rsa_server2 </pre> :* Save and exit the file: Save your changes and exit the text editor. :* Connect using the SSH config file: To connect to a remote server using the defined connection, simply use the ssh command followed by the Host entry: <code>ssh server1</code> In this example, SSH will automatically use the options defined in the config file for server1, such as the hostname, username, port number, and identity file. By using an SSH config file, you can simplify the process of managing multiple SSH connections and customize the options for each connection. ==Key-based Authentication== === Generating SSH key pairs=== SSH key pairs consist of a private key and a public key. They provide a secure, passwordless authentication method for connecting to remote servers. The private key remains on your local machine, while the public key is added to the remote server's authorized keys. Here's how to generate an SSH key pair: Open a terminal: On Unix-based systems (Linux and macOS), open a terminal. On Windows, open PowerShell or the Command Prompt. Generate the key pair: Use the ssh-keygen command to create a new SSH key pair. The following command generates a 4096-bit RSA key pair: <code>ssh-keygen -t rsa -b 4096</code> You can also generate other types of keys, such as Ed25519, by changing the -t option: <code>ssh-keygen -t ed25519</code> Specify the key's location: When prompted, you can either accept the default location (~/.ssh/id_rsa for RSA keys, ~/.ssh/id_ed25519 for Ed25519 keys) or enter a custom path. It is recommended to use the default location unless you have a specific reason to change it. Set a passphrase (optional): You can choose to protect your private key with a passphrase. If you do, you'll need to enter the passphrase every time you use the key. This adds an extra layer of security, but can be less convenient for automation or scripting. To set a passphrase, enter it when prompted; otherwise, leave the field blank ====Selecting file name and path for keys==== <code>ssh-keygen -t rsa -b 4096 -f .ssh/nuc</code> The '''-f''' option in the '''ssh-keygen''' command is used to specify the output file for the generated key pair. In your example, '''ssh-keygen -t rsa -b 4096 -f .ssh/nuc''', the command is generating an RSA key pair with a key length of 4096 bits, and the output files will be saved in the '''.ssh''' directory with the base name '''nuc'''. Here's a breakdown of the options used in this command: :* '''-t rsa''': Specifies the key type, in this case, RSA. :* '''-b 4096''': Specifies the key length, which is 4096 bits in this case. This length offers good security and is generally recommended. :* '''-f .ssh/nuc''': Specifies the file where the key pair will be saved. The private key will be saved as '''.ssh/nuc''', and the public key will be saved as '''.ssh/nuc.pub'''. After running this command, you'll have a new key pair with the private key in '''.ssh/nuc''' and the public key in '''.ssh/nuc.pub''' ====Create keys with no passphase==== <code>ssh-keygen -t rsa -b 4096 -N "" -C "MYSERVER" -f ~/.ssh/serverkey</code> :* '''-t rsa''': Specifies the key type, in this case, RSA. :* '''-b 4096''': Specifies the key length, which is 4096 bits in this case. This length offers good security and is generally recommended. :* '''-N ""''': Specifies an empty passphrase for the key pair. This means that the private key will not be encrypted, and no passphrase will be required when using it. This can be less secure, but more convenient for automated processes. :* '''-C "MYSERVER"''': Adds a comment to the generated key pair. In this case, the comment is "MYSERVER". Comments are useful for identifying keys when you have multiple keys in your ~/.ssh directory or on a remote server. :* '''-f ~/.ssh/serverkey''': Specifies the file where the key pair will be saved. The private key will be saved as '''~/.ssh/serverkey''', and the public key will be saved as '''~/.ssh/serverkey.pub'''. After running this command, you'll have a new key pair with the private key in '''~/.ssh/serverkey''' and the public key in '''~/.ssh/serverkey.pub'''. The private key will have an empty passphrase and a comment "MYSERVER" for easier identification. ====Remove the passphrase from an existing SSH private key==== To remove the passphrase from an existing SSH private key, you can use the '''ssh-keygen''' command with the '''-p''' option, which is used for changing the passphrase. Follow these steps: :* Make a backup of your private key file, just in case something goes wrong during the process. You can do this by running the following command, replacing '''<your_private_key>''' with the filename of your private key: <code>cp <your_private_key> <your_private_key>.backup</code> :* Run the '''ssh-keygen''' command with the '''-p''' option, specifying the private key file using the '''-f''' option: ::** '''-p''': Indicates that you want to change the passphrase of an existing private key. ::** '''-f <your_private_key>''': Specifies the private key file whose passphrase you want to change. <code>ssh-keygen -p -f <your_private_key></code> :* You will be prompted to enter the old passphrase for the private key. Type it in and press Enter. :* Next, you'll be prompted to enter a new passphrase. Since you want to remove the passphrase, leave this field empty and press Enter. :* You'll be asked to confirm the empty passphrase. Press Enter again to confirm. Your private key now has its passphrase removed. Keep in mind that this makes the private key less secure, as anyone with access to the file can use it without needing to know the passphrase. ====Add/Change a passphrase to an existing SSH Key==== To add a passphrase to an existing SSH private key that doesn't have one, you can use the '''ssh-keygen''' command with the '''-p''' option, just like when you change or remove a passphrase. Here are the steps: :* '''Make a backup of your private key file''', just in case something goes wrong during the process. You can do this by running the following command, replacing <your_private_key> with the filename of your private key: <code>cp <your_private_key> <your_private_key>.backup</code> :* Run the '''ssh-keygen''' command with the -p option, specifying the private key file using the '''-f''' option: <code>ssh-keygen -p -f <your_private_key></code> :* You will be prompted to enter the old passphrase for the private key. Since your private key doesn't currently have a passphrase, just press Enter to proceed. :* Next, you'll be prompted to enter a new passphrase. Type in the passphrase you want to set for the private key and press Enter. :* You'll be asked to confirm the new passphrase. Type it again and press Enter to confirm. Your private key now has a passphrase added to it. This provides an extra layer of security, as anyone using the key will need to know the passphrase to access it. Keep in mind that you should use a strong passphrase to ensure better security. === Copying public keys to the remote server=== After generating an SSH key pair, you'll need to copy the public key to the remote server to enable key-based authentication. Here's how to do it: ====Using ssh-copy-id==== Use the '''ssh-copy-id''' command (Linux and macOS): On Unix-based systems, you can use the ssh-copy-id command to copy your public key to the remote server: <code>ssh-copy-id -i ~/.ssh/id_rsa.pub username@hostname_or_IP</code> Replace ~/.ssh/id_rsa.pub with the path to your public key file (e.g., ~/.ssh/id_ed25519.pub for Ed25519 keys), username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. ====Manually copy the public key==== Manually copy the public key (Windows and alternative method): If you don't have access to the ssh-copy-id command or prefer to do it manually, you can: :* Open your public key file (e.g., id_rsa.pub or id_ed25519.pub) with a text editor and copy its content.> :* Log in to the remote server via SSH.<br> :* Create the ~/.ssh directory if it doesn't exist: <code>mkdir -p ~/.ssh</code> Edit or create the ~/.ssh/authorized_keys file using a text editor (e.g., nano, vim, or emacs), and paste the content of your public key at the end of the file. Save and close the file. Set the correct file permissions: To ensure the security of your SSH setup, it's essential to set the proper file permissions on your local machine and the remote server: :* On your local machine: :** Private key (id_rsa or id_ed25519): -rw------- (600) :** Public key (id_rsa.pub or id_ed25519.pub): -rw-r--r-- (644) :* On the remote server: :** ~/.ssh directory: drwx------ (700) :** ~/.ssh/authorized_keys file: -rw------- (600) To set the permissions on your local machine, use the chmod command: <pre> chmod 600 ~/.ssh/id_rsa chmod 644 ~/.ssh/id_rsa.pub </pre> On the remote server, use the following commands: <pre> chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys </pre> Once you've copied your public key to the remote server and set the correct file permissions, you should be able to connect using key-based authentication without the need for a password. === Disabling password authentication (optional)=== Disabling password authentication enhances the security of your SSH server by requiring key-based authentication for all connections. You can disable password authentication for specific users or for all users. To do so, follow these steps: :* Connect to the remote server: Log in to the remote server via SSH using your username and the server's hostname or IP address. :* Edit the SSH configuration file: Open the SSH server configuration file (usually located at /etc/ssh/sshd_config) with a text editor such as nano, vim, or emacs: <code>sudo nano /etc/ssh/sshd_config</code> :* Disabling password authentication for all users: Find the line containing "PasswordAuthentication" and set its value to "no": <code>PasswordAuthentication no</code> If the line is commented out (i.e., it starts with a '#'), remove the '#' symbol. :* Disabling password authentication for a specific user: To disable password authentication only for a particular user, you can use a "Match User" block at the end of the sshd_config file: <pre> Match User username PasswordAuthentication no </pre> Replace username with the actual username for which you want to disable password authentication. :* Save and exit the file: Save your changes and exit the text editor. :* Restart the SSH server: Apply the changes by restarting the SSH server: <code>sudo systemctl restart ssh</code> Now, password authentication will be disabled for the specified user(s), and only key-based authentication will be allowed. Remember that if you disable password authentication, you must have a working SSH key pair set up to access the server, or you may be locked out. == Configuring the SSH server== Edit the SSH server configuration file located at <b>/etc/ssh/sshd_config</b> to set your desired settings. You can modify options like the listening port, allowing root login, and more. ===Common sshd_config Options=== The '''sshd_config''' file is located at '''/etc/ssh/sshd_config''' on most Linux systems. This file contains various options and settings that determine the behavior of the OpenSSH server. Each option is followed by its value, and lines starting with a <b>#</b> are considered comments. Here's an overview of some common options in the sshd_config file: ===Port=== Specifies the port number that the SSH server listens on.<br> <code>Port 22</code><br> === AddressFamily=== Determines the IP address family (IPv4, IPv6, or both) used by the SSH server. * To specify that the SSH server should only listen for incoming IPv4 connections: <code>AddressFamily inet</code> * Or, if you want the SSH server to only listen for incoming IPv6 connections, set the 'AddressFamily' directive to 'inet6': <code>AddressFamily inet6</code> * If you want to allow both IPv4 and IPv6 connections, set the 'AddressFamily' directive to 'any': <code>AddressFamily any</code> === ListenAddress=== Specifies the IP address(es) the SSH server listens on. By default, it listens on all available addresses. <code>ListenAddress 192.168.1.10</code> === Protocol=== Defines the SSH protocol version. It's recommended to use only protocol 2. <code>Protocol 2</code> === PermitRootLogin=== Controls whether root login is allowed. It's generally advised to disable root login or set it to "without-password" to allow only key-based authentication for root. <code>PermitRootLogin no</code> ===PasswordAuthentication=== Enables or disables password-based authentication. <code>PasswordAuthentication yes</code> === PubkeyAuthentication=== Enables or disables public key authentication. <code>PubkeyAuthentication yes</code> === AuthorizedKeysFile=== Specifies the location of the authorized keys file for public key authentication. <code>AuthorizedKeysFile .ssh/authorized_keys</code> === LogLevel=== Sets the logging level for the SSH server. The LogLevel option in '''sshd_config''' controls the amount of information that SSH daemon (sshd) logs. There are different log levels that can be set with this option, each providing a different level of detail: * '''QUIET''': Disables all logging. * '''FATAL''': Only logs fatal errors. * '''ERROR''': Logs error messages. * '''INFO''': Logs informational messages such as login attempts. * '''VERBOSE''': Logs more detailed information than INFO, including shell commands executed. * '''DEBUG''': Logs detailed debugging information, including raw protocol details. The default log level is '''INFO''', which is usually sufficient for most purposes. However, if you need to troubleshoot SSH connections or monitor user activity, setting a higher log level may be helpful. To change the '''LogLevel''' in '''sshd_config''', you can edit the file '''/etc/ssh/sshd_config''' (or the appropriate configuration file for your system), and add or modify the line: <code>LogLevel <log_level></code> Where <log_level> is one of the log levels listed above. <code>LogLevel INFO</code> === LoginGraceTime=== Defines the time allowed for a user to successfully log in. <code>LoginGraceTime 2m</code> ===MaxAuthTries=== Limits the number of authentication attempts allowed per connection. <code>MaxAuthTries 6</code> === MaxSessions=== Specifies the maximum number of simultaneous sessions allowed per network connection.<br> <code>MaxSessions 10</code> === AllowUsers, DenyUsers, AllowGroups, DenyGroups=== These options control which users and groups are allowed or denied access to the SSH server. They provide a way to manage access control based on usernames and group membership. * '''AllowUsers''': Specifies a list of users allowed to access the SSH server. Other users will be denied access. <code>AllowUsers user1 user2 user3</code><br> * '''DenyUsers''': Specifies a list of users denied access to the SSH server. Other users will be allowed access. <code>DenyUsers user4 user5</code> * '''AllowGroups''': Specifies a list of groups whose members are allowed to access the SSH server. Users not belonging to these groups will be denied access. <code>AllowGroups group1 group2</code> * '''DenyGroups''': Specifies a list of groups whose members are denied access to the SSH server. Users not belonging to these groups will be allowed access. <code>DenyGroups group3 group4</code> Note that the order in which these options are applied is '''DenyUsers''', '''AllowUsers''', '''DenyGroups''', and finally '''AllowGroups'''. ===Banner=== The Banner option allows you to display a message or warning to users before they log in to the SSH server. This is often used to display legal notices, security warnings, or other important information. To enable the banner, set the Banner option to the path of a text file containing the message you want to display: <code>Banner /etc/ssh/banner.txt</code> Create the /etc/ssh/banner.txt file and add your desired message. The content of this file will be displayed to users before they log in. ==Advanced sshd_config Options== === PermitTunnel=== The PermitTunnel option enables or disables the use of SSH tunneling. Tunnels can be used to forward ports or create VPN-like connections between the client and the server. * There are four possible values for this option: : '''"yes"''': Allows all types of tunnels.<br> : '''"point-to-point"''': Allows only point-to-point (Layer 3) tunnels.<br> : '''"ethernet"''': Allows only Ethernet (Layer 2) tunnels.<br> : '''"no"''': Disables tunneling (default).<br> To enable tunneling, set the PermitTunnel option in the sshd_config file: <code>PermitTunnel yes</code> Keep in mind that enabling tunnels may expose your server to additional security risks. Only enable this option if you understand the implications and have a specific use case that requires it. === ChrootDirectory=== The ChrootDirectory option allows you to restrict a user or a group to a specific directory (known as a chroot jail) when they log in via SSH. This can enhance security by isolating users and limiting their access to only the necessary parts of the filesystem. To set up a chroot jail, follow these steps: Create a directory that will serve as the chroot jail. For example, let's create a directory for user1: <code>sudo mkdir /home/user1/chroot</code> Change the ownership of the directory to the user and their primary group: <code>sudo chown user1:user1 /home/user1/chroot</code> In the sshd_config file, add a Match block at the end of the file to specify the ChrootDirectory for user1: <pre> Match User user1 ChrootDirectory /home/user1/chroot </pre> Restart the SSH server to apply the changes: <code>sudo systemctl restart ssh</code> Now, when user1 logs in via SSH, they will be restricted to the /home/user1/chroot directory and won't be able to access other parts of the filesystem. Note that the chroot jail should be owned by root and not writable by the user. If you need to provide write access to specific directories, create subdirectories inside the chroot jail and set appropriate permissions for those. Also, some features like SFTP may require additional configuration within the chroot jail. ===ForceCommand=== The ForceCommand option allows you to specify a command that will be executed when a user logs in via SSH, regardless of the command requested by the user. This can be useful for limiting the actions a user can perform or for automatically running specific tasks upon login. To use the ForceCommand option, follow these steps: In the sshd_config file, add a Match block at the end of the file to specify the ForceCommand for a specific user or group. For example, to force user1 to execute the command /usr/bin/my-command upon login: <pre> Match User user1 ForceCommand /usr/bin/my-command </pre> Restart the SSH server to apply the changes: <code>sudo systemctl restart ssh</code> Now, when user1 logs in via SSH, the /usr/bin/my-command will be executed automatically, and they will not be able to run any other command. Keep in mind that using ForceCommand may limit the user's ability to interact with the server or transfer files via SFTP. Make sure to test and verify the functionality for your specific use case. === Match Blocks=== Match blocks in the sshd_config file allow you to apply specific configuration options based on certain criteria, such as the user, group, address, or host. This enables you to create custom rules and settings for different users, groups, or connections. Match block syntax: <pre> Match criteria Option value </pre> Here are some examples of Match blocks and their usage: Apply settings only for a specific user: <pre> Match User user1 PasswordAuthentication no AllowTcpForwarding yes </pre> This configuration disables password authentication and enables TCP forwarding only for user1. Apply settings for multiple users: <pre> Match User user1,user2 ChrootDirectory /home/%u/chroot </pre> This configuration sets the chroot directory for both user1 and user2. Apply settings for a specific group: <pre> Match Group group1 PasswordAuthentication yes </pre> This configuration enables password authentication only for members of group1. Apply settings based on the client's IP address: <pre> Match Address 192.168.1.0/24 PasswordAuthentication no </pre> This configuration disables password authentication for clients connecting from the 192.168.1.0/24 subnet. Combine multiple criteria: <pre> Match User user1 Address 192.168.1.0/24 PasswordAuthentication yes </pre> This configuration enables password authentication only for user1 when they connect from the 192.168.1.0/24 subnet. Remember to restart the SSH server after making changes to the sshd_config file: <code>sudo systemctl restart ssh</code> Match blocks offer flexibility in customizing your SSH server's configuration based on various criteria. Use them wisely to enhance security and optimize your server's settings. ==Best Practices and Tips '''sshd_config'''== When configuring your '''sshd_config''' file, it's essential to follow best practices to ensure the security and stability of your SSH server. Here are some recommendations and tips: :* Keep the server up-to-date: Always update your SSH server software and the underlying operating system to ensure you have the latest security patches and features. :* Use strong authentication: Enable key-based authentication (PubkeyAuthentication) and consider disabling password authentication (PasswordAuthentication) to reduce the risk of brute-force attacks. :* Limit root access: Set "PermitRootLogin" to "no" or "without-password" to prevent direct root login or require key-based authentication for root. :* Use non-standard ports: Change the default SSH port (22) to a non-standard port to reduce the exposure to automated scans and attacks. Keep in mind this is security through obscurity and should be combined with other security measures. '''Restrict user access''': Use "AllowUsers," "DenyUsers," "AllowGroups," and "DenyGroups" options to control which users and groups can access the SSH server. '''Monitor logs''': Regularly check your SSH server logs for any suspicious activity or failed login attempts. Adjust the "LogLevel" setting in sshd_config as needed. * Default Log Path Ubuntu 22.04: '''/var/log/auth.log''' '''Use chroot jails''': Isolate users by creating chroot jails using the "ChrootDirectory" option, especially when providing SFTP access or when users don't require full access to the server. '''Configure connection settings''': Set appropriate values for "LoginGraceTime" and "MaxAuthTries" to limit the time allowed for successful login and the number of authentication attempts per connection. '''Use a strong firewall''': Configure your server's firewall to only allow SSH connections from trusted IP addresses or networks. '''Regularly review and audit''': Periodically review your sshd_config settings and make adjustments as necessary. Keep up-to-date with SSH security best practices and recommendations. By following these best practices and tips, you can enhance the security and performance of your SSH server, protecting it from unauthorized access and potential attacks. ===Troubleshooting sshd_config Issues=== When encountering problems with your SSH server configuration, it's important to know how to diagnose and resolve issues. Here are some common problems and troubleshooting steps: Check syntax and configuration errors: If the SSH server is not starting or not functioning as expected, check the sshd_config file for any syntax or configuration errors. Use the following command to test the configuration file for errors: <code>sudo sshd -t</code> If there are any issues, the command will provide error messages with information on what needs to be fixed. Review log files: Inspect the SSH server log files for any error messages or relevant information. The location of the log files may vary depending on your system, but common locations are /var/log/auth.log or /var/log/secure. Tail the log file while attempting to connect to get real-time information: <code>sudo tail -f /var/log/auth.log</code> Restart the SSH server Check firewall settings: Ensure that the server's firewall is allowing SSH connections on the correct port. If you changed the default SSH port, update your firewall rules accordingly. Verify user permissions: If a specific user is unable to connect, check the user's permissions, home directory, and the settings in the sshd_config file, such as "AllowUsers," "DenyUsers," "AllowGroups," or "DenyGroups." SSH server from a client, use the verbose mode to get more detailed information about the connection process. This can help identify any issues with authentication or configuration. Run the following command to enable verbose mode: <code>ssh -v user@example.com</code> Replace "user@example.com" with the appropriate username and server address. You can increase the verbosity level by adding more "v" characters (e.g., -vv or -vvv) if needed. Check file permissions: Ensure that the file permissions for the user's home directory, the .ssh directory, and the authorized_keys file are set correctly. The user's home directory should not be writable by other users, the .ssh directory should have permissions set to 700 (drwx------), and the authorized_keys file should have permissions set to 600 (-rw-------). Test network connectivity: If you're unable to connect to the SSH server, verify that you can reach the server on the network. Use tools like ping, traceroute, or telnet to check the connection to the server and the specific SSH port. By following these troubleshooting steps, you should be able to diagnose and resolve most issues related to the sshd_config file and the SSH server configuration. Remember to carefully review the settings in your sshd_config file and consult the server logs for additional information when encountering problems. ====After making changes, restart the SSH server:==== <code>sudo systemctl restart ssh</code><br> == Running commands on a remote server== Once you've connected to a remote server using SSH, you can execute commands on the remote machine just as you would on your local system. However, you can also run commands on a remote server without establishing an interactive SSH session. This can be useful for automation, scripting, or quick tasks. Here's how to do it: Use the SSH command: To run a command on a remote server without entering an interactive session, use the following syntax: <code>ssh username@hostname_or_IP -p port 'command'</code> Replace username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, port with the SSH port number (if different from the default 22), and command with the command you want to execute. For example, to list the contents of the remote server's home directory, you can use: <code>ssh john@example.com -p 22 'ls -la'</code> ===Handling multiple commands=== If you need to execute multiple commands, you can chain them together using a '''semicolon''' or '''&&'''. The semicolon allows you to run multiple commands sequentially, while the && operator runs the next command only if the previous command was successful. For example, to update the package list and then upgrade the packages on a remote Ubuntu server: <code>ssh john@example.com -p 2222 'sudo apt-get update; sudo apt-get upgrade -y'</code> * Command output: The output of the command will be displayed in your local terminal, just as if you were running the command on your local machine. Using key-based authentication ==Transferring files with SCP== The Secure Copy Protocol (SCP) is a useful tool for transferring files between your local machine and a remote server using SSH. SCP ensures that the data is encrypted during transit, providing a secure and efficient way to transfer files. ===Install an SCP client=== Most Unix-based systems, including Linux and macOS, have an SCP client pre-installed. For Windows, you can use the built-in SCP client included with the OpenSSH package (available in Windows 10 and later) or a third-party client like WinSCP. ===Transfer a file from your local machine to a remote server=== To copy a file from your local machine to a remote server, use the following command: * Note the use of the upper case '''-P''' for ports with '''scp''' <code>scp -P port local_file_path username@hostname_or_IP:remote_file_path</code> Replace port with the SSH port number (if different from the default 22), local_file_path with the path to the file on your local machine, username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, and remote_file_path with the desired location on the remote server. For example: <code>scp -P 22 /home/john/documents/report.pdf john@example.com:/home/john/reports/</code> This command will copy the "report.pdf" file from the local machine to the "reports" directory on the remote server. ===Transfer a file from a remote server to your local machine=== To copy a file from a remote server to your local machine, use the following command: <code>scp -P port username@hostname_or_IP:remote_file_path local_file_path</code> Replace port with the SSH port number (if different from the default 22), username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, remote_file_path with the path to the file on the remote server, and local_file_path with the desired location on your local machine. For example: <code>scp -P 2222 john@example.com:/home/john/reports/report.pdf /home/john/documents/</code> : Or <code>scp john@example.com:/home/john/reports/report.pdf /home/john/documents/</code>- This command will copy the "report.pdf" file from the remote server's "reports" directory to the "documents" directory on your local machine. ===Transferring directories=== To transfer an entire directory, use the '''-r''' flag: <code>scp -r -P port local_directory_path username@hostname_or_IP:remote_directory_path</code> Or, to copy a directory from the remote server to your local machine: <code>scp -r -P port username@hostname_or_IP:remote_directory_path local_directory_path</code> Using SCP is a convenient and secure way to transfer files between your local machine and a remote server. It leverages the security of the SSH protocol to ensure that your data remains encrypted during transit. ===Transferring from Remote Computer to Remote Computer=== Copy the file '''stuff.txt''' from remote host '''12.34.56.67''' to host '''11.22.33.44''' <code>scp name@12.34.56.67:/home/user/Documents/stuff.txt name@11.22.33.44:/home/user/Documents/</code> With the '''-3''' flag copies between two remote hosts "12.34.56.67" and "11.22.33.44" are transferred through the local host running the command. <code>scp -3 name@12.34.56.67:/home/user/Documents/stuff.txt \ name@11.22.33.44:/home/user/Documents/ </code> ===Transferring multiple files=== Send files foo.txt and bar.txt to remote. <code>scp foo.txt bar.txt user@12.34.56.78:~/Documents/</code> Copy multiple files from remote "Documents" directory to local "Documents" directory. <code>scp user@11.22.33.44:/home/user/Documents/\{todo_list.txt,links.txt,stuff.txt\} /home/$USER/Documents/</code> Copy multiple files from the remote to local current directory. <code>scp name@12.34.56.78:~/\{README.md,.bashrc\} . </code> == Transferring files with SFTP== The SSH File Transfer Protocol (SFTP) is another method for transferring files securely between your local machine and a remote server. Unlike SCP, SFTP provides an interactive interface that allows you to navigate, upload, and download files more easily. Install an SFTP client: Most Unix-based systems, including Linux and macOS, have an SFTP client pre-installed. For Windows, you can use the built-in SFTP client included with the OpenSSH package (available in Windows 10 and later) or a third-party client like WinSCP or FileZilla. Connect to a remote server: To start an SFTP session with a remote server, open a terminal or command prompt on your local machine and use the following command: <code>sftp -P port username@hostname_or_IP</code> Replace port with the SSH port number (if different from the default 22), username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. For example: <code>sftp -P 22 john@example.com</code> Navigate the remote filesystem: Once connected, you can use commands similar to those available in a Unix shell to navigate the remote server's filesystem. Some common SFTP commands include: : '''ls''': List files and directories<br> : '''cd''': Change the current directory<br> : '''mkdir''': Create a new directory<br> : '''rmdir''': Remove an empty directory<br> : '''get''': Download a file from the remote server<br> : '''put''': Upload a file to the remote server<br> <br> : '''rm''': Remove a file<br> : '''rename''': Rename a file or directory<br> : '''exit''': Exit the SFTP session<br> Transfer files: To transfer files, use the put command to upload a file from your local machine to the remote server, and the get command to download a file from the remote server to your local machine. For example: Upload a file: <code>put local_file_path remote_file_path</code> Download a file: <code>get remote_file_path local_file_path</code> Replace local_file_path and remote_file_path with the appropriate paths for the files you want to transfer. Transferring directories: To transfer entire directories, use the -r flag with the put and get commands: Upload a directory: <code>put -r local_directory_path remote_directory_path</code> Download a directory: <code>get -r remote_directory_path local_directory_path</code> Disconnect from the remote server: When you've finished transferring files, type exit to close the SFTP session. SFTP offers a more user-friendly, interactive experience for transferring files compared to SCP. By utilizing the secure and encrypted SSH protocol, SFTP ensures that your data remains safe during transfer. ==Advanced SSH Techniques== === Port forwarding and tunneling=== SSH port forwarding and tunneling allow you to securely forward network traffic between your local machine and a remote server. This can be useful for accessing remote services, bypassing firewalls, or securely transmitting sensitive data. Local Port Forwarding: Local port forwarding creates a secure tunnel between your local machine and a remote server, allowing you to access remote services as if they were running on your local machine. To set up local port forwarding, use the -L flag with the SSH command: <code>ssh -L local_port:remote_host:remote_port username@hostname_or_IP</code> Replace local_port with an available port on your local machine, remote_host with the hostname or IP address of the remote server hosting the service, remote_port with the port number of the remote service, username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. Remote Port Forwarding: Remote port forwarding enables you to expose a local service running on your machine to a remote network. To set up remote port forwarding, use the -R flag with the SSH command: <code>ssh -R remote_port:local_host:local_port username@hostname_or_IP</code> Replace remote_port with an available port on the remote server, local_host with the hostname or IP address of the local machine hosting the service, local_port with the port number of the local service, username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. :**Forwarding X, Sound, and Video on Ubuntu 22.04 with Ubuntu 22.04 LXC**: To forward X, sound, and video from a remote Ubuntu 22.04 server to your local Ubuntu 22.04 machine, you'll need to enable X11 forwarding and install the necessary packages. :* Install required packages: On both your local machine and the remote server, install the x11-apps and pulseaudio packages: <code>sudo apt update</code><br> <code>sudo apt install x11-apps pulseaudio</code> :* Enable X11 forwarding: To enable X11 forwarding, you'll need to edit the SSH server configuration file (/etc/ssh/sshd_config) on the remote server: <code>sudo nano /etc/ssh/sshd_config</code> Find the line containing "X11Forwarding" and set its value to "yes": <code>X11Forwarding yes</code> If the line is commented out (i.e., it starts with a '#'), remove the '#' symbol. Save your changes and exit the text editor. :* Restart the SSH server: Apply the changes by restarting the SSH server: <code>sudo systemctl restart ssh</code> :* Connect with X11 forwarding: From your local machine, use the -X flag to enable X11 forwarding when connecting to the remote server: <code>ssh -X username@hostname_or_IP</code> :* Export PULSE_SERVER environment variable: On the remote server, export the PULSE_SERVER environment variable to forward sound: <code>export PULSE_SERVER=tcp:localhost</code> You can add this line to the remote user's ~/.bashrc or ~/.profile file to make the change permanent. :* Run applications: Now, you can run graphical applications on the remote server, and they will be displayed on your local machine with sound and video forwarded. Please note that forwarding X, sound, and video might cause increased latency and reduced performance compared to running the applications locally. === SSH agent forwarding=== SSH agent forwarding is a powerful feature that allows you to use your local SSH keys to authenticate with remote servers without having to copy your private keys to those servers. This is particularly useful when you need to access one remote server (Server B) through another remote server (Server A). ==== Start the SSH agent on your local machine ==== Before you enable SSH agent forwarding, you need to start the SSH agent on your local machine. Open a terminal and run the following command: :* For Linux and macOS: <code>eval "$(ssh-agent -s)"</code> For Windows (Git Bash or Cygwin): <code>eval $(ssh-agent)</code> This command starts the SSH agent and sets the required environment variables. ====Add your SSH key to the agent==== Next, add your private key to the SSH agent with the following command: <code>ssh-add ~/.ssh/your_private_key</code> Replace '''your_private_key''' with the filename of your private key. This might be '''id_rsa''', '''id_ed25519''', or another key file depending on your setup. ====Configure SSH agent forwarding on your local machine==== Edit your SSH config file to enable agent forwarding. The config file is usually located at '''~/.ssh/config'''. If the file doesn't exist, create it. Add the following lines to the config file: <pre> Host server_a_alias HostName server_a_ip_or_hostname User your_username_on_server_a ForwardAgent yes Host server_b_alias HostName server_b_ip_or_hostname User your_username_on_server_b ForwardAgent yes </pre> Replace :* '''server_a_alias''' :* ''' server_a_ip_or_hostname''' :* '''your_username_on_server_a''' :* '''server_b_alias''' :* '''server_b_ip_or_hostname''' :* '''your_username_on_server_b''' with the appropriate values. ====Make sure your public key is added to the remote servers==== Before you can use SSH agent forwarding, you need to add your public key to the '''~/.ssh/authorized_keys''' file on both Server A and Server B. If you haven't done this already, you can use the following command: <code>ssh-copy-id -i ~/.ssh/your_public_key user@server_ip_or_hostname</code> Replace '''your_public_key''', '''user''', and '''server_ip_or_hostname''' with the appropriate values. ====Test SSH agent forwarding==== First, SSH into Server A: <code>ssh server_a_alias</code> Then, from Server A, SSH into Server B: <code>ssh server_b_alias</code> If everything is set up correctly, you should be able to access Server B without being prompted for a password. ====Verify SSH agent forwarding==== To make sure that SSH agent forwarding is working, you can check the value of the '''SSH_AUTH_SOCK''' environment variable on Server B. From Server B, run the following command: <code>echo $SSH_AUTH_SOCK</code> If SSH agent forwarding is working, this command should return a non-empty value. That's it! You've successfully set up and tested SSH agent forwarding. Now you can use your local SSH keys to authenticate with remote servers without having to copy your private keys to those servers. ===Command Restriction=== The '''authorized_keys''' file can be used to restrict the commands that a specific SSH key can execute. This is especially useful for security purposes, to limit the potential damage that could be done if a key is compromised. By including a '''command=''' directive in the '''authorized_keys''' file, you can specify the exact command that will be run when a client connects using the associated key. Any command provided by the client will be ignored, and the command specified in the authorized_keys file will be used instead. Example: <code>command="/usr/bin/scp -t /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...</code> is set up to always execute the '''scp''' command (used for secure copy of files over SSH) to the specified directory, no matter what command was originally issued by the client. This is a good way to create a "write-only" drop box, for instance. However, the keyholder could potentially still execute arbitrary commands by carefully crafting the file names they upload, so additional precautions should be taken, such as using command= along with other directives like '''no-port-forwarding''', '''no-X11-forwarding''', and '''no-pty''' to further limit what can be done with the key. <code>command="/usr/bin/scp -t /home/rscp/media/",no-port-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...</code> This entry does the following: :* The '''command=''' directive runs the specified command when a client connects using this key. In this case, the command is scp, which securely copies files to the /home/rscp/media/ directory. :* The '''no-port-forwarding''' directive prevents the client from using SSH's port forwarding features, which could potentially be used to create a secure tunnel for other network traffic. :* The '''no-X11-forwarding''' directive prevents the client from forwarding X11 graphical sessions, which could be used to run graphical applications over the SSH connection. :* The '''no-pty''' directive prevents the allocation of a pseudo-terminal, which means the client can't interact with a shell or run interactive commands. The '''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...''' part is the public key of the client. Replace this with the actual key. This configuration significantly limits the operations that can be performed with this key, providing an additional layer of security. ====SCP Only==== Use Case Example: Have a Server hosting XML Dumps, and want to automate sending a file or directory from Server1 to Server2 using a script and ssh-key so i don't need to enter password. =====Create Account on Server===== Create user account you are going to use:<br> <code>adduser rscp</code> Make sure user has a '''.ssh''' directory to send public key to:<br> <code>mkdir /home/rscp/.ssh</code> Make a Directory to transfer files to:<br> <code>mkdir /home/rscp/media</code> Note: If you see error <code>scp: /home/rscp/media/test.txt: Permission denied</code> If you created directory '''media''' when logged in as '''root''' then check directory permissions and if need [[Linux_Users_and_Groups#File_Ownership_and_Permissions|assign ownership to '''user''' account.]]<br> Example:<code>chown rscp:rscp /home/rscp/media</code> [[Ubuntu_22.04_SSH_Guide#Copying_public_keys_to_the_remote_server|Send your public key to server]] After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> <pre> command="/usr/bin/scp -t /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... </pre> If from remote server you are sending a Directory include the '''-r''' flag in command:<br> After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> <pre> command="/usr/bin/scp -t -r /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... </pre> This entry in the authorized_keys file uses the command option to restrict the SSH command that can be run with the associated SSH key. The command option specifies that the scp command should be used to transfer files to the '''/home/rscp/media/''' directory on the server. Here's a breakdown of the entry: :* '''command="/usr/bin/scp -t /home/rscp/"''': This specifies that the scp command should be used as the SSH command for this key, with the '''-t''' option to specify that the remote end is a file (in this case, a directory), and the destination directory on the server is /home/rscp/. This means that the user can only use the SSH key to transfer files to the /home/rscp/ directory on the server. :* '''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...''': This is the public key associated with the private key that is used for authentication. By using the command option in this way, you can restrict the actions that the user can perform with the SSH key, which can help to improve security. In this case, the user can only transfer files to the specified directory on the server using the scp command. ======Tip - transfer file to a path your USER does not have permissions for====== You can write a shell script to check the '''/home/rscp/media''' directory every minute using a while loop and the sleep command. If any files are found in the directory, the script can move them to the '''/var/www/media''' directory using the mv command. Here's an example script: <syntaxhighlight lang="bash" line> #!/bin/bash while true do if [ "$(ls -A /home/rscp/media/)" ]; then mv /home/rscp/media/* /var/www/media/ fi sleep 60 done </syntaxhighlight> In this script, the while loop runs indefinitely ('''while true''') and sleeps for 60 seconds at the end of each iteration ('''sleep 60'''). The '''if''' statement checks if the '''/home/rscp/media''' directory is not empty ('''[ "$(ls -A /home/rscp/media/)" ]'''). If it is not empty, the '''mv''' command is used to move all files and directories from the '''/home/rscp/media/''' directory to the '''/var/www/media/''' directory. Save this script to a file (e.g. '''move-files.sh''') and make it executable using the '''chmod +x move-files.sh''' command. You can then run the script using '''./move-files.sh &''' to start it in the background and allow it to run indefinitely. The & symbol is used to run the script in the background so that you can continue using the terminal. Note that running this script indefinitely can consume system resources, so you may want to consider setting up a scheduled task (e.g. using '''[[Cron_ubuntu_22.04|cron]]''') to run the script at a specific interval instead of running it indefinitely. ==Tilde '''~''' the escape character== The tilde (~) character has a special meaning in the context of SSH. When using SSH, you can use the tilde character followed by a control sequence to perform certain actions. These are called "tilde escape sequences" or "tilde commands." They are useful for managing your SSH connections. Here's how to use tilde escape sequences when connected to a remote server via SSH: :* Make sure you are at the beginning of a new line in your terminal. Press '''Enter''' if you are not. :* Type the tilde (~) character, followed by the appropriate control sequence. Note that you should not press '''Enter''' after typing the tilde character, but rather type the control sequence directly after it. Here are some common tilde escape sequences: : '''~.''' : Close the SSH connection. This can be helpful if the connection is frozen or unresponsive. : '''~^Z''' : Suspend the SSH connection and return to your local shell. You can later resume the connection using the fg command. : '''~#''' : List all forwarded connections (both local and remote) that are active in the current SSH session. : '''~&''' : Run the SSH session in the background. This is useful if you want to perform other tasks on your local machine without closing the SSH connection. : '''~~''' : Send a literal tilde character to the remote system. This is useful if you need to type a tilde character in the remote system without triggering an escape sequence. Remember that these escape sequences only work if they are entered at the beginning of a new line in your terminal. If you're typing them in the middle of a command or text, they won't be recognized as special control sequences. ==Troubleshooting and Best Practices== In this section, we'll cover some common issues and best practices related to SSH connections, including managing a large number of SSH keys. ===Too many authentication attempts=== When connecting to an SSH server, you might encounter the "Too many authentication attempts" error. This is often caused by having too many private keys in your ~/.ssh directory. By default, SSH tries each key until it finds the correct one, but many servers limit the number of authentication attempts. '''Solution''': To resolve this issue, you can create a separate directory for your keys and configure the SSH config file to use the appropriate key for each connection. :* Create a new directory for your keys: <code>mkdir ~/.ssh/keys</code> :* Move your private key files to the new directory: <code>mv ~/.ssh/id_rsa_* ~/.ssh/keys/</code> Update your SSH config file to specify the correct key for each connection: <pre> Host server1 ... IdentityFile ~/.ssh/keys/id_rsa_server1 Host server2 ... IdentityFile ~/.ssh/keys/id_rsa_server2 </pre> ===Permission issues=== SSH is very strict about file and directory permissions. Ensure that your ~/.ssh directory and its contents have the correct permissions: :* The ~/.ssh directory should have permissions set to 700: <code>chmod 700 ~/.ssh</code> Private key files should have permissions set to 600: <code>chmod 600 ~/.ssh/id_rsa</code> The ~/.ssh/config file should have permissions set to 600: <code>chmod 600 ~/.ssh/config</code> :* <b>Best practices</b>: Follow these best practices to maintain secure and efficient SSH connections: :* Use SSH key pairs instead of passwords for authentication, as they provide better security. :* Regularly update your SSH keys to maintain their security. :* Use strong, unique passphrases to protect your private keys. :* Disable password authentication and root login on your SSH server to reduce the risk of brute-force attacks. :* Regularly update your SSH server software to ensure you're running the latest security patches. :* Use non-standard port numbers for your SSH server to make it less likely to be targeted by automated attacks. :* Implement multi-factor authentication (MFA) for your SSH connections, if possible. :* Regularly review and remove any unnecessary authorized keys from the ~/.ssh/authorized_keys file on your servers. :* Use the Match directive in the sshd_config file to apply custom rules and settings for different users, groups, or connections. h5f0c79zueujacqu7lm1zj4ej3g4bne 437 432 2023-05-16T12:05:39Z Noob 1 /* Key-based Authentication */ 437 wikitext text/x-wiki ==Understanding SSH== '''SSH''' is a protocol that uses encryption to secure data transmitted between a client and a server. <br> It enables users to execute commands, transfer files, and manage remote systems through an encrypted channel. <br> SSH is widely used by system administrators for managing servers, network devices, and other remote systems. ==Installing SSH== To start using SSH, you'll need to install and configure both the server and client components. * OpenSSH-Server ** Is required to allow '''ssh''' connections * OpenSSH-Client ** Is used to login/connect to OpenSSH-Server If you are using Ubuntu Desktop, the '''openssh client''' will be preinstalled, allowing you to connect to a server which is running '''openssh-server''' If you are using Ubuntu Server, both the '''ssh client''' and '''openssh server''' are preinstalled by default. === Installing OpenSSH Server=== On Ubuntu distributions, you can install the OpenSSH server by running: <code>sudo apt install openssh-server</code><br> Check the SSH server status with: <code>systemctl status ssh</code> ===Installing OpenSSH Client=== The OpenSSH client is usually pre-installed on most Linux and macOS systems. <br>For Windows, you can install the OpenSSH client by following the instructions on the official website:<br> https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse ==Basic SSH Commands and Usage== === Connecting to a remote server=== Connecting to a remote server using SSH is a fundamental task when managing remote systems. Here's how to connect to a remote server using the command-line interface. Install an SSH client: Ensure you have an SSH client installed on your local machine. Most Unix-based systems, including Linux and macOS, have an SSH client pre-installed. For Windows, you can use the built-in OpenSSH client (available in Windows 10 and later) or a third-party client like PuTTY. ====Gather connection information==== To connect to a remote server, you'll need the following information: * The remote server's IP address or hostname * The SSH port number (default is 22) * Your username on the remote server * The password for the user on remote server. ====Connect using SSH==== Open a terminal or command prompt on your local machine and use the following command to connect to the remote server: <code>ssh username@hostname_or_IP</code> Replace '''username''' with your username on the remote server, '''hostname_or_IP''' with the server's hostname or IP address. If OpenSSH-Server is running/listening on a port other than the default port '''22''' include the port with the '''-p''' flag. For example (If port 2222): : <code>ssh john@example.com -p 2222</code> Or : <code>ssh -p 2222 john@example.com</code> =====Connecting to a Remote Server ===== In this example, we connect to a remote Ubuntu VPS with the following credentials: <pre> Username: root IP address: 12.34.56.78 Password: password2simple </pre> Use the following command to connect to the remote server: <code>ssh root@12.34.56.78</code> You will be prompted to enter the password. Type password2simple and press Enter. This demonstrates how simple it can be to log into a remote computer with root access. * If your Server is hosting SSHD on a port other than default 'port 22' include port number with the '''-p''' flag Example with port 2222:<br> <code>ssh -p 2222 root@12.34.56.78</code> ====Authenticate==== When connecting for the first time, you'll see a prompt asking you to confirm the remote server's fingerprint. Verify the fingerprint and type "yes" to proceed. Next, you'll be prompted for your password. Enter your password to complete the authentication process. Once authenticated, you'll have access to the remote server's command line. You can now execute commands and manage the remote server as if you were working on it directly. Remember that you can use key-based authentication (with a private-public key pair) instead of a password for a more secure and convenient connection method. == Using SSH config file== An SSH config file allows you to define and manage multiple SSH connections, simplifying the process of connecting to remote servers. By creating an SSH config file, you can define custom options, such as port numbers, usernames, and key files, for each connection. The SSH config file is typically located in the '''~/.ssh''' directory and named config. Here's how to create and use an SSH config file: :* Create the SSH config file: If it doesn't exist, create the config file in the '''~/.ssh''' directory using a text editor: <code>$EDITOR ~/.ssh/config</code> :* Define a connection: To define a connection, you'll need to specify a Host entry followed by any options you want to apply to that connection. Here's an example: <pre> Host server1 HostName example.com User your_username Port 2222 IdentityFile ~/.ssh/id_rsa_server1 </pre> In this example, we've defined a connection called server1 with the following options: :* HostName: The hostname or IP address of the remote server (example.com in this case). :* User: The username to use when connecting to the remote server (replace your_username with your actual username). :* Port: The port number to use for the SSH connection (2222 in this example). :* IdentityFile: The path to the private key file to use for authentication (replace ~/.ssh/id_rsa_server1 with the path to your private key file). You can define multiple connections in the same config file by creating separate Host entries: <pre> Host server2 HostName 192.168.1.100 User another_username Port 22 IdentityFile ~/.ssh/id_rsa_server2 </pre> :* Save and exit the file: Save your changes and exit the text editor. :* Connect using the SSH config file: To connect to a remote server using the defined connection, simply use the ssh command followed by the Host entry: <code>ssh server1</code> In this example, SSH will automatically use the options defined in the config file for server1, such as the hostname, username, port number, and identity file. By using an SSH config file, you can simplify the process of managing multiple SSH connections and customize the options for each connection. ==Key-based Authentication== Why use key-based authentication? * Server1: 12.34.56.78 * Server2: 12.34.56.87 You are trying to login to Server1, but by mistake you enter your '''user''' and '''password''' to Server2, Can Server2 record the '''user''' and '''password''' you used? [[placeholder|YES, Yes it can]] === Generating SSH key pairs=== SSH key pairs consist of a private key and a public key. They provide a secure, passwordless authentication method for connecting to remote servers. The private key remains on your local machine, while the public key is added to the remote server's authorized keys. Here's how to generate an SSH key pair: Open a terminal: On Unix-based systems (Linux and macOS), open a terminal. On Windows, open PowerShell or the Command Prompt. Generate the key pair: Use the ssh-keygen command to create a new SSH key pair. The following command generates a 4096-bit RSA key pair: <code>ssh-keygen -t rsa -b 4096</code> You can also generate other types of keys, such as Ed25519, by changing the -t option: <code>ssh-keygen -t ed25519</code> Specify the key's location: When prompted, you can either accept the default location (~/.ssh/id_rsa for RSA keys, ~/.ssh/id_ed25519 for Ed25519 keys) or enter a custom path. It is recommended to use the default location unless you have a specific reason to change it. Set a passphrase (optional): You can choose to protect your private key with a passphrase. If you do, you'll need to enter the passphrase every time you use the key. This adds an extra layer of security, but can be less convenient for automation or scripting. To set a passphrase, enter it when prompted; otherwise, leave the field blank ====Selecting file name and path for keys==== <code>ssh-keygen -t rsa -b 4096 -f .ssh/nuc</code> The '''-f''' option in the '''ssh-keygen''' command is used to specify the output file for the generated key pair. In your example, '''ssh-keygen -t rsa -b 4096 -f .ssh/nuc''', the command is generating an RSA key pair with a key length of 4096 bits, and the output files will be saved in the '''.ssh''' directory with the base name '''nuc'''. Here's a breakdown of the options used in this command: :* '''-t rsa''': Specifies the key type, in this case, RSA. :* '''-b 4096''': Specifies the key length, which is 4096 bits in this case. This length offers good security and is generally recommended. :* '''-f .ssh/nuc''': Specifies the file where the key pair will be saved. The private key will be saved as '''.ssh/nuc''', and the public key will be saved as '''.ssh/nuc.pub'''. After running this command, you'll have a new key pair with the private key in '''.ssh/nuc''' and the public key in '''.ssh/nuc.pub''' ====Create keys with no passphase==== <code>ssh-keygen -t rsa -b 4096 -N "" -C "MYSERVER" -f ~/.ssh/serverkey</code> :* '''-t rsa''': Specifies the key type, in this case, RSA. :* '''-b 4096''': Specifies the key length, which is 4096 bits in this case. This length offers good security and is generally recommended. :* '''-N ""''': Specifies an empty passphrase for the key pair. This means that the private key will not be encrypted, and no passphrase will be required when using it. This can be less secure, but more convenient for automated processes. :* '''-C "MYSERVER"''': Adds a comment to the generated key pair. In this case, the comment is "MYSERVER". Comments are useful for identifying keys when you have multiple keys in your ~/.ssh directory or on a remote server. :* '''-f ~/.ssh/serverkey''': Specifies the file where the key pair will be saved. The private key will be saved as '''~/.ssh/serverkey''', and the public key will be saved as '''~/.ssh/serverkey.pub'''. After running this command, you'll have a new key pair with the private key in '''~/.ssh/serverkey''' and the public key in '''~/.ssh/serverkey.pub'''. The private key will have an empty passphrase and a comment "MYSERVER" for easier identification. ====Remove the passphrase from an existing SSH private key==== To remove the passphrase from an existing SSH private key, you can use the '''ssh-keygen''' command with the '''-p''' option, which is used for changing the passphrase. Follow these steps: :* Make a backup of your private key file, just in case something goes wrong during the process. You can do this by running the following command, replacing '''<your_private_key>''' with the filename of your private key: <code>cp <your_private_key> <your_private_key>.backup</code> :* Run the '''ssh-keygen''' command with the '''-p''' option, specifying the private key file using the '''-f''' option: ::** '''-p''': Indicates that you want to change the passphrase of an existing private key. ::** '''-f <your_private_key>''': Specifies the private key file whose passphrase you want to change. <code>ssh-keygen -p -f <your_private_key></code> :* You will be prompted to enter the old passphrase for the private key. Type it in and press Enter. :* Next, you'll be prompted to enter a new passphrase. Since you want to remove the passphrase, leave this field empty and press Enter. :* You'll be asked to confirm the empty passphrase. Press Enter again to confirm. Your private key now has its passphrase removed. Keep in mind that this makes the private key less secure, as anyone with access to the file can use it without needing to know the passphrase. ====Add/Change a passphrase to an existing SSH Key==== To add a passphrase to an existing SSH private key that doesn't have one, you can use the '''ssh-keygen''' command with the '''-p''' option, just like when you change or remove a passphrase. Here are the steps: :* '''Make a backup of your private key file''', just in case something goes wrong during the process. You can do this by running the following command, replacing <your_private_key> with the filename of your private key: <code>cp <your_private_key> <your_private_key>.backup</code> :* Run the '''ssh-keygen''' command with the -p option, specifying the private key file using the '''-f''' option: <code>ssh-keygen -p -f <your_private_key></code> :* You will be prompted to enter the old passphrase for the private key. Since your private key doesn't currently have a passphrase, just press Enter to proceed. :* Next, you'll be prompted to enter a new passphrase. Type in the passphrase you want to set for the private key and press Enter. :* You'll be asked to confirm the new passphrase. Type it again and press Enter to confirm. Your private key now has a passphrase added to it. This provides an extra layer of security, as anyone using the key will need to know the passphrase to access it. Keep in mind that you should use a strong passphrase to ensure better security. === Copying public keys to the remote server=== After generating an SSH key pair, you'll need to copy the public key to the remote server to enable key-based authentication. Here's how to do it: ====Using ssh-copy-id==== Use the '''ssh-copy-id''' command (Linux and macOS): On Unix-based systems, you can use the ssh-copy-id command to copy your public key to the remote server: <code>ssh-copy-id -i ~/.ssh/id_rsa.pub username@hostname_or_IP</code> Replace ~/.ssh/id_rsa.pub with the path to your public key file (e.g., ~/.ssh/id_ed25519.pub for Ed25519 keys), username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. ====Manually copy the public key==== Manually copy the public key (Windows and alternative method): If you don't have access to the ssh-copy-id command or prefer to do it manually, you can: :* Open your public key file (e.g., id_rsa.pub or id_ed25519.pub) with a text editor and copy its content.> :* Log in to the remote server via SSH.<br> :* Create the ~/.ssh directory if it doesn't exist: <code>mkdir -p ~/.ssh</code> Edit or create the ~/.ssh/authorized_keys file using a text editor (e.g., nano, vim, or emacs), and paste the content of your public key at the end of the file. Save and close the file. Set the correct file permissions: To ensure the security of your SSH setup, it's essential to set the proper file permissions on your local machine and the remote server: :* On your local machine: :** Private key (id_rsa or id_ed25519): -rw------- (600) :** Public key (id_rsa.pub or id_ed25519.pub): -rw-r--r-- (644) :* On the remote server: :** ~/.ssh directory: drwx------ (700) :** ~/.ssh/authorized_keys file: -rw------- (600) To set the permissions on your local machine, use the chmod command: <pre> chmod 600 ~/.ssh/id_rsa chmod 644 ~/.ssh/id_rsa.pub </pre> On the remote server, use the following commands: <pre> chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys </pre> Once you've copied your public key to the remote server and set the correct file permissions, you should be able to connect using key-based authentication without the need for a password. === Disabling password authentication (optional)=== Disabling password authentication enhances the security of your SSH server by requiring key-based authentication for all connections. You can disable password authentication for specific users or for all users. To do so, follow these steps: :* Connect to the remote server: Log in to the remote server via SSH using your username and the server's hostname or IP address. :* Edit the SSH configuration file: Open the SSH server configuration file (usually located at /etc/ssh/sshd_config) with a text editor such as nano, vim, or emacs: <code>sudo nano /etc/ssh/sshd_config</code> :* Disabling password authentication for all users: Find the line containing "PasswordAuthentication" and set its value to "no": <code>PasswordAuthentication no</code> If the line is commented out (i.e., it starts with a '#'), remove the '#' symbol. :* Disabling password authentication for a specific user: To disable password authentication only for a particular user, you can use a "Match User" block at the end of the sshd_config file: <pre> Match User username PasswordAuthentication no </pre> Replace username with the actual username for which you want to disable password authentication. :* Save and exit the file: Save your changes and exit the text editor. :* Restart the SSH server: Apply the changes by restarting the SSH server: <code>sudo systemctl restart ssh</code> Now, password authentication will be disabled for the specified user(s), and only key-based authentication will be allowed. Remember that if you disable password authentication, you must have a working SSH key pair set up to access the server, or you may be locked out. == Configuring the SSH server== Edit the SSH server configuration file located at <b>/etc/ssh/sshd_config</b> to set your desired settings. You can modify options like the listening port, allowing root login, and more. ===Common sshd_config Options=== The '''sshd_config''' file is located at '''/etc/ssh/sshd_config''' on most Linux systems. This file contains various options and settings that determine the behavior of the OpenSSH server. Each option is followed by its value, and lines starting with a <b>#</b> are considered comments. Here's an overview of some common options in the sshd_config file: ===Port=== Specifies the port number that the SSH server listens on.<br> <code>Port 22</code><br> === AddressFamily=== Determines the IP address family (IPv4, IPv6, or both) used by the SSH server. * To specify that the SSH server should only listen for incoming IPv4 connections: <code>AddressFamily inet</code> * Or, if you want the SSH server to only listen for incoming IPv6 connections, set the 'AddressFamily' directive to 'inet6': <code>AddressFamily inet6</code> * If you want to allow both IPv4 and IPv6 connections, set the 'AddressFamily' directive to 'any': <code>AddressFamily any</code> === ListenAddress=== Specifies the IP address(es) the SSH server listens on. By default, it listens on all available addresses. <code>ListenAddress 192.168.1.10</code> === Protocol=== Defines the SSH protocol version. It's recommended to use only protocol 2. <code>Protocol 2</code> === PermitRootLogin=== Controls whether root login is allowed. It's generally advised to disable root login or set it to "without-password" to allow only key-based authentication for root. <code>PermitRootLogin no</code> ===PasswordAuthentication=== Enables or disables password-based authentication. <code>PasswordAuthentication yes</code> === PubkeyAuthentication=== Enables or disables public key authentication. <code>PubkeyAuthentication yes</code> === AuthorizedKeysFile=== Specifies the location of the authorized keys file for public key authentication. <code>AuthorizedKeysFile .ssh/authorized_keys</code> === LogLevel=== Sets the logging level for the SSH server. The LogLevel option in '''sshd_config''' controls the amount of information that SSH daemon (sshd) logs. There are different log levels that can be set with this option, each providing a different level of detail: * '''QUIET''': Disables all logging. * '''FATAL''': Only logs fatal errors. * '''ERROR''': Logs error messages. * '''INFO''': Logs informational messages such as login attempts. * '''VERBOSE''': Logs more detailed information than INFO, including shell commands executed. * '''DEBUG''': Logs detailed debugging information, including raw protocol details. The default log level is '''INFO''', which is usually sufficient for most purposes. However, if you need to troubleshoot SSH connections or monitor user activity, setting a higher log level may be helpful. To change the '''LogLevel''' in '''sshd_config''', you can edit the file '''/etc/ssh/sshd_config''' (or the appropriate configuration file for your system), and add or modify the line: <code>LogLevel <log_level></code> Where <log_level> is one of the log levels listed above. <code>LogLevel INFO</code> === LoginGraceTime=== Defines the time allowed for a user to successfully log in. <code>LoginGraceTime 2m</code> ===MaxAuthTries=== Limits the number of authentication attempts allowed per connection. <code>MaxAuthTries 6</code> === MaxSessions=== Specifies the maximum number of simultaneous sessions allowed per network connection.<br> <code>MaxSessions 10</code> === AllowUsers, DenyUsers, AllowGroups, DenyGroups=== These options control which users and groups are allowed or denied access to the SSH server. They provide a way to manage access control based on usernames and group membership. * '''AllowUsers''': Specifies a list of users allowed to access the SSH server. Other users will be denied access. <code>AllowUsers user1 user2 user3</code><br> * '''DenyUsers''': Specifies a list of users denied access to the SSH server. Other users will be allowed access. <code>DenyUsers user4 user5</code> * '''AllowGroups''': Specifies a list of groups whose members are allowed to access the SSH server. Users not belonging to these groups will be denied access. <code>AllowGroups group1 group2</code> * '''DenyGroups''': Specifies a list of groups whose members are denied access to the SSH server. Users not belonging to these groups will be allowed access. <code>DenyGroups group3 group4</code> Note that the order in which these options are applied is '''DenyUsers''', '''AllowUsers''', '''DenyGroups''', and finally '''AllowGroups'''. ===Banner=== The Banner option allows you to display a message or warning to users before they log in to the SSH server. This is often used to display legal notices, security warnings, or other important information. To enable the banner, set the Banner option to the path of a text file containing the message you want to display: <code>Banner /etc/ssh/banner.txt</code> Create the /etc/ssh/banner.txt file and add your desired message. The content of this file will be displayed to users before they log in. ==Advanced sshd_config Options== === PermitTunnel=== The PermitTunnel option enables or disables the use of SSH tunneling. Tunnels can be used to forward ports or create VPN-like connections between the client and the server. * There are four possible values for this option: : '''"yes"''': Allows all types of tunnels.<br> : '''"point-to-point"''': Allows only point-to-point (Layer 3) tunnels.<br> : '''"ethernet"''': Allows only Ethernet (Layer 2) tunnels.<br> : '''"no"''': Disables tunneling (default).<br> To enable tunneling, set the PermitTunnel option in the sshd_config file: <code>PermitTunnel yes</code> Keep in mind that enabling tunnels may expose your server to additional security risks. Only enable this option if you understand the implications and have a specific use case that requires it. === ChrootDirectory=== The ChrootDirectory option allows you to restrict a user or a group to a specific directory (known as a chroot jail) when they log in via SSH. This can enhance security by isolating users and limiting their access to only the necessary parts of the filesystem. To set up a chroot jail, follow these steps: Create a directory that will serve as the chroot jail. For example, let's create a directory for user1: <code>sudo mkdir /home/user1/chroot</code> Change the ownership of the directory to the user and their primary group: <code>sudo chown user1:user1 /home/user1/chroot</code> In the sshd_config file, add a Match block at the end of the file to specify the ChrootDirectory for user1: <pre> Match User user1 ChrootDirectory /home/user1/chroot </pre> Restart the SSH server to apply the changes: <code>sudo systemctl restart ssh</code> Now, when user1 logs in via SSH, they will be restricted to the /home/user1/chroot directory and won't be able to access other parts of the filesystem. Note that the chroot jail should be owned by root and not writable by the user. If you need to provide write access to specific directories, create subdirectories inside the chroot jail and set appropriate permissions for those. Also, some features like SFTP may require additional configuration within the chroot jail. ===ForceCommand=== The ForceCommand option allows you to specify a command that will be executed when a user logs in via SSH, regardless of the command requested by the user. This can be useful for limiting the actions a user can perform or for automatically running specific tasks upon login. To use the ForceCommand option, follow these steps: In the sshd_config file, add a Match block at the end of the file to specify the ForceCommand for a specific user or group. For example, to force user1 to execute the command /usr/bin/my-command upon login: <pre> Match User user1 ForceCommand /usr/bin/my-command </pre> Restart the SSH server to apply the changes: <code>sudo systemctl restart ssh</code> Now, when user1 logs in via SSH, the /usr/bin/my-command will be executed automatically, and they will not be able to run any other command. Keep in mind that using ForceCommand may limit the user's ability to interact with the server or transfer files via SFTP. Make sure to test and verify the functionality for your specific use case. === Match Blocks=== Match blocks in the sshd_config file allow you to apply specific configuration options based on certain criteria, such as the user, group, address, or host. This enables you to create custom rules and settings for different users, groups, or connections. Match block syntax: <pre> Match criteria Option value </pre> Here are some examples of Match blocks and their usage: Apply settings only for a specific user: <pre> Match User user1 PasswordAuthentication no AllowTcpForwarding yes </pre> This configuration disables password authentication and enables TCP forwarding only for user1. Apply settings for multiple users: <pre> Match User user1,user2 ChrootDirectory /home/%u/chroot </pre> This configuration sets the chroot directory for both user1 and user2. Apply settings for a specific group: <pre> Match Group group1 PasswordAuthentication yes </pre> This configuration enables password authentication only for members of group1. Apply settings based on the client's IP address: <pre> Match Address 192.168.1.0/24 PasswordAuthentication no </pre> This configuration disables password authentication for clients connecting from the 192.168.1.0/24 subnet. Combine multiple criteria: <pre> Match User user1 Address 192.168.1.0/24 PasswordAuthentication yes </pre> This configuration enables password authentication only for user1 when they connect from the 192.168.1.0/24 subnet. Remember to restart the SSH server after making changes to the sshd_config file: <code>sudo systemctl restart ssh</code> Match blocks offer flexibility in customizing your SSH server's configuration based on various criteria. Use them wisely to enhance security and optimize your server's settings. ==Best Practices and Tips '''sshd_config'''== When configuring your '''sshd_config''' file, it's essential to follow best practices to ensure the security and stability of your SSH server. Here are some recommendations and tips: :* Keep the server up-to-date: Always update your SSH server software and the underlying operating system to ensure you have the latest security patches and features. :* Use strong authentication: Enable key-based authentication (PubkeyAuthentication) and consider disabling password authentication (PasswordAuthentication) to reduce the risk of brute-force attacks. :* Limit root access: Set "PermitRootLogin" to "no" or "without-password" to prevent direct root login or require key-based authentication for root. :* Use non-standard ports: Change the default SSH port (22) to a non-standard port to reduce the exposure to automated scans and attacks. Keep in mind this is security through obscurity and should be combined with other security measures. '''Restrict user access''': Use "AllowUsers," "DenyUsers," "AllowGroups," and "DenyGroups" options to control which users and groups can access the SSH server. '''Monitor logs''': Regularly check your SSH server logs for any suspicious activity or failed login attempts. Adjust the "LogLevel" setting in sshd_config as needed. * Default Log Path Ubuntu 22.04: '''/var/log/auth.log''' '''Use chroot jails''': Isolate users by creating chroot jails using the "ChrootDirectory" option, especially when providing SFTP access or when users don't require full access to the server. '''Configure connection settings''': Set appropriate values for "LoginGraceTime" and "MaxAuthTries" to limit the time allowed for successful login and the number of authentication attempts per connection. '''Use a strong firewall''': Configure your server's firewall to only allow SSH connections from trusted IP addresses or networks. '''Regularly review and audit''': Periodically review your sshd_config settings and make adjustments as necessary. Keep up-to-date with SSH security best practices and recommendations. By following these best practices and tips, you can enhance the security and performance of your SSH server, protecting it from unauthorized access and potential attacks. ===Troubleshooting sshd_config Issues=== When encountering problems with your SSH server configuration, it's important to know how to diagnose and resolve issues. Here are some common problems and troubleshooting steps: Check syntax and configuration errors: If the SSH server is not starting or not functioning as expected, check the sshd_config file for any syntax or configuration errors. Use the following command to test the configuration file for errors: <code>sudo sshd -t</code> If there are any issues, the command will provide error messages with information on what needs to be fixed. Review log files: Inspect the SSH server log files for any error messages or relevant information. The location of the log files may vary depending on your system, but common locations are /var/log/auth.log or /var/log/secure. Tail the log file while attempting to connect to get real-time information: <code>sudo tail -f /var/log/auth.log</code> Restart the SSH server Check firewall settings: Ensure that the server's firewall is allowing SSH connections on the correct port. If you changed the default SSH port, update your firewall rules accordingly. Verify user permissions: If a specific user is unable to connect, check the user's permissions, home directory, and the settings in the sshd_config file, such as "AllowUsers," "DenyUsers," "AllowGroups," or "DenyGroups." SSH server from a client, use the verbose mode to get more detailed information about the connection process. This can help identify any issues with authentication or configuration. Run the following command to enable verbose mode: <code>ssh -v user@example.com</code> Replace "user@example.com" with the appropriate username and server address. You can increase the verbosity level by adding more "v" characters (e.g., -vv or -vvv) if needed. Check file permissions: Ensure that the file permissions for the user's home directory, the .ssh directory, and the authorized_keys file are set correctly. The user's home directory should not be writable by other users, the .ssh directory should have permissions set to 700 (drwx------), and the authorized_keys file should have permissions set to 600 (-rw-------). Test network connectivity: If you're unable to connect to the SSH server, verify that you can reach the server on the network. Use tools like ping, traceroute, or telnet to check the connection to the server and the specific SSH port. By following these troubleshooting steps, you should be able to diagnose and resolve most issues related to the sshd_config file and the SSH server configuration. Remember to carefully review the settings in your sshd_config file and consult the server logs for additional information when encountering problems. ====After making changes, restart the SSH server:==== <code>sudo systemctl restart ssh</code><br> == Running commands on a remote server== Once you've connected to a remote server using SSH, you can execute commands on the remote machine just as you would on your local system. However, you can also run commands on a remote server without establishing an interactive SSH session. This can be useful for automation, scripting, or quick tasks. Here's how to do it: Use the SSH command: To run a command on a remote server without entering an interactive session, use the following syntax: <code>ssh username@hostname_or_IP -p port 'command'</code> Replace username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, port with the SSH port number (if different from the default 22), and command with the command you want to execute. For example, to list the contents of the remote server's home directory, you can use: <code>ssh john@example.com -p 22 'ls -la'</code> ===Handling multiple commands=== If you need to execute multiple commands, you can chain them together using a '''semicolon''' or '''&&'''. The semicolon allows you to run multiple commands sequentially, while the && operator runs the next command only if the previous command was successful. For example, to update the package list and then upgrade the packages on a remote Ubuntu server: <code>ssh john@example.com -p 2222 'sudo apt-get update; sudo apt-get upgrade -y'</code> * Command output: The output of the command will be displayed in your local terminal, just as if you were running the command on your local machine. Using key-based authentication ==Transferring files with SCP== The Secure Copy Protocol (SCP) is a useful tool for transferring files between your local machine and a remote server using SSH. SCP ensures that the data is encrypted during transit, providing a secure and efficient way to transfer files. ===Install an SCP client=== Most Unix-based systems, including Linux and macOS, have an SCP client pre-installed. For Windows, you can use the built-in SCP client included with the OpenSSH package (available in Windows 10 and later) or a third-party client like WinSCP. ===Transfer a file from your local machine to a remote server=== To copy a file from your local machine to a remote server, use the following command: * Note the use of the upper case '''-P''' for ports with '''scp''' <code>scp -P port local_file_path username@hostname_or_IP:remote_file_path</code> Replace port with the SSH port number (if different from the default 22), local_file_path with the path to the file on your local machine, username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, and remote_file_path with the desired location on the remote server. For example: <code>scp -P 22 /home/john/documents/report.pdf john@example.com:/home/john/reports/</code> This command will copy the "report.pdf" file from the local machine to the "reports" directory on the remote server. ===Transfer a file from a remote server to your local machine=== To copy a file from a remote server to your local machine, use the following command: <code>scp -P port username@hostname_or_IP:remote_file_path local_file_path</code> Replace port with the SSH port number (if different from the default 22), username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, remote_file_path with the path to the file on the remote server, and local_file_path with the desired location on your local machine. For example: <code>scp -P 2222 john@example.com:/home/john/reports/report.pdf /home/john/documents/</code> : Or <code>scp john@example.com:/home/john/reports/report.pdf /home/john/documents/</code>- This command will copy the "report.pdf" file from the remote server's "reports" directory to the "documents" directory on your local machine. ===Transferring directories=== To transfer an entire directory, use the '''-r''' flag: <code>scp -r -P port local_directory_path username@hostname_or_IP:remote_directory_path</code> Or, to copy a directory from the remote server to your local machine: <code>scp -r -P port username@hostname_or_IP:remote_directory_path local_directory_path</code> Using SCP is a convenient and secure way to transfer files between your local machine and a remote server. It leverages the security of the SSH protocol to ensure that your data remains encrypted during transit. ===Transferring from Remote Computer to Remote Computer=== Copy the file '''stuff.txt''' from remote host '''12.34.56.67''' to host '''11.22.33.44''' <code>scp name@12.34.56.67:/home/user/Documents/stuff.txt name@11.22.33.44:/home/user/Documents/</code> With the '''-3''' flag copies between two remote hosts "12.34.56.67" and "11.22.33.44" are transferred through the local host running the command. <code>scp -3 name@12.34.56.67:/home/user/Documents/stuff.txt \ name@11.22.33.44:/home/user/Documents/ </code> ===Transferring multiple files=== Send files foo.txt and bar.txt to remote. <code>scp foo.txt bar.txt user@12.34.56.78:~/Documents/</code> Copy multiple files from remote "Documents" directory to local "Documents" directory. <code>scp user@11.22.33.44:/home/user/Documents/\{todo_list.txt,links.txt,stuff.txt\} /home/$USER/Documents/</code> Copy multiple files from the remote to local current directory. <code>scp name@12.34.56.78:~/\{README.md,.bashrc\} . </code> == Transferring files with SFTP== The SSH File Transfer Protocol (SFTP) is another method for transferring files securely between your local machine and a remote server. Unlike SCP, SFTP provides an interactive interface that allows you to navigate, upload, and download files more easily. Install an SFTP client: Most Unix-based systems, including Linux and macOS, have an SFTP client pre-installed. For Windows, you can use the built-in SFTP client included with the OpenSSH package (available in Windows 10 and later) or a third-party client like WinSCP or FileZilla. Connect to a remote server: To start an SFTP session with a remote server, open a terminal or command prompt on your local machine and use the following command: <code>sftp -P port username@hostname_or_IP</code> Replace port with the SSH port number (if different from the default 22), username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. For example: <code>sftp -P 22 john@example.com</code> Navigate the remote filesystem: Once connected, you can use commands similar to those available in a Unix shell to navigate the remote server's filesystem. Some common SFTP commands include: : '''ls''': List files and directories<br> : '''cd''': Change the current directory<br> : '''mkdir''': Create a new directory<br> : '''rmdir''': Remove an empty directory<br> : '''get''': Download a file from the remote server<br> : '''put''': Upload a file to the remote server<br> <br> : '''rm''': Remove a file<br> : '''rename''': Rename a file or directory<br> : '''exit''': Exit the SFTP session<br> Transfer files: To transfer files, use the put command to upload a file from your local machine to the remote server, and the get command to download a file from the remote server to your local machine. For example: Upload a file: <code>put local_file_path remote_file_path</code> Download a file: <code>get remote_file_path local_file_path</code> Replace local_file_path and remote_file_path with the appropriate paths for the files you want to transfer. Transferring directories: To transfer entire directories, use the -r flag with the put and get commands: Upload a directory: <code>put -r local_directory_path remote_directory_path</code> Download a directory: <code>get -r remote_directory_path local_directory_path</code> Disconnect from the remote server: When you've finished transferring files, type exit to close the SFTP session. SFTP offers a more user-friendly, interactive experience for transferring files compared to SCP. By utilizing the secure and encrypted SSH protocol, SFTP ensures that your data remains safe during transfer. ==Advanced SSH Techniques== === Port forwarding and tunneling=== SSH port forwarding and tunneling allow you to securely forward network traffic between your local machine and a remote server. This can be useful for accessing remote services, bypassing firewalls, or securely transmitting sensitive data. Local Port Forwarding: Local port forwarding creates a secure tunnel between your local machine and a remote server, allowing you to access remote services as if they were running on your local machine. To set up local port forwarding, use the -L flag with the SSH command: <code>ssh -L local_port:remote_host:remote_port username@hostname_or_IP</code> Replace local_port with an available port on your local machine, remote_host with the hostname or IP address of the remote server hosting the service, remote_port with the port number of the remote service, username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. Remote Port Forwarding: Remote port forwarding enables you to expose a local service running on your machine to a remote network. To set up remote port forwarding, use the -R flag with the SSH command: <code>ssh -R remote_port:local_host:local_port username@hostname_or_IP</code> Replace remote_port with an available port on the remote server, local_host with the hostname or IP address of the local machine hosting the service, local_port with the port number of the local service, username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. :**Forwarding X, Sound, and Video on Ubuntu 22.04 with Ubuntu 22.04 LXC**: To forward X, sound, and video from a remote Ubuntu 22.04 server to your local Ubuntu 22.04 machine, you'll need to enable X11 forwarding and install the necessary packages. :* Install required packages: On both your local machine and the remote server, install the x11-apps and pulseaudio packages: <code>sudo apt update</code><br> <code>sudo apt install x11-apps pulseaudio</code> :* Enable X11 forwarding: To enable X11 forwarding, you'll need to edit the SSH server configuration file (/etc/ssh/sshd_config) on the remote server: <code>sudo nano /etc/ssh/sshd_config</code> Find the line containing "X11Forwarding" and set its value to "yes": <code>X11Forwarding yes</code> If the line is commented out (i.e., it starts with a '#'), remove the '#' symbol. Save your changes and exit the text editor. :* Restart the SSH server: Apply the changes by restarting the SSH server: <code>sudo systemctl restart ssh</code> :* Connect with X11 forwarding: From your local machine, use the -X flag to enable X11 forwarding when connecting to the remote server: <code>ssh -X username@hostname_or_IP</code> :* Export PULSE_SERVER environment variable: On the remote server, export the PULSE_SERVER environment variable to forward sound: <code>export PULSE_SERVER=tcp:localhost</code> You can add this line to the remote user's ~/.bashrc or ~/.profile file to make the change permanent. :* Run applications: Now, you can run graphical applications on the remote server, and they will be displayed on your local machine with sound and video forwarded. Please note that forwarding X, sound, and video might cause increased latency and reduced performance compared to running the applications locally. === SSH agent forwarding=== SSH agent forwarding is a powerful feature that allows you to use your local SSH keys to authenticate with remote servers without having to copy your private keys to those servers. This is particularly useful when you need to access one remote server (Server B) through another remote server (Server A). ==== Start the SSH agent on your local machine ==== Before you enable SSH agent forwarding, you need to start the SSH agent on your local machine. Open a terminal and run the following command: :* For Linux and macOS: <code>eval "$(ssh-agent -s)"</code> For Windows (Git Bash or Cygwin): <code>eval $(ssh-agent)</code> This command starts the SSH agent and sets the required environment variables. ====Add your SSH key to the agent==== Next, add your private key to the SSH agent with the following command: <code>ssh-add ~/.ssh/your_private_key</code> Replace '''your_private_key''' with the filename of your private key. This might be '''id_rsa''', '''id_ed25519''', or another key file depending on your setup. ====Configure SSH agent forwarding on your local machine==== Edit your SSH config file to enable agent forwarding. The config file is usually located at '''~/.ssh/config'''. If the file doesn't exist, create it. Add the following lines to the config file: <pre> Host server_a_alias HostName server_a_ip_or_hostname User your_username_on_server_a ForwardAgent yes Host server_b_alias HostName server_b_ip_or_hostname User your_username_on_server_b ForwardAgent yes </pre> Replace :* '''server_a_alias''' :* ''' server_a_ip_or_hostname''' :* '''your_username_on_server_a''' :* '''server_b_alias''' :* '''server_b_ip_or_hostname''' :* '''your_username_on_server_b''' with the appropriate values. ====Make sure your public key is added to the remote servers==== Before you can use SSH agent forwarding, you need to add your public key to the '''~/.ssh/authorized_keys''' file on both Server A and Server B. If you haven't done this already, you can use the following command: <code>ssh-copy-id -i ~/.ssh/your_public_key user@server_ip_or_hostname</code> Replace '''your_public_key''', '''user''', and '''server_ip_or_hostname''' with the appropriate values. ====Test SSH agent forwarding==== First, SSH into Server A: <code>ssh server_a_alias</code> Then, from Server A, SSH into Server B: <code>ssh server_b_alias</code> If everything is set up correctly, you should be able to access Server B without being prompted for a password. ====Verify SSH agent forwarding==== To make sure that SSH agent forwarding is working, you can check the value of the '''SSH_AUTH_SOCK''' environment variable on Server B. From Server B, run the following command: <code>echo $SSH_AUTH_SOCK</code> If SSH agent forwarding is working, this command should return a non-empty value. That's it! You've successfully set up and tested SSH agent forwarding. Now you can use your local SSH keys to authenticate with remote servers without having to copy your private keys to those servers. ===Command Restriction=== The '''authorized_keys''' file can be used to restrict the commands that a specific SSH key can execute. This is especially useful for security purposes, to limit the potential damage that could be done if a key is compromised. By including a '''command=''' directive in the '''authorized_keys''' file, you can specify the exact command that will be run when a client connects using the associated key. Any command provided by the client will be ignored, and the command specified in the authorized_keys file will be used instead. Example: <code>command="/usr/bin/scp -t /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...</code> is set up to always execute the '''scp''' command (used for secure copy of files over SSH) to the specified directory, no matter what command was originally issued by the client. This is a good way to create a "write-only" drop box, for instance. However, the keyholder could potentially still execute arbitrary commands by carefully crafting the file names they upload, so additional precautions should be taken, such as using command= along with other directives like '''no-port-forwarding''', '''no-X11-forwarding''', and '''no-pty''' to further limit what can be done with the key. <code>command="/usr/bin/scp -t /home/rscp/media/",no-port-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...</code> This entry does the following: :* The '''command=''' directive runs the specified command when a client connects using this key. In this case, the command is scp, which securely copies files to the /home/rscp/media/ directory. :* The '''no-port-forwarding''' directive prevents the client from using SSH's port forwarding features, which could potentially be used to create a secure tunnel for other network traffic. :* The '''no-X11-forwarding''' directive prevents the client from forwarding X11 graphical sessions, which could be used to run graphical applications over the SSH connection. :* The '''no-pty''' directive prevents the allocation of a pseudo-terminal, which means the client can't interact with a shell or run interactive commands. The '''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...''' part is the public key of the client. Replace this with the actual key. This configuration significantly limits the operations that can be performed with this key, providing an additional layer of security. ====SCP Only==== Use Case Example: Have a Server hosting XML Dumps, and want to automate sending a file or directory from Server1 to Server2 using a script and ssh-key so i don't need to enter password. =====Create Account on Server===== Create user account you are going to use:<br> <code>adduser rscp</code> Make sure user has a '''.ssh''' directory to send public key to:<br> <code>mkdir /home/rscp/.ssh</code> Make a Directory to transfer files to:<br> <code>mkdir /home/rscp/media</code> Note: If you see error <code>scp: /home/rscp/media/test.txt: Permission denied</code> If you created directory '''media''' when logged in as '''root''' then check directory permissions and if need [[Linux_Users_and_Groups#File_Ownership_and_Permissions|assign ownership to '''user''' account.]]<br> Example:<code>chown rscp:rscp /home/rscp/media</code> [[Ubuntu_22.04_SSH_Guide#Copying_public_keys_to_the_remote_server|Send your public key to server]] After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> <pre> command="/usr/bin/scp -t /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... </pre> If from remote server you are sending a Directory include the '''-r''' flag in command:<br> After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> <pre> command="/usr/bin/scp -t -r /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... </pre> This entry in the authorized_keys file uses the command option to restrict the SSH command that can be run with the associated SSH key. The command option specifies that the scp command should be used to transfer files to the '''/home/rscp/media/''' directory on the server. Here's a breakdown of the entry: :* '''command="/usr/bin/scp -t /home/rscp/"''': This specifies that the scp command should be used as the SSH command for this key, with the '''-t''' option to specify that the remote end is a file (in this case, a directory), and the destination directory on the server is /home/rscp/. This means that the user can only use the SSH key to transfer files to the /home/rscp/ directory on the server. :* '''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...''': This is the public key associated with the private key that is used for authentication. By using the command option in this way, you can restrict the actions that the user can perform with the SSH key, which can help to improve security. In this case, the user can only transfer files to the specified directory on the server using the scp command. ======Tip - transfer file to a path your USER does not have permissions for====== You can write a shell script to check the '''/home/rscp/media''' directory every minute using a while loop and the sleep command. If any files are found in the directory, the script can move them to the '''/var/www/media''' directory using the mv command. Here's an example script: <syntaxhighlight lang="bash" line> #!/bin/bash while true do if [ "$(ls -A /home/rscp/media/)" ]; then mv /home/rscp/media/* /var/www/media/ fi sleep 60 done </syntaxhighlight> In this script, the while loop runs indefinitely ('''while true''') and sleeps for 60 seconds at the end of each iteration ('''sleep 60'''). The '''if''' statement checks if the '''/home/rscp/media''' directory is not empty ('''[ "$(ls -A /home/rscp/media/)" ]'''). If it is not empty, the '''mv''' command is used to move all files and directories from the '''/home/rscp/media/''' directory to the '''/var/www/media/''' directory. Save this script to a file (e.g. '''move-files.sh''') and make it executable using the '''chmod +x move-files.sh''' command. You can then run the script using '''./move-files.sh &''' to start it in the background and allow it to run indefinitely. The & symbol is used to run the script in the background so that you can continue using the terminal. Note that running this script indefinitely can consume system resources, so you may want to consider setting up a scheduled task (e.g. using '''[[Cron_ubuntu_22.04|cron]]''') to run the script at a specific interval instead of running it indefinitely. ==Tilde '''~''' the escape character== The tilde (~) character has a special meaning in the context of SSH. When using SSH, you can use the tilde character followed by a control sequence to perform certain actions. These are called "tilde escape sequences" or "tilde commands." They are useful for managing your SSH connections. Here's how to use tilde escape sequences when connected to a remote server via SSH: :* Make sure you are at the beginning of a new line in your terminal. Press '''Enter''' if you are not. :* Type the tilde (~) character, followed by the appropriate control sequence. Note that you should not press '''Enter''' after typing the tilde character, but rather type the control sequence directly after it. Here are some common tilde escape sequences: : '''~.''' : Close the SSH connection. This can be helpful if the connection is frozen or unresponsive. : '''~^Z''' : Suspend the SSH connection and return to your local shell. You can later resume the connection using the fg command. : '''~#''' : List all forwarded connections (both local and remote) that are active in the current SSH session. : '''~&''' : Run the SSH session in the background. This is useful if you want to perform other tasks on your local machine without closing the SSH connection. : '''~~''' : Send a literal tilde character to the remote system. This is useful if you need to type a tilde character in the remote system without triggering an escape sequence. Remember that these escape sequences only work if they are entered at the beginning of a new line in your terminal. If you're typing them in the middle of a command or text, they won't be recognized as special control sequences. ==Troubleshooting and Best Practices== In this section, we'll cover some common issues and best practices related to SSH connections, including managing a large number of SSH keys. ===Too many authentication attempts=== When connecting to an SSH server, you might encounter the "Too many authentication attempts" error. This is often caused by having too many private keys in your ~/.ssh directory. By default, SSH tries each key until it finds the correct one, but many servers limit the number of authentication attempts. '''Solution''': To resolve this issue, you can create a separate directory for your keys and configure the SSH config file to use the appropriate key for each connection. :* Create a new directory for your keys: <code>mkdir ~/.ssh/keys</code> :* Move your private key files to the new directory: <code>mv ~/.ssh/id_rsa_* ~/.ssh/keys/</code> Update your SSH config file to specify the correct key for each connection: <pre> Host server1 ... IdentityFile ~/.ssh/keys/id_rsa_server1 Host server2 ... IdentityFile ~/.ssh/keys/id_rsa_server2 </pre> ===Permission issues=== SSH is very strict about file and directory permissions. Ensure that your ~/.ssh directory and its contents have the correct permissions: :* The ~/.ssh directory should have permissions set to 700: <code>chmod 700 ~/.ssh</code> Private key files should have permissions set to 600: <code>chmod 600 ~/.ssh/id_rsa</code> The ~/.ssh/config file should have permissions set to 600: <code>chmod 600 ~/.ssh/config</code> :* <b>Best practices</b>: Follow these best practices to maintain secure and efficient SSH connections: :* Use SSH key pairs instead of passwords for authentication, as they provide better security. :* Regularly update your SSH keys to maintain their security. :* Use strong, unique passphrases to protect your private keys. :* Disable password authentication and root login on your SSH server to reduce the risk of brute-force attacks. :* Regularly update your SSH server software to ensure you're running the latest security patches. :* Use non-standard port numbers for your SSH server to make it less likely to be targeted by automated attacks. :* Implement multi-factor authentication (MFA) for your SSH connections, if possible. :* Regularly review and remove any unnecessary authorized keys from the ~/.ssh/authorized_keys file on your servers. :* Use the Match directive in the sshd_config file to apply custom rules and settings for different users, groups, or connections. irazpac9pqcobc2mjj4mf7r4kg11ndr 438 437 2023-05-16T12:06:30Z Noob 1 /* Key-based Authentication */ 438 wikitext text/x-wiki ==Understanding SSH== '''SSH''' is a protocol that uses encryption to secure data transmitted between a client and a server. <br> It enables users to execute commands, transfer files, and manage remote systems through an encrypted channel. <br> SSH is widely used by system administrators for managing servers, network devices, and other remote systems. ==Installing SSH== To start using SSH, you'll need to install and configure both the server and client components. * OpenSSH-Server ** Is required to allow '''ssh''' connections * OpenSSH-Client ** Is used to login/connect to OpenSSH-Server If you are using Ubuntu Desktop, the '''openssh client''' will be preinstalled, allowing you to connect to a server which is running '''openssh-server''' If you are using Ubuntu Server, both the '''ssh client''' and '''openssh server''' are preinstalled by default. === Installing OpenSSH Server=== On Ubuntu distributions, you can install the OpenSSH server by running: <code>sudo apt install openssh-server</code><br> Check the SSH server status with: <code>systemctl status ssh</code> ===Installing OpenSSH Client=== The OpenSSH client is usually pre-installed on most Linux and macOS systems. <br>For Windows, you can install the OpenSSH client by following the instructions on the official website:<br> https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse ==Basic SSH Commands and Usage== === Connecting to a remote server=== Connecting to a remote server using SSH is a fundamental task when managing remote systems. Here's how to connect to a remote server using the command-line interface. Install an SSH client: Ensure you have an SSH client installed on your local machine. Most Unix-based systems, including Linux and macOS, have an SSH client pre-installed. For Windows, you can use the built-in OpenSSH client (available in Windows 10 and later) or a third-party client like PuTTY. ====Gather connection information==== To connect to a remote server, you'll need the following information: * The remote server's IP address or hostname * The SSH port number (default is 22) * Your username on the remote server * The password for the user on remote server. ====Connect using SSH==== Open a terminal or command prompt on your local machine and use the following command to connect to the remote server: <code>ssh username@hostname_or_IP</code> Replace '''username''' with your username on the remote server, '''hostname_or_IP''' with the server's hostname or IP address. If OpenSSH-Server is running/listening on a port other than the default port '''22''' include the port with the '''-p''' flag. For example (If port 2222): : <code>ssh john@example.com -p 2222</code> Or : <code>ssh -p 2222 john@example.com</code> =====Connecting to a Remote Server ===== In this example, we connect to a remote Ubuntu VPS with the following credentials: <pre> Username: root IP address: 12.34.56.78 Password: password2simple </pre> Use the following command to connect to the remote server: <code>ssh root@12.34.56.78</code> You will be prompted to enter the password. Type password2simple and press Enter. This demonstrates how simple it can be to log into a remote computer with root access. * If your Server is hosting SSHD on a port other than default 'port 22' include port number with the '''-p''' flag Example with port 2222:<br> <code>ssh -p 2222 root@12.34.56.78</code> ====Authenticate==== When connecting for the first time, you'll see a prompt asking you to confirm the remote server's fingerprint. Verify the fingerprint and type "yes" to proceed. Next, you'll be prompted for your password. Enter your password to complete the authentication process. Once authenticated, you'll have access to the remote server's command line. You can now execute commands and manage the remote server as if you were working on it directly. Remember that you can use key-based authentication (with a private-public key pair) instead of a password for a more secure and convenient connection method. == Using SSH config file== An SSH config file allows you to define and manage multiple SSH connections, simplifying the process of connecting to remote servers. By creating an SSH config file, you can define custom options, such as port numbers, usernames, and key files, for each connection. The SSH config file is typically located in the '''~/.ssh''' directory and named config. Here's how to create and use an SSH config file: :* Create the SSH config file: If it doesn't exist, create the config file in the '''~/.ssh''' directory using a text editor: <code>$EDITOR ~/.ssh/config</code> :* Define a connection: To define a connection, you'll need to specify a Host entry followed by any options you want to apply to that connection. Here's an example: <pre> Host server1 HostName example.com User your_username Port 2222 IdentityFile ~/.ssh/id_rsa_server1 </pre> In this example, we've defined a connection called server1 with the following options: :* HostName: The hostname or IP address of the remote server (example.com in this case). :* User: The username to use when connecting to the remote server (replace your_username with your actual username). :* Port: The port number to use for the SSH connection (2222 in this example). :* IdentityFile: The path to the private key file to use for authentication (replace ~/.ssh/id_rsa_server1 with the path to your private key file). You can define multiple connections in the same config file by creating separate Host entries: <pre> Host server2 HostName 192.168.1.100 User another_username Port 22 IdentityFile ~/.ssh/id_rsa_server2 </pre> :* Save and exit the file: Save your changes and exit the text editor. :* Connect using the SSH config file: To connect to a remote server using the defined connection, simply use the ssh command followed by the Host entry: <code>ssh server1</code> In this example, SSH will automatically use the options defined in the config file for server1, such as the hostname, username, port number, and identity file. By using an SSH config file, you can simplify the process of managing multiple SSH connections and customize the options for each connection. ==Key-based Authentication== Why use key-based authentication? * Server1: 12.34.56.78 * Server2: 12.34.56.87 You are trying to login to Server1, but by mistake you enter your '''user''' and '''password''' to Server2, Can Server2 record the '''user''' and '''password''' you used? [[Ubuntu_18.04_OpenSSH-Server_Capture_Failed_Passwords|YES, Yes it can]] === Generating SSH key pairs=== SSH key pairs consist of a private key and a public key. They provide a secure, passwordless authentication method for connecting to remote servers. The private key remains on your local machine, while the public key is added to the remote server's authorized keys. Here's how to generate an SSH key pair: Open a terminal: On Unix-based systems (Linux and macOS), open a terminal. On Windows, open PowerShell or the Command Prompt. Generate the key pair: Use the ssh-keygen command to create a new SSH key pair. The following command generates a 4096-bit RSA key pair: <code>ssh-keygen -t rsa -b 4096</code> You can also generate other types of keys, such as Ed25519, by changing the -t option: <code>ssh-keygen -t ed25519</code> Specify the key's location: When prompted, you can either accept the default location (~/.ssh/id_rsa for RSA keys, ~/.ssh/id_ed25519 for Ed25519 keys) or enter a custom path. It is recommended to use the default location unless you have a specific reason to change it. Set a passphrase (optional): You can choose to protect your private key with a passphrase. If you do, you'll need to enter the passphrase every time you use the key. This adds an extra layer of security, but can be less convenient for automation or scripting. To set a passphrase, enter it when prompted; otherwise, leave the field blank ====Selecting file name and path for keys==== <code>ssh-keygen -t rsa -b 4096 -f .ssh/nuc</code> The '''-f''' option in the '''ssh-keygen''' command is used to specify the output file for the generated key pair. In your example, '''ssh-keygen -t rsa -b 4096 -f .ssh/nuc''', the command is generating an RSA key pair with a key length of 4096 bits, and the output files will be saved in the '''.ssh''' directory with the base name '''nuc'''. Here's a breakdown of the options used in this command: :* '''-t rsa''': Specifies the key type, in this case, RSA. :* '''-b 4096''': Specifies the key length, which is 4096 bits in this case. This length offers good security and is generally recommended. :* '''-f .ssh/nuc''': Specifies the file where the key pair will be saved. The private key will be saved as '''.ssh/nuc''', and the public key will be saved as '''.ssh/nuc.pub'''. After running this command, you'll have a new key pair with the private key in '''.ssh/nuc''' and the public key in '''.ssh/nuc.pub''' ====Create keys with no passphase==== <code>ssh-keygen -t rsa -b 4096 -N "" -C "MYSERVER" -f ~/.ssh/serverkey</code> :* '''-t rsa''': Specifies the key type, in this case, RSA. :* '''-b 4096''': Specifies the key length, which is 4096 bits in this case. This length offers good security and is generally recommended. :* '''-N ""''': Specifies an empty passphrase for the key pair. This means that the private key will not be encrypted, and no passphrase will be required when using it. This can be less secure, but more convenient for automated processes. :* '''-C "MYSERVER"''': Adds a comment to the generated key pair. In this case, the comment is "MYSERVER". Comments are useful for identifying keys when you have multiple keys in your ~/.ssh directory or on a remote server. :* '''-f ~/.ssh/serverkey''': Specifies the file where the key pair will be saved. The private key will be saved as '''~/.ssh/serverkey''', and the public key will be saved as '''~/.ssh/serverkey.pub'''. After running this command, you'll have a new key pair with the private key in '''~/.ssh/serverkey''' and the public key in '''~/.ssh/serverkey.pub'''. The private key will have an empty passphrase and a comment "MYSERVER" for easier identification. ====Remove the passphrase from an existing SSH private key==== To remove the passphrase from an existing SSH private key, you can use the '''ssh-keygen''' command with the '''-p''' option, which is used for changing the passphrase. Follow these steps: :* Make a backup of your private key file, just in case something goes wrong during the process. You can do this by running the following command, replacing '''<your_private_key>''' with the filename of your private key: <code>cp <your_private_key> <your_private_key>.backup</code> :* Run the '''ssh-keygen''' command with the '''-p''' option, specifying the private key file using the '''-f''' option: ::** '''-p''': Indicates that you want to change the passphrase of an existing private key. ::** '''-f <your_private_key>''': Specifies the private key file whose passphrase you want to change. <code>ssh-keygen -p -f <your_private_key></code> :* You will be prompted to enter the old passphrase for the private key. Type it in and press Enter. :* Next, you'll be prompted to enter a new passphrase. Since you want to remove the passphrase, leave this field empty and press Enter. :* You'll be asked to confirm the empty passphrase. Press Enter again to confirm. Your private key now has its passphrase removed. Keep in mind that this makes the private key less secure, as anyone with access to the file can use it without needing to know the passphrase. ====Add/Change a passphrase to an existing SSH Key==== To add a passphrase to an existing SSH private key that doesn't have one, you can use the '''ssh-keygen''' command with the '''-p''' option, just like when you change or remove a passphrase. Here are the steps: :* '''Make a backup of your private key file''', just in case something goes wrong during the process. You can do this by running the following command, replacing <your_private_key> with the filename of your private key: <code>cp <your_private_key> <your_private_key>.backup</code> :* Run the '''ssh-keygen''' command with the -p option, specifying the private key file using the '''-f''' option: <code>ssh-keygen -p -f <your_private_key></code> :* You will be prompted to enter the old passphrase for the private key. Since your private key doesn't currently have a passphrase, just press Enter to proceed. :* Next, you'll be prompted to enter a new passphrase. Type in the passphrase you want to set for the private key and press Enter. :* You'll be asked to confirm the new passphrase. Type it again and press Enter to confirm. Your private key now has a passphrase added to it. This provides an extra layer of security, as anyone using the key will need to know the passphrase to access it. Keep in mind that you should use a strong passphrase to ensure better security. === Copying public keys to the remote server=== After generating an SSH key pair, you'll need to copy the public key to the remote server to enable key-based authentication. Here's how to do it: ====Using ssh-copy-id==== Use the '''ssh-copy-id''' command (Linux and macOS): On Unix-based systems, you can use the ssh-copy-id command to copy your public key to the remote server: <code>ssh-copy-id -i ~/.ssh/id_rsa.pub username@hostname_or_IP</code> Replace ~/.ssh/id_rsa.pub with the path to your public key file (e.g., ~/.ssh/id_ed25519.pub for Ed25519 keys), username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. ====Manually copy the public key==== Manually copy the public key (Windows and alternative method): If you don't have access to the ssh-copy-id command or prefer to do it manually, you can: :* Open your public key file (e.g., id_rsa.pub or id_ed25519.pub) with a text editor and copy its content.> :* Log in to the remote server via SSH.<br> :* Create the ~/.ssh directory if it doesn't exist: <code>mkdir -p ~/.ssh</code> Edit or create the ~/.ssh/authorized_keys file using a text editor (e.g., nano, vim, or emacs), and paste the content of your public key at the end of the file. Save and close the file. Set the correct file permissions: To ensure the security of your SSH setup, it's essential to set the proper file permissions on your local machine and the remote server: :* On your local machine: :** Private key (id_rsa or id_ed25519): -rw------- (600) :** Public key (id_rsa.pub or id_ed25519.pub): -rw-r--r-- (644) :* On the remote server: :** ~/.ssh directory: drwx------ (700) :** ~/.ssh/authorized_keys file: -rw------- (600) To set the permissions on your local machine, use the chmod command: <pre> chmod 600 ~/.ssh/id_rsa chmod 644 ~/.ssh/id_rsa.pub </pre> On the remote server, use the following commands: <pre> chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys </pre> Once you've copied your public key to the remote server and set the correct file permissions, you should be able to connect using key-based authentication without the need for a password. === Disabling password authentication (optional)=== Disabling password authentication enhances the security of your SSH server by requiring key-based authentication for all connections. You can disable password authentication for specific users or for all users. To do so, follow these steps: :* Connect to the remote server: Log in to the remote server via SSH using your username and the server's hostname or IP address. :* Edit the SSH configuration file: Open the SSH server configuration file (usually located at /etc/ssh/sshd_config) with a text editor such as nano, vim, or emacs: <code>sudo nano /etc/ssh/sshd_config</code> :* Disabling password authentication for all users: Find the line containing "PasswordAuthentication" and set its value to "no": <code>PasswordAuthentication no</code> If the line is commented out (i.e., it starts with a '#'), remove the '#' symbol. :* Disabling password authentication for a specific user: To disable password authentication only for a particular user, you can use a "Match User" block at the end of the sshd_config file: <pre> Match User username PasswordAuthentication no </pre> Replace username with the actual username for which you want to disable password authentication. :* Save and exit the file: Save your changes and exit the text editor. :* Restart the SSH server: Apply the changes by restarting the SSH server: <code>sudo systemctl restart ssh</code> Now, password authentication will be disabled for the specified user(s), and only key-based authentication will be allowed. Remember that if you disable password authentication, you must have a working SSH key pair set up to access the server, or you may be locked out. == Configuring the SSH server== Edit the SSH server configuration file located at <b>/etc/ssh/sshd_config</b> to set your desired settings. You can modify options like the listening port, allowing root login, and more. ===Common sshd_config Options=== The '''sshd_config''' file is located at '''/etc/ssh/sshd_config''' on most Linux systems. This file contains various options and settings that determine the behavior of the OpenSSH server. Each option is followed by its value, and lines starting with a <b>#</b> are considered comments. Here's an overview of some common options in the sshd_config file: ===Port=== Specifies the port number that the SSH server listens on.<br> <code>Port 22</code><br> === AddressFamily=== Determines the IP address family (IPv4, IPv6, or both) used by the SSH server. * To specify that the SSH server should only listen for incoming IPv4 connections: <code>AddressFamily inet</code> * Or, if you want the SSH server to only listen for incoming IPv6 connections, set the 'AddressFamily' directive to 'inet6': <code>AddressFamily inet6</code> * If you want to allow both IPv4 and IPv6 connections, set the 'AddressFamily' directive to 'any': <code>AddressFamily any</code> === ListenAddress=== Specifies the IP address(es) the SSH server listens on. By default, it listens on all available addresses. <code>ListenAddress 192.168.1.10</code> === Protocol=== Defines the SSH protocol version. It's recommended to use only protocol 2. <code>Protocol 2</code> === PermitRootLogin=== Controls whether root login is allowed. It's generally advised to disable root login or set it to "without-password" to allow only key-based authentication for root. <code>PermitRootLogin no</code> ===PasswordAuthentication=== Enables or disables password-based authentication. <code>PasswordAuthentication yes</code> === PubkeyAuthentication=== Enables or disables public key authentication. <code>PubkeyAuthentication yes</code> === AuthorizedKeysFile=== Specifies the location of the authorized keys file for public key authentication. <code>AuthorizedKeysFile .ssh/authorized_keys</code> === LogLevel=== Sets the logging level for the SSH server. The LogLevel option in '''sshd_config''' controls the amount of information that SSH daemon (sshd) logs. There are different log levels that can be set with this option, each providing a different level of detail: * '''QUIET''': Disables all logging. * '''FATAL''': Only logs fatal errors. * '''ERROR''': Logs error messages. * '''INFO''': Logs informational messages such as login attempts. * '''VERBOSE''': Logs more detailed information than INFO, including shell commands executed. * '''DEBUG''': Logs detailed debugging information, including raw protocol details. The default log level is '''INFO''', which is usually sufficient for most purposes. However, if you need to troubleshoot SSH connections or monitor user activity, setting a higher log level may be helpful. To change the '''LogLevel''' in '''sshd_config''', you can edit the file '''/etc/ssh/sshd_config''' (or the appropriate configuration file for your system), and add or modify the line: <code>LogLevel <log_level></code> Where <log_level> is one of the log levels listed above. <code>LogLevel INFO</code> === LoginGraceTime=== Defines the time allowed for a user to successfully log in. <code>LoginGraceTime 2m</code> ===MaxAuthTries=== Limits the number of authentication attempts allowed per connection. <code>MaxAuthTries 6</code> === MaxSessions=== Specifies the maximum number of simultaneous sessions allowed per network connection.<br> <code>MaxSessions 10</code> === AllowUsers, DenyUsers, AllowGroups, DenyGroups=== These options control which users and groups are allowed or denied access to the SSH server. They provide a way to manage access control based on usernames and group membership. * '''AllowUsers''': Specifies a list of users allowed to access the SSH server. Other users will be denied access. <code>AllowUsers user1 user2 user3</code><br> * '''DenyUsers''': Specifies a list of users denied access to the SSH server. Other users will be allowed access. <code>DenyUsers user4 user5</code> * '''AllowGroups''': Specifies a list of groups whose members are allowed to access the SSH server. Users not belonging to these groups will be denied access. <code>AllowGroups group1 group2</code> * '''DenyGroups''': Specifies a list of groups whose members are denied access to the SSH server. Users not belonging to these groups will be allowed access. <code>DenyGroups group3 group4</code> Note that the order in which these options are applied is '''DenyUsers''', '''AllowUsers''', '''DenyGroups''', and finally '''AllowGroups'''. ===Banner=== The Banner option allows you to display a message or warning to users before they log in to the SSH server. This is often used to display legal notices, security warnings, or other important information. To enable the banner, set the Banner option to the path of a text file containing the message you want to display: <code>Banner /etc/ssh/banner.txt</code> Create the /etc/ssh/banner.txt file and add your desired message. The content of this file will be displayed to users before they log in. ==Advanced sshd_config Options== === PermitTunnel=== The PermitTunnel option enables or disables the use of SSH tunneling. Tunnels can be used to forward ports or create VPN-like connections between the client and the server. * There are four possible values for this option: : '''"yes"''': Allows all types of tunnels.<br> : '''"point-to-point"''': Allows only point-to-point (Layer 3) tunnels.<br> : '''"ethernet"''': Allows only Ethernet (Layer 2) tunnels.<br> : '''"no"''': Disables tunneling (default).<br> To enable tunneling, set the PermitTunnel option in the sshd_config file: <code>PermitTunnel yes</code> Keep in mind that enabling tunnels may expose your server to additional security risks. Only enable this option if you understand the implications and have a specific use case that requires it. === ChrootDirectory=== The ChrootDirectory option allows you to restrict a user or a group to a specific directory (known as a chroot jail) when they log in via SSH. This can enhance security by isolating users and limiting their access to only the necessary parts of the filesystem. To set up a chroot jail, follow these steps: Create a directory that will serve as the chroot jail. For example, let's create a directory for user1: <code>sudo mkdir /home/user1/chroot</code> Change the ownership of the directory to the user and their primary group: <code>sudo chown user1:user1 /home/user1/chroot</code> In the sshd_config file, add a Match block at the end of the file to specify the ChrootDirectory for user1: <pre> Match User user1 ChrootDirectory /home/user1/chroot </pre> Restart the SSH server to apply the changes: <code>sudo systemctl restart ssh</code> Now, when user1 logs in via SSH, they will be restricted to the /home/user1/chroot directory and won't be able to access other parts of the filesystem. Note that the chroot jail should be owned by root and not writable by the user. If you need to provide write access to specific directories, create subdirectories inside the chroot jail and set appropriate permissions for those. Also, some features like SFTP may require additional configuration within the chroot jail. ===ForceCommand=== The ForceCommand option allows you to specify a command that will be executed when a user logs in via SSH, regardless of the command requested by the user. This can be useful for limiting the actions a user can perform or for automatically running specific tasks upon login. To use the ForceCommand option, follow these steps: In the sshd_config file, add a Match block at the end of the file to specify the ForceCommand for a specific user or group. For example, to force user1 to execute the command /usr/bin/my-command upon login: <pre> Match User user1 ForceCommand /usr/bin/my-command </pre> Restart the SSH server to apply the changes: <code>sudo systemctl restart ssh</code> Now, when user1 logs in via SSH, the /usr/bin/my-command will be executed automatically, and they will not be able to run any other command. Keep in mind that using ForceCommand may limit the user's ability to interact with the server or transfer files via SFTP. Make sure to test and verify the functionality for your specific use case. === Match Blocks=== Match blocks in the sshd_config file allow you to apply specific configuration options based on certain criteria, such as the user, group, address, or host. This enables you to create custom rules and settings for different users, groups, or connections. Match block syntax: <pre> Match criteria Option value </pre> Here are some examples of Match blocks and their usage: Apply settings only for a specific user: <pre> Match User user1 PasswordAuthentication no AllowTcpForwarding yes </pre> This configuration disables password authentication and enables TCP forwarding only for user1. Apply settings for multiple users: <pre> Match User user1,user2 ChrootDirectory /home/%u/chroot </pre> This configuration sets the chroot directory for both user1 and user2. Apply settings for a specific group: <pre> Match Group group1 PasswordAuthentication yes </pre> This configuration enables password authentication only for members of group1. Apply settings based on the client's IP address: <pre> Match Address 192.168.1.0/24 PasswordAuthentication no </pre> This configuration disables password authentication for clients connecting from the 192.168.1.0/24 subnet. Combine multiple criteria: <pre> Match User user1 Address 192.168.1.0/24 PasswordAuthentication yes </pre> This configuration enables password authentication only for user1 when they connect from the 192.168.1.0/24 subnet. Remember to restart the SSH server after making changes to the sshd_config file: <code>sudo systemctl restart ssh</code> Match blocks offer flexibility in customizing your SSH server's configuration based on various criteria. Use them wisely to enhance security and optimize your server's settings. ==Best Practices and Tips '''sshd_config'''== When configuring your '''sshd_config''' file, it's essential to follow best practices to ensure the security and stability of your SSH server. Here are some recommendations and tips: :* Keep the server up-to-date: Always update your SSH server software and the underlying operating system to ensure you have the latest security patches and features. :* Use strong authentication: Enable key-based authentication (PubkeyAuthentication) and consider disabling password authentication (PasswordAuthentication) to reduce the risk of brute-force attacks. :* Limit root access: Set "PermitRootLogin" to "no" or "without-password" to prevent direct root login or require key-based authentication for root. :* Use non-standard ports: Change the default SSH port (22) to a non-standard port to reduce the exposure to automated scans and attacks. Keep in mind this is security through obscurity and should be combined with other security measures. '''Restrict user access''': Use "AllowUsers," "DenyUsers," "AllowGroups," and "DenyGroups" options to control which users and groups can access the SSH server. '''Monitor logs''': Regularly check your SSH server logs for any suspicious activity or failed login attempts. Adjust the "LogLevel" setting in sshd_config as needed. * Default Log Path Ubuntu 22.04: '''/var/log/auth.log''' '''Use chroot jails''': Isolate users by creating chroot jails using the "ChrootDirectory" option, especially when providing SFTP access or when users don't require full access to the server. '''Configure connection settings''': Set appropriate values for "LoginGraceTime" and "MaxAuthTries" to limit the time allowed for successful login and the number of authentication attempts per connection. '''Use a strong firewall''': Configure your server's firewall to only allow SSH connections from trusted IP addresses or networks. '''Regularly review and audit''': Periodically review your sshd_config settings and make adjustments as necessary. Keep up-to-date with SSH security best practices and recommendations. By following these best practices and tips, you can enhance the security and performance of your SSH server, protecting it from unauthorized access and potential attacks. ===Troubleshooting sshd_config Issues=== When encountering problems with your SSH server configuration, it's important to know how to diagnose and resolve issues. Here are some common problems and troubleshooting steps: Check syntax and configuration errors: If the SSH server is not starting or not functioning as expected, check the sshd_config file for any syntax or configuration errors. Use the following command to test the configuration file for errors: <code>sudo sshd -t</code> If there are any issues, the command will provide error messages with information on what needs to be fixed. Review log files: Inspect the SSH server log files for any error messages or relevant information. The location of the log files may vary depending on your system, but common locations are /var/log/auth.log or /var/log/secure. Tail the log file while attempting to connect to get real-time information: <code>sudo tail -f /var/log/auth.log</code> Restart the SSH server Check firewall settings: Ensure that the server's firewall is allowing SSH connections on the correct port. If you changed the default SSH port, update your firewall rules accordingly. Verify user permissions: If a specific user is unable to connect, check the user's permissions, home directory, and the settings in the sshd_config file, such as "AllowUsers," "DenyUsers," "AllowGroups," or "DenyGroups." SSH server from a client, use the verbose mode to get more detailed information about the connection process. This can help identify any issues with authentication or configuration. Run the following command to enable verbose mode: <code>ssh -v user@example.com</code> Replace "user@example.com" with the appropriate username and server address. You can increase the verbosity level by adding more "v" characters (e.g., -vv or -vvv) if needed. Check file permissions: Ensure that the file permissions for the user's home directory, the .ssh directory, and the authorized_keys file are set correctly. The user's home directory should not be writable by other users, the .ssh directory should have permissions set to 700 (drwx------), and the authorized_keys file should have permissions set to 600 (-rw-------). Test network connectivity: If you're unable to connect to the SSH server, verify that you can reach the server on the network. Use tools like ping, traceroute, or telnet to check the connection to the server and the specific SSH port. By following these troubleshooting steps, you should be able to diagnose and resolve most issues related to the sshd_config file and the SSH server configuration. Remember to carefully review the settings in your sshd_config file and consult the server logs for additional information when encountering problems. ====After making changes, restart the SSH server:==== <code>sudo systemctl restart ssh</code><br> == Running commands on a remote server== Once you've connected to a remote server using SSH, you can execute commands on the remote machine just as you would on your local system. However, you can also run commands on a remote server without establishing an interactive SSH session. This can be useful for automation, scripting, or quick tasks. Here's how to do it: Use the SSH command: To run a command on a remote server without entering an interactive session, use the following syntax: <code>ssh username@hostname_or_IP -p port 'command'</code> Replace username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, port with the SSH port number (if different from the default 22), and command with the command you want to execute. For example, to list the contents of the remote server's home directory, you can use: <code>ssh john@example.com -p 22 'ls -la'</code> ===Handling multiple commands=== If you need to execute multiple commands, you can chain them together using a '''semicolon''' or '''&&'''. The semicolon allows you to run multiple commands sequentially, while the && operator runs the next command only if the previous command was successful. For example, to update the package list and then upgrade the packages on a remote Ubuntu server: <code>ssh john@example.com -p 2222 'sudo apt-get update; sudo apt-get upgrade -y'</code> * Command output: The output of the command will be displayed in your local terminal, just as if you were running the command on your local machine. Using key-based authentication ==Transferring files with SCP== The Secure Copy Protocol (SCP) is a useful tool for transferring files between your local machine and a remote server using SSH. SCP ensures that the data is encrypted during transit, providing a secure and efficient way to transfer files. ===Install an SCP client=== Most Unix-based systems, including Linux and macOS, have an SCP client pre-installed. For Windows, you can use the built-in SCP client included with the OpenSSH package (available in Windows 10 and later) or a third-party client like WinSCP. ===Transfer a file from your local machine to a remote server=== To copy a file from your local machine to a remote server, use the following command: * Note the use of the upper case '''-P''' for ports with '''scp''' <code>scp -P port local_file_path username@hostname_or_IP:remote_file_path</code> Replace port with the SSH port number (if different from the default 22), local_file_path with the path to the file on your local machine, username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, and remote_file_path with the desired location on the remote server. For example: <code>scp -P 22 /home/john/documents/report.pdf john@example.com:/home/john/reports/</code> This command will copy the "report.pdf" file from the local machine to the "reports" directory on the remote server. ===Transfer a file from a remote server to your local machine=== To copy a file from a remote server to your local machine, use the following command: <code>scp -P port username@hostname_or_IP:remote_file_path local_file_path</code> Replace port with the SSH port number (if different from the default 22), username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, remote_file_path with the path to the file on the remote server, and local_file_path with the desired location on your local machine. For example: <code>scp -P 2222 john@example.com:/home/john/reports/report.pdf /home/john/documents/</code> : Or <code>scp john@example.com:/home/john/reports/report.pdf /home/john/documents/</code>- This command will copy the "report.pdf" file from the remote server's "reports" directory to the "documents" directory on your local machine. ===Transferring directories=== To transfer an entire directory, use the '''-r''' flag: <code>scp -r -P port local_directory_path username@hostname_or_IP:remote_directory_path</code> Or, to copy a directory from the remote server to your local machine: <code>scp -r -P port username@hostname_or_IP:remote_directory_path local_directory_path</code> Using SCP is a convenient and secure way to transfer files between your local machine and a remote server. It leverages the security of the SSH protocol to ensure that your data remains encrypted during transit. ===Transferring from Remote Computer to Remote Computer=== Copy the file '''stuff.txt''' from remote host '''12.34.56.67''' to host '''11.22.33.44''' <code>scp name@12.34.56.67:/home/user/Documents/stuff.txt name@11.22.33.44:/home/user/Documents/</code> With the '''-3''' flag copies between two remote hosts "12.34.56.67" and "11.22.33.44" are transferred through the local host running the command. <code>scp -3 name@12.34.56.67:/home/user/Documents/stuff.txt \ name@11.22.33.44:/home/user/Documents/ </code> ===Transferring multiple files=== Send files foo.txt and bar.txt to remote. <code>scp foo.txt bar.txt user@12.34.56.78:~/Documents/</code> Copy multiple files from remote "Documents" directory to local "Documents" directory. <code>scp user@11.22.33.44:/home/user/Documents/\{todo_list.txt,links.txt,stuff.txt\} /home/$USER/Documents/</code> Copy multiple files from the remote to local current directory. <code>scp name@12.34.56.78:~/\{README.md,.bashrc\} . </code> == Transferring files with SFTP== The SSH File Transfer Protocol (SFTP) is another method for transferring files securely between your local machine and a remote server. Unlike SCP, SFTP provides an interactive interface that allows you to navigate, upload, and download files more easily. Install an SFTP client: Most Unix-based systems, including Linux and macOS, have an SFTP client pre-installed. For Windows, you can use the built-in SFTP client included with the OpenSSH package (available in Windows 10 and later) or a third-party client like WinSCP or FileZilla. Connect to a remote server: To start an SFTP session with a remote server, open a terminal or command prompt on your local machine and use the following command: <code>sftp -P port username@hostname_or_IP</code> Replace port with the SSH port number (if different from the default 22), username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. For example: <code>sftp -P 22 john@example.com</code> Navigate the remote filesystem: Once connected, you can use commands similar to those available in a Unix shell to navigate the remote server's filesystem. Some common SFTP commands include: : '''ls''': List files and directories<br> : '''cd''': Change the current directory<br> : '''mkdir''': Create a new directory<br> : '''rmdir''': Remove an empty directory<br> : '''get''': Download a file from the remote server<br> : '''put''': Upload a file to the remote server<br> <br> : '''rm''': Remove a file<br> : '''rename''': Rename a file or directory<br> : '''exit''': Exit the SFTP session<br> Transfer files: To transfer files, use the put command to upload a file from your local machine to the remote server, and the get command to download a file from the remote server to your local machine. For example: Upload a file: <code>put local_file_path remote_file_path</code> Download a file: <code>get remote_file_path local_file_path</code> Replace local_file_path and remote_file_path with the appropriate paths for the files you want to transfer. Transferring directories: To transfer entire directories, use the -r flag with the put and get commands: Upload a directory: <code>put -r local_directory_path remote_directory_path</code> Download a directory: <code>get -r remote_directory_path local_directory_path</code> Disconnect from the remote server: When you've finished transferring files, type exit to close the SFTP session. SFTP offers a more user-friendly, interactive experience for transferring files compared to SCP. By utilizing the secure and encrypted SSH protocol, SFTP ensures that your data remains safe during transfer. ==Advanced SSH Techniques== === Port forwarding and tunneling=== SSH port forwarding and tunneling allow you to securely forward network traffic between your local machine and a remote server. This can be useful for accessing remote services, bypassing firewalls, or securely transmitting sensitive data. Local Port Forwarding: Local port forwarding creates a secure tunnel between your local machine and a remote server, allowing you to access remote services as if they were running on your local machine. To set up local port forwarding, use the -L flag with the SSH command: <code>ssh -L local_port:remote_host:remote_port username@hostname_or_IP</code> Replace local_port with an available port on your local machine, remote_host with the hostname or IP address of the remote server hosting the service, remote_port with the port number of the remote service, username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. Remote Port Forwarding: Remote port forwarding enables you to expose a local service running on your machine to a remote network. To set up remote port forwarding, use the -R flag with the SSH command: <code>ssh -R remote_port:local_host:local_port username@hostname_or_IP</code> Replace remote_port with an available port on the remote server, local_host with the hostname or IP address of the local machine hosting the service, local_port with the port number of the local service, username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. :**Forwarding X, Sound, and Video on Ubuntu 22.04 with Ubuntu 22.04 LXC**: To forward X, sound, and video from a remote Ubuntu 22.04 server to your local Ubuntu 22.04 machine, you'll need to enable X11 forwarding and install the necessary packages. :* Install required packages: On both your local machine and the remote server, install the x11-apps and pulseaudio packages: <code>sudo apt update</code><br> <code>sudo apt install x11-apps pulseaudio</code> :* Enable X11 forwarding: To enable X11 forwarding, you'll need to edit the SSH server configuration file (/etc/ssh/sshd_config) on the remote server: <code>sudo nano /etc/ssh/sshd_config</code> Find the line containing "X11Forwarding" and set its value to "yes": <code>X11Forwarding yes</code> If the line is commented out (i.e., it starts with a '#'), remove the '#' symbol. Save your changes and exit the text editor. :* Restart the SSH server: Apply the changes by restarting the SSH server: <code>sudo systemctl restart ssh</code> :* Connect with X11 forwarding: From your local machine, use the -X flag to enable X11 forwarding when connecting to the remote server: <code>ssh -X username@hostname_or_IP</code> :* Export PULSE_SERVER environment variable: On the remote server, export the PULSE_SERVER environment variable to forward sound: <code>export PULSE_SERVER=tcp:localhost</code> You can add this line to the remote user's ~/.bashrc or ~/.profile file to make the change permanent. :* Run applications: Now, you can run graphical applications on the remote server, and they will be displayed on your local machine with sound and video forwarded. Please note that forwarding X, sound, and video might cause increased latency and reduced performance compared to running the applications locally. === SSH agent forwarding=== SSH agent forwarding is a powerful feature that allows you to use your local SSH keys to authenticate with remote servers without having to copy your private keys to those servers. This is particularly useful when you need to access one remote server (Server B) through another remote server (Server A). ==== Start the SSH agent on your local machine ==== Before you enable SSH agent forwarding, you need to start the SSH agent on your local machine. Open a terminal and run the following command: :* For Linux and macOS: <code>eval "$(ssh-agent -s)"</code> For Windows (Git Bash or Cygwin): <code>eval $(ssh-agent)</code> This command starts the SSH agent and sets the required environment variables. ====Add your SSH key to the agent==== Next, add your private key to the SSH agent with the following command: <code>ssh-add ~/.ssh/your_private_key</code> Replace '''your_private_key''' with the filename of your private key. This might be '''id_rsa''', '''id_ed25519''', or another key file depending on your setup. ====Configure SSH agent forwarding on your local machine==== Edit your SSH config file to enable agent forwarding. The config file is usually located at '''~/.ssh/config'''. If the file doesn't exist, create it. Add the following lines to the config file: <pre> Host server_a_alias HostName server_a_ip_or_hostname User your_username_on_server_a ForwardAgent yes Host server_b_alias HostName server_b_ip_or_hostname User your_username_on_server_b ForwardAgent yes </pre> Replace :* '''server_a_alias''' :* ''' server_a_ip_or_hostname''' :* '''your_username_on_server_a''' :* '''server_b_alias''' :* '''server_b_ip_or_hostname''' :* '''your_username_on_server_b''' with the appropriate values. ====Make sure your public key is added to the remote servers==== Before you can use SSH agent forwarding, you need to add your public key to the '''~/.ssh/authorized_keys''' file on both Server A and Server B. If you haven't done this already, you can use the following command: <code>ssh-copy-id -i ~/.ssh/your_public_key user@server_ip_or_hostname</code> Replace '''your_public_key''', '''user''', and '''server_ip_or_hostname''' with the appropriate values. ====Test SSH agent forwarding==== First, SSH into Server A: <code>ssh server_a_alias</code> Then, from Server A, SSH into Server B: <code>ssh server_b_alias</code> If everything is set up correctly, you should be able to access Server B without being prompted for a password. ====Verify SSH agent forwarding==== To make sure that SSH agent forwarding is working, you can check the value of the '''SSH_AUTH_SOCK''' environment variable on Server B. From Server B, run the following command: <code>echo $SSH_AUTH_SOCK</code> If SSH agent forwarding is working, this command should return a non-empty value. That's it! You've successfully set up and tested SSH agent forwarding. Now you can use your local SSH keys to authenticate with remote servers without having to copy your private keys to those servers. ===Command Restriction=== The '''authorized_keys''' file can be used to restrict the commands that a specific SSH key can execute. This is especially useful for security purposes, to limit the potential damage that could be done if a key is compromised. By including a '''command=''' directive in the '''authorized_keys''' file, you can specify the exact command that will be run when a client connects using the associated key. Any command provided by the client will be ignored, and the command specified in the authorized_keys file will be used instead. Example: <code>command="/usr/bin/scp -t /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...</code> is set up to always execute the '''scp''' command (used for secure copy of files over SSH) to the specified directory, no matter what command was originally issued by the client. This is a good way to create a "write-only" drop box, for instance. However, the keyholder could potentially still execute arbitrary commands by carefully crafting the file names they upload, so additional precautions should be taken, such as using command= along with other directives like '''no-port-forwarding''', '''no-X11-forwarding''', and '''no-pty''' to further limit what can be done with the key. <code>command="/usr/bin/scp -t /home/rscp/media/",no-port-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...</code> This entry does the following: :* The '''command=''' directive runs the specified command when a client connects using this key. In this case, the command is scp, which securely copies files to the /home/rscp/media/ directory. :* The '''no-port-forwarding''' directive prevents the client from using SSH's port forwarding features, which could potentially be used to create a secure tunnel for other network traffic. :* The '''no-X11-forwarding''' directive prevents the client from forwarding X11 graphical sessions, which could be used to run graphical applications over the SSH connection. :* The '''no-pty''' directive prevents the allocation of a pseudo-terminal, which means the client can't interact with a shell or run interactive commands. The '''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...''' part is the public key of the client. Replace this with the actual key. This configuration significantly limits the operations that can be performed with this key, providing an additional layer of security. ====SCP Only==== Use Case Example: Have a Server hosting XML Dumps, and want to automate sending a file or directory from Server1 to Server2 using a script and ssh-key so i don't need to enter password. =====Create Account on Server===== Create user account you are going to use:<br> <code>adduser rscp</code> Make sure user has a '''.ssh''' directory to send public key to:<br> <code>mkdir /home/rscp/.ssh</code> Make a Directory to transfer files to:<br> <code>mkdir /home/rscp/media</code> Note: If you see error <code>scp: /home/rscp/media/test.txt: Permission denied</code> If you created directory '''media''' when logged in as '''root''' then check directory permissions and if need [[Linux_Users_and_Groups#File_Ownership_and_Permissions|assign ownership to '''user''' account.]]<br> Example:<code>chown rscp:rscp /home/rscp/media</code> [[Ubuntu_22.04_SSH_Guide#Copying_public_keys_to_the_remote_server|Send your public key to server]] After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> <pre> command="/usr/bin/scp -t /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... </pre> If from remote server you are sending a Directory include the '''-r''' flag in command:<br> After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> <pre> command="/usr/bin/scp -t -r /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... </pre> This entry in the authorized_keys file uses the command option to restrict the SSH command that can be run with the associated SSH key. The command option specifies that the scp command should be used to transfer files to the '''/home/rscp/media/''' directory on the server. Here's a breakdown of the entry: :* '''command="/usr/bin/scp -t /home/rscp/"''': This specifies that the scp command should be used as the SSH command for this key, with the '''-t''' option to specify that the remote end is a file (in this case, a directory), and the destination directory on the server is /home/rscp/. This means that the user can only use the SSH key to transfer files to the /home/rscp/ directory on the server. :* '''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...''': This is the public key associated with the private key that is used for authentication. By using the command option in this way, you can restrict the actions that the user can perform with the SSH key, which can help to improve security. In this case, the user can only transfer files to the specified directory on the server using the scp command. ======Tip - transfer file to a path your USER does not have permissions for====== You can write a shell script to check the '''/home/rscp/media''' directory every minute using a while loop and the sleep command. If any files are found in the directory, the script can move them to the '''/var/www/media''' directory using the mv command. Here's an example script: <syntaxhighlight lang="bash" line> #!/bin/bash while true do if [ "$(ls -A /home/rscp/media/)" ]; then mv /home/rscp/media/* /var/www/media/ fi sleep 60 done </syntaxhighlight> In this script, the while loop runs indefinitely ('''while true''') and sleeps for 60 seconds at the end of each iteration ('''sleep 60'''). The '''if''' statement checks if the '''/home/rscp/media''' directory is not empty ('''[ "$(ls -A /home/rscp/media/)" ]'''). If it is not empty, the '''mv''' command is used to move all files and directories from the '''/home/rscp/media/''' directory to the '''/var/www/media/''' directory. Save this script to a file (e.g. '''move-files.sh''') and make it executable using the '''chmod +x move-files.sh''' command. You can then run the script using '''./move-files.sh &''' to start it in the background and allow it to run indefinitely. The & symbol is used to run the script in the background so that you can continue using the terminal. Note that running this script indefinitely can consume system resources, so you may want to consider setting up a scheduled task (e.g. using '''[[Cron_ubuntu_22.04|cron]]''') to run the script at a specific interval instead of running it indefinitely. ==Tilde '''~''' the escape character== The tilde (~) character has a special meaning in the context of SSH. When using SSH, you can use the tilde character followed by a control sequence to perform certain actions. These are called "tilde escape sequences" or "tilde commands." They are useful for managing your SSH connections. Here's how to use tilde escape sequences when connected to a remote server via SSH: :* Make sure you are at the beginning of a new line in your terminal. Press '''Enter''' if you are not. :* Type the tilde (~) character, followed by the appropriate control sequence. Note that you should not press '''Enter''' after typing the tilde character, but rather type the control sequence directly after it. Here are some common tilde escape sequences: : '''~.''' : Close the SSH connection. This can be helpful if the connection is frozen or unresponsive. : '''~^Z''' : Suspend the SSH connection and return to your local shell. You can later resume the connection using the fg command. : '''~#''' : List all forwarded connections (both local and remote) that are active in the current SSH session. : '''~&''' : Run the SSH session in the background. This is useful if you want to perform other tasks on your local machine without closing the SSH connection. : '''~~''' : Send a literal tilde character to the remote system. This is useful if you need to type a tilde character in the remote system without triggering an escape sequence. Remember that these escape sequences only work if they are entered at the beginning of a new line in your terminal. If you're typing them in the middle of a command or text, they won't be recognized as special control sequences. ==Troubleshooting and Best Practices== In this section, we'll cover some common issues and best practices related to SSH connections, including managing a large number of SSH keys. ===Too many authentication attempts=== When connecting to an SSH server, you might encounter the "Too many authentication attempts" error. This is often caused by having too many private keys in your ~/.ssh directory. By default, SSH tries each key until it finds the correct one, but many servers limit the number of authentication attempts. '''Solution''': To resolve this issue, you can create a separate directory for your keys and configure the SSH config file to use the appropriate key for each connection. :* Create a new directory for your keys: <code>mkdir ~/.ssh/keys</code> :* Move your private key files to the new directory: <code>mv ~/.ssh/id_rsa_* ~/.ssh/keys/</code> Update your SSH config file to specify the correct key for each connection: <pre> Host server1 ... IdentityFile ~/.ssh/keys/id_rsa_server1 Host server2 ... IdentityFile ~/.ssh/keys/id_rsa_server2 </pre> ===Permission issues=== SSH is very strict about file and directory permissions. Ensure that your ~/.ssh directory and its contents have the correct permissions: :* The ~/.ssh directory should have permissions set to 700: <code>chmod 700 ~/.ssh</code> Private key files should have permissions set to 600: <code>chmod 600 ~/.ssh/id_rsa</code> The ~/.ssh/config file should have permissions set to 600: <code>chmod 600 ~/.ssh/config</code> :* <b>Best practices</b>: Follow these best practices to maintain secure and efficient SSH connections: :* Use SSH key pairs instead of passwords for authentication, as they provide better security. :* Regularly update your SSH keys to maintain their security. :* Use strong, unique passphrases to protect your private keys. :* Disable password authentication and root login on your SSH server to reduce the risk of brute-force attacks. :* Regularly update your SSH server software to ensure you're running the latest security patches. :* Use non-standard port numbers for your SSH server to make it less likely to be targeted by automated attacks. :* Implement multi-factor authentication (MFA) for your SSH connections, if possible. :* Regularly review and remove any unnecessary authorized keys from the ~/.ssh/authorized_keys file on your servers. :* Use the Match directive in the sshd_config file to apply custom rules and settings for different users, groups, or connections. qmjzorqxr5iwxrfq76evsk1wvk6q3ho 440 438 2023-05-16T12:14:21Z Noob 1 /* Key-based Authentication */ 440 wikitext text/x-wiki ==Understanding SSH== '''SSH''' is a protocol that uses encryption to secure data transmitted between a client and a server. <br> It enables users to execute commands, transfer files, and manage remote systems through an encrypted channel. <br> SSH is widely used by system administrators for managing servers, network devices, and other remote systems. ==Installing SSH== To start using SSH, you'll need to install and configure both the server and client components. * OpenSSH-Server ** Is required to allow '''ssh''' connections * OpenSSH-Client ** Is used to login/connect to OpenSSH-Server If you are using Ubuntu Desktop, the '''openssh client''' will be preinstalled, allowing you to connect to a server which is running '''openssh-server''' If you are using Ubuntu Server, both the '''ssh client''' and '''openssh server''' are preinstalled by default. === Installing OpenSSH Server=== On Ubuntu distributions, you can install the OpenSSH server by running: <code>sudo apt install openssh-server</code><br> Check the SSH server status with: <code>systemctl status ssh</code> ===Installing OpenSSH Client=== The OpenSSH client is usually pre-installed on most Linux and macOS systems. <br>For Windows, you can install the OpenSSH client by following the instructions on the official website:<br> https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse ==Basic SSH Commands and Usage== === Connecting to a remote server=== Connecting to a remote server using SSH is a fundamental task when managing remote systems. Here's how to connect to a remote server using the command-line interface. Install an SSH client: Ensure you have an SSH client installed on your local machine. Most Unix-based systems, including Linux and macOS, have an SSH client pre-installed. For Windows, you can use the built-in OpenSSH client (available in Windows 10 and later) or a third-party client like PuTTY. ====Gather connection information==== To connect to a remote server, you'll need the following information: * The remote server's IP address or hostname * The SSH port number (default is 22) * Your username on the remote server * The password for the user on remote server. ====Connect using SSH==== Open a terminal or command prompt on your local machine and use the following command to connect to the remote server: <code>ssh username@hostname_or_IP</code> Replace '''username''' with your username on the remote server, '''hostname_or_IP''' with the server's hostname or IP address. If OpenSSH-Server is running/listening on a port other than the default port '''22''' include the port with the '''-p''' flag. For example (If port 2222): : <code>ssh john@example.com -p 2222</code> Or : <code>ssh -p 2222 john@example.com</code> =====Connecting to a Remote Server ===== In this example, we connect to a remote Ubuntu VPS with the following credentials: <pre> Username: root IP address: 12.34.56.78 Password: password2simple </pre> Use the following command to connect to the remote server: <code>ssh root@12.34.56.78</code> You will be prompted to enter the password. Type password2simple and press Enter. This demonstrates how simple it can be to log into a remote computer with root access. * If your Server is hosting SSHD on a port other than default 'port 22' include port number with the '''-p''' flag Example with port 2222:<br> <code>ssh -p 2222 root@12.34.56.78</code> ====Authenticate==== When connecting for the first time, you'll see a prompt asking you to confirm the remote server's fingerprint. Verify the fingerprint and type "yes" to proceed. Next, you'll be prompted for your password. Enter your password to complete the authentication process. Once authenticated, you'll have access to the remote server's command line. You can now execute commands and manage the remote server as if you were working on it directly. Remember that you can use key-based authentication (with a private-public key pair) instead of a password for a more secure and convenient connection method. == Using SSH config file== An SSH config file allows you to define and manage multiple SSH connections, simplifying the process of connecting to remote servers. By creating an SSH config file, you can define custom options, such as port numbers, usernames, and key files, for each connection. The SSH config file is typically located in the '''~/.ssh''' directory and named config. Here's how to create and use an SSH config file: :* Create the SSH config file: If it doesn't exist, create the config file in the '''~/.ssh''' directory using a text editor: <code>$EDITOR ~/.ssh/config</code> :* Define a connection: To define a connection, you'll need to specify a Host entry followed by any options you want to apply to that connection. Here's an example: <pre> Host server1 HostName example.com User your_username Port 2222 IdentityFile ~/.ssh/id_rsa_server1 </pre> In this example, we've defined a connection called server1 with the following options: :* HostName: The hostname or IP address of the remote server (example.com in this case). :* User: The username to use when connecting to the remote server (replace your_username with your actual username). :* Port: The port number to use for the SSH connection (2222 in this example). :* IdentityFile: The path to the private key file to use for authentication (replace ~/.ssh/id_rsa_server1 with the path to your private key file). You can define multiple connections in the same config file by creating separate Host entries: <pre> Host server2 HostName 192.168.1.100 User another_username Port 22 IdentityFile ~/.ssh/id_rsa_server2 </pre> :* Save and exit the file: Save your changes and exit the text editor. :* Connect using the SSH config file: To connect to a remote server using the defined connection, simply use the ssh command followed by the Host entry: <code>ssh server1</code> In this example, SSH will automatically use the options defined in the config file for server1, such as the hostname, username, port number, and identity file. By using an SSH config file, you can simplify the process of managing multiple SSH connections and customize the options for each connection. ==Key-based Authentication== Why use key-based authentication? * Server1: 12.34.56.78 * Server2: 12.34.56.87 You are trying to login to Server1 (Your Server), but by mistake you enter your '''user''' and '''password''' to Server2 (Foo's Server), Can Server2 record the '''user''' and '''password''' you used? [[Ubuntu_18.04_OpenSSH-Server_Capture_Failed_Passwords|YES, Yes it can]] === Generating SSH key pairs=== SSH key pairs consist of a private key and a public key. They provide a secure, passwordless authentication method for connecting to remote servers. The private key remains on your local machine, while the public key is added to the remote server's authorized keys. Here's how to generate an SSH key pair: Open a terminal: On Unix-based systems (Linux and macOS), open a terminal. On Windows, open PowerShell or the Command Prompt. Generate the key pair: Use the ssh-keygen command to create a new SSH key pair. The following command generates a 4096-bit RSA key pair: <code>ssh-keygen -t rsa -b 4096</code> You can also generate other types of keys, such as Ed25519, by changing the -t option: <code>ssh-keygen -t ed25519</code> Specify the key's location: When prompted, you can either accept the default location (~/.ssh/id_rsa for RSA keys, ~/.ssh/id_ed25519 for Ed25519 keys) or enter a custom path. It is recommended to use the default location unless you have a specific reason to change it. Set a passphrase (optional): You can choose to protect your private key with a passphrase. If you do, you'll need to enter the passphrase every time you use the key. This adds an extra layer of security, but can be less convenient for automation or scripting. To set a passphrase, enter it when prompted; otherwise, leave the field blank ====Selecting file name and path for keys==== <code>ssh-keygen -t rsa -b 4096 -f .ssh/nuc</code> The '''-f''' option in the '''ssh-keygen''' command is used to specify the output file for the generated key pair. In your example, '''ssh-keygen -t rsa -b 4096 -f .ssh/nuc''', the command is generating an RSA key pair with a key length of 4096 bits, and the output files will be saved in the '''.ssh''' directory with the base name '''nuc'''. Here's a breakdown of the options used in this command: :* '''-t rsa''': Specifies the key type, in this case, RSA. :* '''-b 4096''': Specifies the key length, which is 4096 bits in this case. This length offers good security and is generally recommended. :* '''-f .ssh/nuc''': Specifies the file where the key pair will be saved. The private key will be saved as '''.ssh/nuc''', and the public key will be saved as '''.ssh/nuc.pub'''. After running this command, you'll have a new key pair with the private key in '''.ssh/nuc''' and the public key in '''.ssh/nuc.pub''' ====Create keys with no passphase==== <code>ssh-keygen -t rsa -b 4096 -N "" -C "MYSERVER" -f ~/.ssh/serverkey</code> :* '''-t rsa''': Specifies the key type, in this case, RSA. :* '''-b 4096''': Specifies the key length, which is 4096 bits in this case. This length offers good security and is generally recommended. :* '''-N ""''': Specifies an empty passphrase for the key pair. This means that the private key will not be encrypted, and no passphrase will be required when using it. This can be less secure, but more convenient for automated processes. :* '''-C "MYSERVER"''': Adds a comment to the generated key pair. In this case, the comment is "MYSERVER". Comments are useful for identifying keys when you have multiple keys in your ~/.ssh directory or on a remote server. :* '''-f ~/.ssh/serverkey''': Specifies the file where the key pair will be saved. The private key will be saved as '''~/.ssh/serverkey''', and the public key will be saved as '''~/.ssh/serverkey.pub'''. After running this command, you'll have a new key pair with the private key in '''~/.ssh/serverkey''' and the public key in '''~/.ssh/serverkey.pub'''. The private key will have an empty passphrase and a comment "MYSERVER" for easier identification. ====Remove the passphrase from an existing SSH private key==== To remove the passphrase from an existing SSH private key, you can use the '''ssh-keygen''' command with the '''-p''' option, which is used for changing the passphrase. Follow these steps: :* Make a backup of your private key file, just in case something goes wrong during the process. You can do this by running the following command, replacing '''<your_private_key>''' with the filename of your private key: <code>cp <your_private_key> <your_private_key>.backup</code> :* Run the '''ssh-keygen''' command with the '''-p''' option, specifying the private key file using the '''-f''' option: ::** '''-p''': Indicates that you want to change the passphrase of an existing private key. ::** '''-f <your_private_key>''': Specifies the private key file whose passphrase you want to change. <code>ssh-keygen -p -f <your_private_key></code> :* You will be prompted to enter the old passphrase for the private key. Type it in and press Enter. :* Next, you'll be prompted to enter a new passphrase. Since you want to remove the passphrase, leave this field empty and press Enter. :* You'll be asked to confirm the empty passphrase. Press Enter again to confirm. Your private key now has its passphrase removed. Keep in mind that this makes the private key less secure, as anyone with access to the file can use it without needing to know the passphrase. ====Add/Change a passphrase to an existing SSH Key==== To add a passphrase to an existing SSH private key that doesn't have one, you can use the '''ssh-keygen''' command with the '''-p''' option, just like when you change or remove a passphrase. Here are the steps: :* '''Make a backup of your private key file''', just in case something goes wrong during the process. You can do this by running the following command, replacing <your_private_key> with the filename of your private key: <code>cp <your_private_key> <your_private_key>.backup</code> :* Run the '''ssh-keygen''' command with the -p option, specifying the private key file using the '''-f''' option: <code>ssh-keygen -p -f <your_private_key></code> :* You will be prompted to enter the old passphrase for the private key. Since your private key doesn't currently have a passphrase, just press Enter to proceed. :* Next, you'll be prompted to enter a new passphrase. Type in the passphrase you want to set for the private key and press Enter. :* You'll be asked to confirm the new passphrase. Type it again and press Enter to confirm. Your private key now has a passphrase added to it. This provides an extra layer of security, as anyone using the key will need to know the passphrase to access it. Keep in mind that you should use a strong passphrase to ensure better security. === Copying public keys to the remote server=== After generating an SSH key pair, you'll need to copy the public key to the remote server to enable key-based authentication. Here's how to do it: ====Using ssh-copy-id==== Use the '''ssh-copy-id''' command (Linux and macOS): On Unix-based systems, you can use the ssh-copy-id command to copy your public key to the remote server: <code>ssh-copy-id -i ~/.ssh/id_rsa.pub username@hostname_or_IP</code> Replace ~/.ssh/id_rsa.pub with the path to your public key file (e.g., ~/.ssh/id_ed25519.pub for Ed25519 keys), username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. ====Manually copy the public key==== Manually copy the public key (Windows and alternative method): If you don't have access to the ssh-copy-id command or prefer to do it manually, you can: :* Open your public key file (e.g., id_rsa.pub or id_ed25519.pub) with a text editor and copy its content.> :* Log in to the remote server via SSH.<br> :* Create the ~/.ssh directory if it doesn't exist: <code>mkdir -p ~/.ssh</code> Edit or create the ~/.ssh/authorized_keys file using a text editor (e.g., nano, vim, or emacs), and paste the content of your public key at the end of the file. Save and close the file. Set the correct file permissions: To ensure the security of your SSH setup, it's essential to set the proper file permissions on your local machine and the remote server: :* On your local machine: :** Private key (id_rsa or id_ed25519): -rw------- (600) :** Public key (id_rsa.pub or id_ed25519.pub): -rw-r--r-- (644) :* On the remote server: :** ~/.ssh directory: drwx------ (700) :** ~/.ssh/authorized_keys file: -rw------- (600) To set the permissions on your local machine, use the chmod command: <pre> chmod 600 ~/.ssh/id_rsa chmod 644 ~/.ssh/id_rsa.pub </pre> On the remote server, use the following commands: <pre> chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys </pre> Once you've copied your public key to the remote server and set the correct file permissions, you should be able to connect using key-based authentication without the need for a password. === Disabling password authentication (optional)=== Disabling password authentication enhances the security of your SSH server by requiring key-based authentication for all connections. You can disable password authentication for specific users or for all users. To do so, follow these steps: :* Connect to the remote server: Log in to the remote server via SSH using your username and the server's hostname or IP address. :* Edit the SSH configuration file: Open the SSH server configuration file (usually located at /etc/ssh/sshd_config) with a text editor such as nano, vim, or emacs: <code>sudo nano /etc/ssh/sshd_config</code> :* Disabling password authentication for all users: Find the line containing "PasswordAuthentication" and set its value to "no": <code>PasswordAuthentication no</code> If the line is commented out (i.e., it starts with a '#'), remove the '#' symbol. :* Disabling password authentication for a specific user: To disable password authentication only for a particular user, you can use a "Match User" block at the end of the sshd_config file: <pre> Match User username PasswordAuthentication no </pre> Replace username with the actual username for which you want to disable password authentication. :* Save and exit the file: Save your changes and exit the text editor. :* Restart the SSH server: Apply the changes by restarting the SSH server: <code>sudo systemctl restart ssh</code> Now, password authentication will be disabled for the specified user(s), and only key-based authentication will be allowed. Remember that if you disable password authentication, you must have a working SSH key pair set up to access the server, or you may be locked out. == Configuring the SSH server== Edit the SSH server configuration file located at <b>/etc/ssh/sshd_config</b> to set your desired settings. You can modify options like the listening port, allowing root login, and more. ===Common sshd_config Options=== The '''sshd_config''' file is located at '''/etc/ssh/sshd_config''' on most Linux systems. This file contains various options and settings that determine the behavior of the OpenSSH server. Each option is followed by its value, and lines starting with a <b>#</b> are considered comments. Here's an overview of some common options in the sshd_config file: ===Port=== Specifies the port number that the SSH server listens on.<br> <code>Port 22</code><br> === AddressFamily=== Determines the IP address family (IPv4, IPv6, or both) used by the SSH server. * To specify that the SSH server should only listen for incoming IPv4 connections: <code>AddressFamily inet</code> * Or, if you want the SSH server to only listen for incoming IPv6 connections, set the 'AddressFamily' directive to 'inet6': <code>AddressFamily inet6</code> * If you want to allow both IPv4 and IPv6 connections, set the 'AddressFamily' directive to 'any': <code>AddressFamily any</code> === ListenAddress=== Specifies the IP address(es) the SSH server listens on. By default, it listens on all available addresses. <code>ListenAddress 192.168.1.10</code> === Protocol=== Defines the SSH protocol version. It's recommended to use only protocol 2. <code>Protocol 2</code> === PermitRootLogin=== Controls whether root login is allowed. It's generally advised to disable root login or set it to "without-password" to allow only key-based authentication for root. <code>PermitRootLogin no</code> ===PasswordAuthentication=== Enables or disables password-based authentication. <code>PasswordAuthentication yes</code> === PubkeyAuthentication=== Enables or disables public key authentication. <code>PubkeyAuthentication yes</code> === AuthorizedKeysFile=== Specifies the location of the authorized keys file for public key authentication. <code>AuthorizedKeysFile .ssh/authorized_keys</code> === LogLevel=== Sets the logging level for the SSH server. The LogLevel option in '''sshd_config''' controls the amount of information that SSH daemon (sshd) logs. There are different log levels that can be set with this option, each providing a different level of detail: * '''QUIET''': Disables all logging. * '''FATAL''': Only logs fatal errors. * '''ERROR''': Logs error messages. * '''INFO''': Logs informational messages such as login attempts. * '''VERBOSE''': Logs more detailed information than INFO, including shell commands executed. * '''DEBUG''': Logs detailed debugging information, including raw protocol details. The default log level is '''INFO''', which is usually sufficient for most purposes. However, if you need to troubleshoot SSH connections or monitor user activity, setting a higher log level may be helpful. To change the '''LogLevel''' in '''sshd_config''', you can edit the file '''/etc/ssh/sshd_config''' (or the appropriate configuration file for your system), and add or modify the line: <code>LogLevel <log_level></code> Where <log_level> is one of the log levels listed above. <code>LogLevel INFO</code> === LoginGraceTime=== Defines the time allowed for a user to successfully log in. <code>LoginGraceTime 2m</code> ===MaxAuthTries=== Limits the number of authentication attempts allowed per connection. <code>MaxAuthTries 6</code> === MaxSessions=== Specifies the maximum number of simultaneous sessions allowed per network connection.<br> <code>MaxSessions 10</code> === AllowUsers, DenyUsers, AllowGroups, DenyGroups=== These options control which users and groups are allowed or denied access to the SSH server. They provide a way to manage access control based on usernames and group membership. * '''AllowUsers''': Specifies a list of users allowed to access the SSH server. Other users will be denied access. <code>AllowUsers user1 user2 user3</code><br> * '''DenyUsers''': Specifies a list of users denied access to the SSH server. Other users will be allowed access. <code>DenyUsers user4 user5</code> * '''AllowGroups''': Specifies a list of groups whose members are allowed to access the SSH server. Users not belonging to these groups will be denied access. <code>AllowGroups group1 group2</code> * '''DenyGroups''': Specifies a list of groups whose members are denied access to the SSH server. Users not belonging to these groups will be allowed access. <code>DenyGroups group3 group4</code> Note that the order in which these options are applied is '''DenyUsers''', '''AllowUsers''', '''DenyGroups''', and finally '''AllowGroups'''. ===Banner=== The Banner option allows you to display a message or warning to users before they log in to the SSH server. This is often used to display legal notices, security warnings, or other important information. To enable the banner, set the Banner option to the path of a text file containing the message you want to display: <code>Banner /etc/ssh/banner.txt</code> Create the /etc/ssh/banner.txt file and add your desired message. The content of this file will be displayed to users before they log in. ==Advanced sshd_config Options== === PermitTunnel=== The PermitTunnel option enables or disables the use of SSH tunneling. Tunnels can be used to forward ports or create VPN-like connections between the client and the server. * There are four possible values for this option: : '''"yes"''': Allows all types of tunnels.<br> : '''"point-to-point"''': Allows only point-to-point (Layer 3) tunnels.<br> : '''"ethernet"''': Allows only Ethernet (Layer 2) tunnels.<br> : '''"no"''': Disables tunneling (default).<br> To enable tunneling, set the PermitTunnel option in the sshd_config file: <code>PermitTunnel yes</code> Keep in mind that enabling tunnels may expose your server to additional security risks. Only enable this option if you understand the implications and have a specific use case that requires it. === ChrootDirectory=== The ChrootDirectory option allows you to restrict a user or a group to a specific directory (known as a chroot jail) when they log in via SSH. This can enhance security by isolating users and limiting their access to only the necessary parts of the filesystem. To set up a chroot jail, follow these steps: Create a directory that will serve as the chroot jail. For example, let's create a directory for user1: <code>sudo mkdir /home/user1/chroot</code> Change the ownership of the directory to the user and their primary group: <code>sudo chown user1:user1 /home/user1/chroot</code> In the sshd_config file, add a Match block at the end of the file to specify the ChrootDirectory for user1: <pre> Match User user1 ChrootDirectory /home/user1/chroot </pre> Restart the SSH server to apply the changes: <code>sudo systemctl restart ssh</code> Now, when user1 logs in via SSH, they will be restricted to the /home/user1/chroot directory and won't be able to access other parts of the filesystem. Note that the chroot jail should be owned by root and not writable by the user. If you need to provide write access to specific directories, create subdirectories inside the chroot jail and set appropriate permissions for those. Also, some features like SFTP may require additional configuration within the chroot jail. ===ForceCommand=== The ForceCommand option allows you to specify a command that will be executed when a user logs in via SSH, regardless of the command requested by the user. This can be useful for limiting the actions a user can perform or for automatically running specific tasks upon login. To use the ForceCommand option, follow these steps: In the sshd_config file, add a Match block at the end of the file to specify the ForceCommand for a specific user or group. For example, to force user1 to execute the command /usr/bin/my-command upon login: <pre> Match User user1 ForceCommand /usr/bin/my-command </pre> Restart the SSH server to apply the changes: <code>sudo systemctl restart ssh</code> Now, when user1 logs in via SSH, the /usr/bin/my-command will be executed automatically, and they will not be able to run any other command. Keep in mind that using ForceCommand may limit the user's ability to interact with the server or transfer files via SFTP. Make sure to test and verify the functionality for your specific use case. === Match Blocks=== Match blocks in the sshd_config file allow you to apply specific configuration options based on certain criteria, such as the user, group, address, or host. This enables you to create custom rules and settings for different users, groups, or connections. Match block syntax: <pre> Match criteria Option value </pre> Here are some examples of Match blocks and their usage: Apply settings only for a specific user: <pre> Match User user1 PasswordAuthentication no AllowTcpForwarding yes </pre> This configuration disables password authentication and enables TCP forwarding only for user1. Apply settings for multiple users: <pre> Match User user1,user2 ChrootDirectory /home/%u/chroot </pre> This configuration sets the chroot directory for both user1 and user2. Apply settings for a specific group: <pre> Match Group group1 PasswordAuthentication yes </pre> This configuration enables password authentication only for members of group1. Apply settings based on the client's IP address: <pre> Match Address 192.168.1.0/24 PasswordAuthentication no </pre> This configuration disables password authentication for clients connecting from the 192.168.1.0/24 subnet. Combine multiple criteria: <pre> Match User user1 Address 192.168.1.0/24 PasswordAuthentication yes </pre> This configuration enables password authentication only for user1 when they connect from the 192.168.1.0/24 subnet. Remember to restart the SSH server after making changes to the sshd_config file: <code>sudo systemctl restart ssh</code> Match blocks offer flexibility in customizing your SSH server's configuration based on various criteria. Use them wisely to enhance security and optimize your server's settings. ==Best Practices and Tips '''sshd_config'''== When configuring your '''sshd_config''' file, it's essential to follow best practices to ensure the security and stability of your SSH server. Here are some recommendations and tips: :* Keep the server up-to-date: Always update your SSH server software and the underlying operating system to ensure you have the latest security patches and features. :* Use strong authentication: Enable key-based authentication (PubkeyAuthentication) and consider disabling password authentication (PasswordAuthentication) to reduce the risk of brute-force attacks. :* Limit root access: Set "PermitRootLogin" to "no" or "without-password" to prevent direct root login or require key-based authentication for root. :* Use non-standard ports: Change the default SSH port (22) to a non-standard port to reduce the exposure to automated scans and attacks. Keep in mind this is security through obscurity and should be combined with other security measures. '''Restrict user access''': Use "AllowUsers," "DenyUsers," "AllowGroups," and "DenyGroups" options to control which users and groups can access the SSH server. '''Monitor logs''': Regularly check your SSH server logs for any suspicious activity or failed login attempts. Adjust the "LogLevel" setting in sshd_config as needed. * Default Log Path Ubuntu 22.04: '''/var/log/auth.log''' '''Use chroot jails''': Isolate users by creating chroot jails using the "ChrootDirectory" option, especially when providing SFTP access or when users don't require full access to the server. '''Configure connection settings''': Set appropriate values for "LoginGraceTime" and "MaxAuthTries" to limit the time allowed for successful login and the number of authentication attempts per connection. '''Use a strong firewall''': Configure your server's firewall to only allow SSH connections from trusted IP addresses or networks. '''Regularly review and audit''': Periodically review your sshd_config settings and make adjustments as necessary. Keep up-to-date with SSH security best practices and recommendations. By following these best practices and tips, you can enhance the security and performance of your SSH server, protecting it from unauthorized access and potential attacks. ===Troubleshooting sshd_config Issues=== When encountering problems with your SSH server configuration, it's important to know how to diagnose and resolve issues. Here are some common problems and troubleshooting steps: Check syntax and configuration errors: If the SSH server is not starting or not functioning as expected, check the sshd_config file for any syntax or configuration errors. Use the following command to test the configuration file for errors: <code>sudo sshd -t</code> If there are any issues, the command will provide error messages with information on what needs to be fixed. Review log files: Inspect the SSH server log files for any error messages or relevant information. The location of the log files may vary depending on your system, but common locations are /var/log/auth.log or /var/log/secure. Tail the log file while attempting to connect to get real-time information: <code>sudo tail -f /var/log/auth.log</code> Restart the SSH server Check firewall settings: Ensure that the server's firewall is allowing SSH connections on the correct port. If you changed the default SSH port, update your firewall rules accordingly. Verify user permissions: If a specific user is unable to connect, check the user's permissions, home directory, and the settings in the sshd_config file, such as "AllowUsers," "DenyUsers," "AllowGroups," or "DenyGroups." SSH server from a client, use the verbose mode to get more detailed information about the connection process. This can help identify any issues with authentication or configuration. Run the following command to enable verbose mode: <code>ssh -v user@example.com</code> Replace "user@example.com" with the appropriate username and server address. You can increase the verbosity level by adding more "v" characters (e.g., -vv or -vvv) if needed. Check file permissions: Ensure that the file permissions for the user's home directory, the .ssh directory, and the authorized_keys file are set correctly. The user's home directory should not be writable by other users, the .ssh directory should have permissions set to 700 (drwx------), and the authorized_keys file should have permissions set to 600 (-rw-------). Test network connectivity: If you're unable to connect to the SSH server, verify that you can reach the server on the network. Use tools like ping, traceroute, or telnet to check the connection to the server and the specific SSH port. By following these troubleshooting steps, you should be able to diagnose and resolve most issues related to the sshd_config file and the SSH server configuration. Remember to carefully review the settings in your sshd_config file and consult the server logs for additional information when encountering problems. ====After making changes, restart the SSH server:==== <code>sudo systemctl restart ssh</code><br> == Running commands on a remote server== Once you've connected to a remote server using SSH, you can execute commands on the remote machine just as you would on your local system. However, you can also run commands on a remote server without establishing an interactive SSH session. This can be useful for automation, scripting, or quick tasks. Here's how to do it: Use the SSH command: To run a command on a remote server without entering an interactive session, use the following syntax: <code>ssh username@hostname_or_IP -p port 'command'</code> Replace username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, port with the SSH port number (if different from the default 22), and command with the command you want to execute. For example, to list the contents of the remote server's home directory, you can use: <code>ssh john@example.com -p 22 'ls -la'</code> ===Handling multiple commands=== If you need to execute multiple commands, you can chain them together using a '''semicolon''' or '''&&'''. The semicolon allows you to run multiple commands sequentially, while the && operator runs the next command only if the previous command was successful. For example, to update the package list and then upgrade the packages on a remote Ubuntu server: <code>ssh john@example.com -p 2222 'sudo apt-get update; sudo apt-get upgrade -y'</code> * Command output: The output of the command will be displayed in your local terminal, just as if you were running the command on your local machine. Using key-based authentication ==Transferring files with SCP== The Secure Copy Protocol (SCP) is a useful tool for transferring files between your local machine and a remote server using SSH. SCP ensures that the data is encrypted during transit, providing a secure and efficient way to transfer files. ===Install an SCP client=== Most Unix-based systems, including Linux and macOS, have an SCP client pre-installed. For Windows, you can use the built-in SCP client included with the OpenSSH package (available in Windows 10 and later) or a third-party client like WinSCP. ===Transfer a file from your local machine to a remote server=== To copy a file from your local machine to a remote server, use the following command: * Note the use of the upper case '''-P''' for ports with '''scp''' <code>scp -P port local_file_path username@hostname_or_IP:remote_file_path</code> Replace port with the SSH port number (if different from the default 22), local_file_path with the path to the file on your local machine, username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, and remote_file_path with the desired location on the remote server. For example: <code>scp -P 22 /home/john/documents/report.pdf john@example.com:/home/john/reports/</code> This command will copy the "report.pdf" file from the local machine to the "reports" directory on the remote server. ===Transfer a file from a remote server to your local machine=== To copy a file from a remote server to your local machine, use the following command: <code>scp -P port username@hostname_or_IP:remote_file_path local_file_path</code> Replace port with the SSH port number (if different from the default 22), username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, remote_file_path with the path to the file on the remote server, and local_file_path with the desired location on your local machine. For example: <code>scp -P 2222 john@example.com:/home/john/reports/report.pdf /home/john/documents/</code> : Or <code>scp john@example.com:/home/john/reports/report.pdf /home/john/documents/</code>- This command will copy the "report.pdf" file from the remote server's "reports" directory to the "documents" directory on your local machine. ===Transferring directories=== To transfer an entire directory, use the '''-r''' flag: <code>scp -r -P port local_directory_path username@hostname_or_IP:remote_directory_path</code> Or, to copy a directory from the remote server to your local machine: <code>scp -r -P port username@hostname_or_IP:remote_directory_path local_directory_path</code> Using SCP is a convenient and secure way to transfer files between your local machine and a remote server. It leverages the security of the SSH protocol to ensure that your data remains encrypted during transit. ===Transferring from Remote Computer to Remote Computer=== Copy the file '''stuff.txt''' from remote host '''12.34.56.67''' to host '''11.22.33.44''' <code>scp name@12.34.56.67:/home/user/Documents/stuff.txt name@11.22.33.44:/home/user/Documents/</code> With the '''-3''' flag copies between two remote hosts "12.34.56.67" and "11.22.33.44" are transferred through the local host running the command. <code>scp -3 name@12.34.56.67:/home/user/Documents/stuff.txt \ name@11.22.33.44:/home/user/Documents/ </code> ===Transferring multiple files=== Send files foo.txt and bar.txt to remote. <code>scp foo.txt bar.txt user@12.34.56.78:~/Documents/</code> Copy multiple files from remote "Documents" directory to local "Documents" directory. <code>scp user@11.22.33.44:/home/user/Documents/\{todo_list.txt,links.txt,stuff.txt\} /home/$USER/Documents/</code> Copy multiple files from the remote to local current directory. <code>scp name@12.34.56.78:~/\{README.md,.bashrc\} . </code> == Transferring files with SFTP== The SSH File Transfer Protocol (SFTP) is another method for transferring files securely between your local machine and a remote server. Unlike SCP, SFTP provides an interactive interface that allows you to navigate, upload, and download files more easily. Install an SFTP client: Most Unix-based systems, including Linux and macOS, have an SFTP client pre-installed. For Windows, you can use the built-in SFTP client included with the OpenSSH package (available in Windows 10 and later) or a third-party client like WinSCP or FileZilla. Connect to a remote server: To start an SFTP session with a remote server, open a terminal or command prompt on your local machine and use the following command: <code>sftp -P port username@hostname_or_IP</code> Replace port with the SSH port number (if different from the default 22), username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. For example: <code>sftp -P 22 john@example.com</code> Navigate the remote filesystem: Once connected, you can use commands similar to those available in a Unix shell to navigate the remote server's filesystem. Some common SFTP commands include: : '''ls''': List files and directories<br> : '''cd''': Change the current directory<br> : '''mkdir''': Create a new directory<br> : '''rmdir''': Remove an empty directory<br> : '''get''': Download a file from the remote server<br> : '''put''': Upload a file to the remote server<br> <br> : '''rm''': Remove a file<br> : '''rename''': Rename a file or directory<br> : '''exit''': Exit the SFTP session<br> Transfer files: To transfer files, use the put command to upload a file from your local machine to the remote server, and the get command to download a file from the remote server to your local machine. For example: Upload a file: <code>put local_file_path remote_file_path</code> Download a file: <code>get remote_file_path local_file_path</code> Replace local_file_path and remote_file_path with the appropriate paths for the files you want to transfer. Transferring directories: To transfer entire directories, use the -r flag with the put and get commands: Upload a directory: <code>put -r local_directory_path remote_directory_path</code> Download a directory: <code>get -r remote_directory_path local_directory_path</code> Disconnect from the remote server: When you've finished transferring files, type exit to close the SFTP session. SFTP offers a more user-friendly, interactive experience for transferring files compared to SCP. By utilizing the secure and encrypted SSH protocol, SFTP ensures that your data remains safe during transfer. ==Advanced SSH Techniques== === Port forwarding and tunneling=== SSH port forwarding and tunneling allow you to securely forward network traffic between your local machine and a remote server. This can be useful for accessing remote services, bypassing firewalls, or securely transmitting sensitive data. Local Port Forwarding: Local port forwarding creates a secure tunnel between your local machine and a remote server, allowing you to access remote services as if they were running on your local machine. To set up local port forwarding, use the -L flag with the SSH command: <code>ssh -L local_port:remote_host:remote_port username@hostname_or_IP</code> Replace local_port with an available port on your local machine, remote_host with the hostname or IP address of the remote server hosting the service, remote_port with the port number of the remote service, username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. Remote Port Forwarding: Remote port forwarding enables you to expose a local service running on your machine to a remote network. To set up remote port forwarding, use the -R flag with the SSH command: <code>ssh -R remote_port:local_host:local_port username@hostname_or_IP</code> Replace remote_port with an available port on the remote server, local_host with the hostname or IP address of the local machine hosting the service, local_port with the port number of the local service, username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. :**Forwarding X, Sound, and Video on Ubuntu 22.04 with Ubuntu 22.04 LXC**: To forward X, sound, and video from a remote Ubuntu 22.04 server to your local Ubuntu 22.04 machine, you'll need to enable X11 forwarding and install the necessary packages. :* Install required packages: On both your local machine and the remote server, install the x11-apps and pulseaudio packages: <code>sudo apt update</code><br> <code>sudo apt install x11-apps pulseaudio</code> :* Enable X11 forwarding: To enable X11 forwarding, you'll need to edit the SSH server configuration file (/etc/ssh/sshd_config) on the remote server: <code>sudo nano /etc/ssh/sshd_config</code> Find the line containing "X11Forwarding" and set its value to "yes": <code>X11Forwarding yes</code> If the line is commented out (i.e., it starts with a '#'), remove the '#' symbol. Save your changes and exit the text editor. :* Restart the SSH server: Apply the changes by restarting the SSH server: <code>sudo systemctl restart ssh</code> :* Connect with X11 forwarding: From your local machine, use the -X flag to enable X11 forwarding when connecting to the remote server: <code>ssh -X username@hostname_or_IP</code> :* Export PULSE_SERVER environment variable: On the remote server, export the PULSE_SERVER environment variable to forward sound: <code>export PULSE_SERVER=tcp:localhost</code> You can add this line to the remote user's ~/.bashrc or ~/.profile file to make the change permanent. :* Run applications: Now, you can run graphical applications on the remote server, and they will be displayed on your local machine with sound and video forwarded. Please note that forwarding X, sound, and video might cause increased latency and reduced performance compared to running the applications locally. === SSH agent forwarding=== SSH agent forwarding is a powerful feature that allows you to use your local SSH keys to authenticate with remote servers without having to copy your private keys to those servers. This is particularly useful when you need to access one remote server (Server B) through another remote server (Server A). ==== Start the SSH agent on your local machine ==== Before you enable SSH agent forwarding, you need to start the SSH agent on your local machine. Open a terminal and run the following command: :* For Linux and macOS: <code>eval "$(ssh-agent -s)"</code> For Windows (Git Bash or Cygwin): <code>eval $(ssh-agent)</code> This command starts the SSH agent and sets the required environment variables. ====Add your SSH key to the agent==== Next, add your private key to the SSH agent with the following command: <code>ssh-add ~/.ssh/your_private_key</code> Replace '''your_private_key''' with the filename of your private key. This might be '''id_rsa''', '''id_ed25519''', or another key file depending on your setup. ====Configure SSH agent forwarding on your local machine==== Edit your SSH config file to enable agent forwarding. The config file is usually located at '''~/.ssh/config'''. If the file doesn't exist, create it. Add the following lines to the config file: <pre> Host server_a_alias HostName server_a_ip_or_hostname User your_username_on_server_a ForwardAgent yes Host server_b_alias HostName server_b_ip_or_hostname User your_username_on_server_b ForwardAgent yes </pre> Replace :* '''server_a_alias''' :* ''' server_a_ip_or_hostname''' :* '''your_username_on_server_a''' :* '''server_b_alias''' :* '''server_b_ip_or_hostname''' :* '''your_username_on_server_b''' with the appropriate values. ====Make sure your public key is added to the remote servers==== Before you can use SSH agent forwarding, you need to add your public key to the '''~/.ssh/authorized_keys''' file on both Server A and Server B. If you haven't done this already, you can use the following command: <code>ssh-copy-id -i ~/.ssh/your_public_key user@server_ip_or_hostname</code> Replace '''your_public_key''', '''user''', and '''server_ip_or_hostname''' with the appropriate values. ====Test SSH agent forwarding==== First, SSH into Server A: <code>ssh server_a_alias</code> Then, from Server A, SSH into Server B: <code>ssh server_b_alias</code> If everything is set up correctly, you should be able to access Server B without being prompted for a password. ====Verify SSH agent forwarding==== To make sure that SSH agent forwarding is working, you can check the value of the '''SSH_AUTH_SOCK''' environment variable on Server B. From Server B, run the following command: <code>echo $SSH_AUTH_SOCK</code> If SSH agent forwarding is working, this command should return a non-empty value. That's it! You've successfully set up and tested SSH agent forwarding. Now you can use your local SSH keys to authenticate with remote servers without having to copy your private keys to those servers. ===Command Restriction=== The '''authorized_keys''' file can be used to restrict the commands that a specific SSH key can execute. This is especially useful for security purposes, to limit the potential damage that could be done if a key is compromised. By including a '''command=''' directive in the '''authorized_keys''' file, you can specify the exact command that will be run when a client connects using the associated key. Any command provided by the client will be ignored, and the command specified in the authorized_keys file will be used instead. Example: <code>command="/usr/bin/scp -t /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...</code> is set up to always execute the '''scp''' command (used for secure copy of files over SSH) to the specified directory, no matter what command was originally issued by the client. This is a good way to create a "write-only" drop box, for instance. However, the keyholder could potentially still execute arbitrary commands by carefully crafting the file names they upload, so additional precautions should be taken, such as using command= along with other directives like '''no-port-forwarding''', '''no-X11-forwarding''', and '''no-pty''' to further limit what can be done with the key. <code>command="/usr/bin/scp -t /home/rscp/media/",no-port-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...</code> This entry does the following: :* The '''command=''' directive runs the specified command when a client connects using this key. In this case, the command is scp, which securely copies files to the /home/rscp/media/ directory. :* The '''no-port-forwarding''' directive prevents the client from using SSH's port forwarding features, which could potentially be used to create a secure tunnel for other network traffic. :* The '''no-X11-forwarding''' directive prevents the client from forwarding X11 graphical sessions, which could be used to run graphical applications over the SSH connection. :* The '''no-pty''' directive prevents the allocation of a pseudo-terminal, which means the client can't interact with a shell or run interactive commands. The '''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...''' part is the public key of the client. Replace this with the actual key. This configuration significantly limits the operations that can be performed with this key, providing an additional layer of security. ====SCP Only==== Use Case Example: Have a Server hosting XML Dumps, and want to automate sending a file or directory from Server1 to Server2 using a script and ssh-key so i don't need to enter password. =====Create Account on Server===== Create user account you are going to use:<br> <code>adduser rscp</code> Make sure user has a '''.ssh''' directory to send public key to:<br> <code>mkdir /home/rscp/.ssh</code> Make a Directory to transfer files to:<br> <code>mkdir /home/rscp/media</code> Note: If you see error <code>scp: /home/rscp/media/test.txt: Permission denied</code> If you created directory '''media''' when logged in as '''root''' then check directory permissions and if need [[Linux_Users_and_Groups#File_Ownership_and_Permissions|assign ownership to '''user''' account.]]<br> Example:<code>chown rscp:rscp /home/rscp/media</code> [[Ubuntu_22.04_SSH_Guide#Copying_public_keys_to_the_remote_server|Send your public key to server]] After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> <pre> command="/usr/bin/scp -t /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... </pre> If from remote server you are sending a Directory include the '''-r''' flag in command:<br> After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> <pre> command="/usr/bin/scp -t -r /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... </pre> This entry in the authorized_keys file uses the command option to restrict the SSH command that can be run with the associated SSH key. The command option specifies that the scp command should be used to transfer files to the '''/home/rscp/media/''' directory on the server. Here's a breakdown of the entry: :* '''command="/usr/bin/scp -t /home/rscp/"''': This specifies that the scp command should be used as the SSH command for this key, with the '''-t''' option to specify that the remote end is a file (in this case, a directory), and the destination directory on the server is /home/rscp/. This means that the user can only use the SSH key to transfer files to the /home/rscp/ directory on the server. :* '''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...''': This is the public key associated with the private key that is used for authentication. By using the command option in this way, you can restrict the actions that the user can perform with the SSH key, which can help to improve security. In this case, the user can only transfer files to the specified directory on the server using the scp command. ======Tip - transfer file to a path your USER does not have permissions for====== You can write a shell script to check the '''/home/rscp/media''' directory every minute using a while loop and the sleep command. If any files are found in the directory, the script can move them to the '''/var/www/media''' directory using the mv command. Here's an example script: <syntaxhighlight lang="bash" line> #!/bin/bash while true do if [ "$(ls -A /home/rscp/media/)" ]; then mv /home/rscp/media/* /var/www/media/ fi sleep 60 done </syntaxhighlight> In this script, the while loop runs indefinitely ('''while true''') and sleeps for 60 seconds at the end of each iteration ('''sleep 60'''). The '''if''' statement checks if the '''/home/rscp/media''' directory is not empty ('''[ "$(ls -A /home/rscp/media/)" ]'''). If it is not empty, the '''mv''' command is used to move all files and directories from the '''/home/rscp/media/''' directory to the '''/var/www/media/''' directory. Save this script to a file (e.g. '''move-files.sh''') and make it executable using the '''chmod +x move-files.sh''' command. You can then run the script using '''./move-files.sh &''' to start it in the background and allow it to run indefinitely. The & symbol is used to run the script in the background so that you can continue using the terminal. Note that running this script indefinitely can consume system resources, so you may want to consider setting up a scheduled task (e.g. using '''[[Cron_ubuntu_22.04|cron]]''') to run the script at a specific interval instead of running it indefinitely. ==Tilde '''~''' the escape character== The tilde (~) character has a special meaning in the context of SSH. When using SSH, you can use the tilde character followed by a control sequence to perform certain actions. These are called "tilde escape sequences" or "tilde commands." They are useful for managing your SSH connections. Here's how to use tilde escape sequences when connected to a remote server via SSH: :* Make sure you are at the beginning of a new line in your terminal. Press '''Enter''' if you are not. :* Type the tilde (~) character, followed by the appropriate control sequence. Note that you should not press '''Enter''' after typing the tilde character, but rather type the control sequence directly after it. Here are some common tilde escape sequences: : '''~.''' : Close the SSH connection. This can be helpful if the connection is frozen or unresponsive. : '''~^Z''' : Suspend the SSH connection and return to your local shell. You can later resume the connection using the fg command. : '''~#''' : List all forwarded connections (both local and remote) that are active in the current SSH session. : '''~&''' : Run the SSH session in the background. This is useful if you want to perform other tasks on your local machine without closing the SSH connection. : '''~~''' : Send a literal tilde character to the remote system. This is useful if you need to type a tilde character in the remote system without triggering an escape sequence. Remember that these escape sequences only work if they are entered at the beginning of a new line in your terminal. If you're typing them in the middle of a command or text, they won't be recognized as special control sequences. ==Troubleshooting and Best Practices== In this section, we'll cover some common issues and best practices related to SSH connections, including managing a large number of SSH keys. ===Too many authentication attempts=== When connecting to an SSH server, you might encounter the "Too many authentication attempts" error. This is often caused by having too many private keys in your ~/.ssh directory. By default, SSH tries each key until it finds the correct one, but many servers limit the number of authentication attempts. '''Solution''': To resolve this issue, you can create a separate directory for your keys and configure the SSH config file to use the appropriate key for each connection. :* Create a new directory for your keys: <code>mkdir ~/.ssh/keys</code> :* Move your private key files to the new directory: <code>mv ~/.ssh/id_rsa_* ~/.ssh/keys/</code> Update your SSH config file to specify the correct key for each connection: <pre> Host server1 ... IdentityFile ~/.ssh/keys/id_rsa_server1 Host server2 ... IdentityFile ~/.ssh/keys/id_rsa_server2 </pre> ===Permission issues=== SSH is very strict about file and directory permissions. Ensure that your ~/.ssh directory and its contents have the correct permissions: :* The ~/.ssh directory should have permissions set to 700: <code>chmod 700 ~/.ssh</code> Private key files should have permissions set to 600: <code>chmod 600 ~/.ssh/id_rsa</code> The ~/.ssh/config file should have permissions set to 600: <code>chmod 600 ~/.ssh/config</code> :* <b>Best practices</b>: Follow these best practices to maintain secure and efficient SSH connections: :* Use SSH key pairs instead of passwords for authentication, as they provide better security. :* Regularly update your SSH keys to maintain their security. :* Use strong, unique passphrases to protect your private keys. :* Disable password authentication and root login on your SSH server to reduce the risk of brute-force attacks. :* Regularly update your SSH server software to ensure you're running the latest security patches. :* Use non-standard port numbers for your SSH server to make it less likely to be targeted by automated attacks. :* Implement multi-factor authentication (MFA) for your SSH connections, if possible. :* Regularly review and remove any unnecessary authorized keys from the ~/.ssh/authorized_keys file on your servers. :* Use the Match directive in the sshd_config file to apply custom rules and settings for different users, groups, or connections. 9rcd0ukkoanm6gfb07mw6bcblsq62yh 456 440 2024-08-16T11:47:31Z Noob 1 /* Installing OpenSSH Server */ 456 wikitext text/x-wiki ==Understanding SSH== '''SSH''' is a protocol that uses encryption to secure data transmitted between a client and a server. <br> It enables users to execute commands, transfer files, and manage remote systems through an encrypted channel. <br> SSH is widely used by system administrators for managing servers, network devices, and other remote systems. ==Installing SSH== To start using SSH, you'll need to install and configure both the server and client components. * OpenSSH-Server ** Is required to allow '''ssh''' connections * OpenSSH-Client ** Is used to login/connect to OpenSSH-Server If you are using Ubuntu Desktop, the '''openssh client''' will be preinstalled, allowing you to connect to a server which is running '''openssh-server''' If you are using Ubuntu Server, both the '''ssh client''' and '''openssh server''' are preinstalled by default. === Installing OpenSSH Server=== On Ubuntu distributions, you can install the OpenSSH server by running: <code>sudo apt install openssh-server</code><br> Check the SSH server status with: <code>systemctl status ssh</code> === Enable and Disable OpenSSH Server=== By default once openssh-server installed it is enabled to start at reboot. * Disable <code>sudo systemctl disable ssh</code> * Enable <code>sudo systemctl enable ssh</code> ===Installing OpenSSH Client=== The OpenSSH client is usually pre-installed on most Linux and macOS systems. <br>For Windows, you can install the OpenSSH client by following the instructions on the official website:<br> https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse ==Basic SSH Commands and Usage== === Connecting to a remote server=== Connecting to a remote server using SSH is a fundamental task when managing remote systems. Here's how to connect to a remote server using the command-line interface. Install an SSH client: Ensure you have an SSH client installed on your local machine. Most Unix-based systems, including Linux and macOS, have an SSH client pre-installed. For Windows, you can use the built-in OpenSSH client (available in Windows 10 and later) or a third-party client like PuTTY. ====Gather connection information==== To connect to a remote server, you'll need the following information: * The remote server's IP address or hostname * The SSH port number (default is 22) * Your username on the remote server * The password for the user on remote server. ====Connect using SSH==== Open a terminal or command prompt on your local machine and use the following command to connect to the remote server: <code>ssh username@hostname_or_IP</code> Replace '''username''' with your username on the remote server, '''hostname_or_IP''' with the server's hostname or IP address. If OpenSSH-Server is running/listening on a port other than the default port '''22''' include the port with the '''-p''' flag. For example (If port 2222): : <code>ssh john@example.com -p 2222</code> Or : <code>ssh -p 2222 john@example.com</code> =====Connecting to a Remote Server ===== In this example, we connect to a remote Ubuntu VPS with the following credentials: <pre> Username: root IP address: 12.34.56.78 Password: password2simple </pre> Use the following command to connect to the remote server: <code>ssh root@12.34.56.78</code> You will be prompted to enter the password. Type password2simple and press Enter. This demonstrates how simple it can be to log into a remote computer with root access. * If your Server is hosting SSHD on a port other than default 'port 22' include port number with the '''-p''' flag Example with port 2222:<br> <code>ssh -p 2222 root@12.34.56.78</code> ====Authenticate==== When connecting for the first time, you'll see a prompt asking you to confirm the remote server's fingerprint. Verify the fingerprint and type "yes" to proceed. Next, you'll be prompted for your password. Enter your password to complete the authentication process. Once authenticated, you'll have access to the remote server's command line. You can now execute commands and manage the remote server as if you were working on it directly. Remember that you can use key-based authentication (with a private-public key pair) instead of a password for a more secure and convenient connection method. == Using SSH config file== An SSH config file allows you to define and manage multiple SSH connections, simplifying the process of connecting to remote servers. By creating an SSH config file, you can define custom options, such as port numbers, usernames, and key files, for each connection. The SSH config file is typically located in the '''~/.ssh''' directory and named config. Here's how to create and use an SSH config file: :* Create the SSH config file: If it doesn't exist, create the config file in the '''~/.ssh''' directory using a text editor: <code>$EDITOR ~/.ssh/config</code> :* Define a connection: To define a connection, you'll need to specify a Host entry followed by any options you want to apply to that connection. Here's an example: <pre> Host server1 HostName example.com User your_username Port 2222 IdentityFile ~/.ssh/id_rsa_server1 </pre> In this example, we've defined a connection called server1 with the following options: :* HostName: The hostname or IP address of the remote server (example.com in this case). :* User: The username to use when connecting to the remote server (replace your_username with your actual username). :* Port: The port number to use for the SSH connection (2222 in this example). :* IdentityFile: The path to the private key file to use for authentication (replace ~/.ssh/id_rsa_server1 with the path to your private key file). You can define multiple connections in the same config file by creating separate Host entries: <pre> Host server2 HostName 192.168.1.100 User another_username Port 22 IdentityFile ~/.ssh/id_rsa_server2 </pre> :* Save and exit the file: Save your changes and exit the text editor. :* Connect using the SSH config file: To connect to a remote server using the defined connection, simply use the ssh command followed by the Host entry: <code>ssh server1</code> In this example, SSH will automatically use the options defined in the config file for server1, such as the hostname, username, port number, and identity file. By using an SSH config file, you can simplify the process of managing multiple SSH connections and customize the options for each connection. ==Key-based Authentication== Why use key-based authentication? * Server1: 12.34.56.78 * Server2: 12.34.56.87 You are trying to login to Server1 (Your Server), but by mistake you enter your '''user''' and '''password''' to Server2 (Foo's Server), Can Server2 record the '''user''' and '''password''' you used? [[Ubuntu_18.04_OpenSSH-Server_Capture_Failed_Passwords|YES, Yes it can]] === Generating SSH key pairs=== SSH key pairs consist of a private key and a public key. They provide a secure, passwordless authentication method for connecting to remote servers. The private key remains on your local machine, while the public key is added to the remote server's authorized keys. Here's how to generate an SSH key pair: Open a terminal: On Unix-based systems (Linux and macOS), open a terminal. On Windows, open PowerShell or the Command Prompt. Generate the key pair: Use the ssh-keygen command to create a new SSH key pair. The following command generates a 4096-bit RSA key pair: <code>ssh-keygen -t rsa -b 4096</code> You can also generate other types of keys, such as Ed25519, by changing the -t option: <code>ssh-keygen -t ed25519</code> Specify the key's location: When prompted, you can either accept the default location (~/.ssh/id_rsa for RSA keys, ~/.ssh/id_ed25519 for Ed25519 keys) or enter a custom path. It is recommended to use the default location unless you have a specific reason to change it. Set a passphrase (optional): You can choose to protect your private key with a passphrase. If you do, you'll need to enter the passphrase every time you use the key. This adds an extra layer of security, but can be less convenient for automation or scripting. To set a passphrase, enter it when prompted; otherwise, leave the field blank ====Selecting file name and path for keys==== <code>ssh-keygen -t rsa -b 4096 -f .ssh/nuc</code> The '''-f''' option in the '''ssh-keygen''' command is used to specify the output file for the generated key pair. In your example, '''ssh-keygen -t rsa -b 4096 -f .ssh/nuc''', the command is generating an RSA key pair with a key length of 4096 bits, and the output files will be saved in the '''.ssh''' directory with the base name '''nuc'''. Here's a breakdown of the options used in this command: :* '''-t rsa''': Specifies the key type, in this case, RSA. :* '''-b 4096''': Specifies the key length, which is 4096 bits in this case. This length offers good security and is generally recommended. :* '''-f .ssh/nuc''': Specifies the file where the key pair will be saved. The private key will be saved as '''.ssh/nuc''', and the public key will be saved as '''.ssh/nuc.pub'''. After running this command, you'll have a new key pair with the private key in '''.ssh/nuc''' and the public key in '''.ssh/nuc.pub''' ====Create keys with no passphase==== <code>ssh-keygen -t rsa -b 4096 -N "" -C "MYSERVER" -f ~/.ssh/serverkey</code> :* '''-t rsa''': Specifies the key type, in this case, RSA. :* '''-b 4096''': Specifies the key length, which is 4096 bits in this case. This length offers good security and is generally recommended. :* '''-N ""''': Specifies an empty passphrase for the key pair. This means that the private key will not be encrypted, and no passphrase will be required when using it. This can be less secure, but more convenient for automated processes. :* '''-C "MYSERVER"''': Adds a comment to the generated key pair. In this case, the comment is "MYSERVER". Comments are useful for identifying keys when you have multiple keys in your ~/.ssh directory or on a remote server. :* '''-f ~/.ssh/serverkey''': Specifies the file where the key pair will be saved. The private key will be saved as '''~/.ssh/serverkey''', and the public key will be saved as '''~/.ssh/serverkey.pub'''. After running this command, you'll have a new key pair with the private key in '''~/.ssh/serverkey''' and the public key in '''~/.ssh/serverkey.pub'''. The private key will have an empty passphrase and a comment "MYSERVER" for easier identification. ====Remove the passphrase from an existing SSH private key==== To remove the passphrase from an existing SSH private key, you can use the '''ssh-keygen''' command with the '''-p''' option, which is used for changing the passphrase. Follow these steps: :* Make a backup of your private key file, just in case something goes wrong during the process. You can do this by running the following command, replacing '''<your_private_key>''' with the filename of your private key: <code>cp <your_private_key> <your_private_key>.backup</code> :* Run the '''ssh-keygen''' command with the '''-p''' option, specifying the private key file using the '''-f''' option: ::** '''-p''': Indicates that you want to change the passphrase of an existing private key. ::** '''-f <your_private_key>''': Specifies the private key file whose passphrase you want to change. <code>ssh-keygen -p -f <your_private_key></code> :* You will be prompted to enter the old passphrase for the private key. Type it in and press Enter. :* Next, you'll be prompted to enter a new passphrase. Since you want to remove the passphrase, leave this field empty and press Enter. :* You'll be asked to confirm the empty passphrase. Press Enter again to confirm. Your private key now has its passphrase removed. Keep in mind that this makes the private key less secure, as anyone with access to the file can use it without needing to know the passphrase. ====Add/Change a passphrase to an existing SSH Key==== To add a passphrase to an existing SSH private key that doesn't have one, you can use the '''ssh-keygen''' command with the '''-p''' option, just like when you change or remove a passphrase. Here are the steps: :* '''Make a backup of your private key file''', just in case something goes wrong during the process. You can do this by running the following command, replacing <your_private_key> with the filename of your private key: <code>cp <your_private_key> <your_private_key>.backup</code> :* Run the '''ssh-keygen''' command with the -p option, specifying the private key file using the '''-f''' option: <code>ssh-keygen -p -f <your_private_key></code> :* You will be prompted to enter the old passphrase for the private key. Since your private key doesn't currently have a passphrase, just press Enter to proceed. :* Next, you'll be prompted to enter a new passphrase. Type in the passphrase you want to set for the private key and press Enter. :* You'll be asked to confirm the new passphrase. Type it again and press Enter to confirm. Your private key now has a passphrase added to it. This provides an extra layer of security, as anyone using the key will need to know the passphrase to access it. Keep in mind that you should use a strong passphrase to ensure better security. === Copying public keys to the remote server=== After generating an SSH key pair, you'll need to copy the public key to the remote server to enable key-based authentication. Here's how to do it: ====Using ssh-copy-id==== Use the '''ssh-copy-id''' command (Linux and macOS): On Unix-based systems, you can use the ssh-copy-id command to copy your public key to the remote server: <code>ssh-copy-id -i ~/.ssh/id_rsa.pub username@hostname_or_IP</code> Replace ~/.ssh/id_rsa.pub with the path to your public key file (e.g., ~/.ssh/id_ed25519.pub for Ed25519 keys), username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. ====Manually copy the public key==== Manually copy the public key (Windows and alternative method): If you don't have access to the ssh-copy-id command or prefer to do it manually, you can: :* Open your public key file (e.g., id_rsa.pub or id_ed25519.pub) with a text editor and copy its content.> :* Log in to the remote server via SSH.<br> :* Create the ~/.ssh directory if it doesn't exist: <code>mkdir -p ~/.ssh</code> Edit or create the ~/.ssh/authorized_keys file using a text editor (e.g., nano, vim, or emacs), and paste the content of your public key at the end of the file. Save and close the file. Set the correct file permissions: To ensure the security of your SSH setup, it's essential to set the proper file permissions on your local machine and the remote server: :* On your local machine: :** Private key (id_rsa or id_ed25519): -rw------- (600) :** Public key (id_rsa.pub or id_ed25519.pub): -rw-r--r-- (644) :* On the remote server: :** ~/.ssh directory: drwx------ (700) :** ~/.ssh/authorized_keys file: -rw------- (600) To set the permissions on your local machine, use the chmod command: <pre> chmod 600 ~/.ssh/id_rsa chmod 644 ~/.ssh/id_rsa.pub </pre> On the remote server, use the following commands: <pre> chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys </pre> Once you've copied your public key to the remote server and set the correct file permissions, you should be able to connect using key-based authentication without the need for a password. === Disabling password authentication (optional)=== Disabling password authentication enhances the security of your SSH server by requiring key-based authentication for all connections. You can disable password authentication for specific users or for all users. To do so, follow these steps: :* Connect to the remote server: Log in to the remote server via SSH using your username and the server's hostname or IP address. :* Edit the SSH configuration file: Open the SSH server configuration file (usually located at /etc/ssh/sshd_config) with a text editor such as nano, vim, or emacs: <code>sudo nano /etc/ssh/sshd_config</code> :* Disabling password authentication for all users: Find the line containing "PasswordAuthentication" and set its value to "no": <code>PasswordAuthentication no</code> If the line is commented out (i.e., it starts with a '#'), remove the '#' symbol. :* Disabling password authentication for a specific user: To disable password authentication only for a particular user, you can use a "Match User" block at the end of the sshd_config file: <pre> Match User username PasswordAuthentication no </pre> Replace username with the actual username for which you want to disable password authentication. :* Save and exit the file: Save your changes and exit the text editor. :* Restart the SSH server: Apply the changes by restarting the SSH server: <code>sudo systemctl restart ssh</code> Now, password authentication will be disabled for the specified user(s), and only key-based authentication will be allowed. Remember that if you disable password authentication, you must have a working SSH key pair set up to access the server, or you may be locked out. == Configuring the SSH server== Edit the SSH server configuration file located at <b>/etc/ssh/sshd_config</b> to set your desired settings. You can modify options like the listening port, allowing root login, and more. ===Common sshd_config Options=== The '''sshd_config''' file is located at '''/etc/ssh/sshd_config''' on most Linux systems. This file contains various options and settings that determine the behavior of the OpenSSH server. Each option is followed by its value, and lines starting with a <b>#</b> are considered comments. Here's an overview of some common options in the sshd_config file: ===Port=== Specifies the port number that the SSH server listens on.<br> <code>Port 22</code><br> === AddressFamily=== Determines the IP address family (IPv4, IPv6, or both) used by the SSH server. * To specify that the SSH server should only listen for incoming IPv4 connections: <code>AddressFamily inet</code> * Or, if you want the SSH server to only listen for incoming IPv6 connections, set the 'AddressFamily' directive to 'inet6': <code>AddressFamily inet6</code> * If you want to allow both IPv4 and IPv6 connections, set the 'AddressFamily' directive to 'any': <code>AddressFamily any</code> === ListenAddress=== Specifies the IP address(es) the SSH server listens on. By default, it listens on all available addresses. <code>ListenAddress 192.168.1.10</code> === Protocol=== Defines the SSH protocol version. It's recommended to use only protocol 2. <code>Protocol 2</code> === PermitRootLogin=== Controls whether root login is allowed. It's generally advised to disable root login or set it to "without-password" to allow only key-based authentication for root. <code>PermitRootLogin no</code> ===PasswordAuthentication=== Enables or disables password-based authentication. <code>PasswordAuthentication yes</code> === PubkeyAuthentication=== Enables or disables public key authentication. <code>PubkeyAuthentication yes</code> === AuthorizedKeysFile=== Specifies the location of the authorized keys file for public key authentication. <code>AuthorizedKeysFile .ssh/authorized_keys</code> === LogLevel=== Sets the logging level for the SSH server. The LogLevel option in '''sshd_config''' controls the amount of information that SSH daemon (sshd) logs. There are different log levels that can be set with this option, each providing a different level of detail: * '''QUIET''': Disables all logging. * '''FATAL''': Only logs fatal errors. * '''ERROR''': Logs error messages. * '''INFO''': Logs informational messages such as login attempts. * '''VERBOSE''': Logs more detailed information than INFO, including shell commands executed. * '''DEBUG''': Logs detailed debugging information, including raw protocol details. The default log level is '''INFO''', which is usually sufficient for most purposes. However, if you need to troubleshoot SSH connections or monitor user activity, setting a higher log level may be helpful. To change the '''LogLevel''' in '''sshd_config''', you can edit the file '''/etc/ssh/sshd_config''' (or the appropriate configuration file for your system), and add or modify the line: <code>LogLevel <log_level></code> Where <log_level> is one of the log levels listed above. <code>LogLevel INFO</code> === LoginGraceTime=== Defines the time allowed for a user to successfully log in. <code>LoginGraceTime 2m</code> ===MaxAuthTries=== Limits the number of authentication attempts allowed per connection. <code>MaxAuthTries 6</code> === MaxSessions=== Specifies the maximum number of simultaneous sessions allowed per network connection.<br> <code>MaxSessions 10</code> === AllowUsers, DenyUsers, AllowGroups, DenyGroups=== These options control which users and groups are allowed or denied access to the SSH server. They provide a way to manage access control based on usernames and group membership. * '''AllowUsers''': Specifies a list of users allowed to access the SSH server. Other users will be denied access. <code>AllowUsers user1 user2 user3</code><br> * '''DenyUsers''': Specifies a list of users denied access to the SSH server. Other users will be allowed access. <code>DenyUsers user4 user5</code> * '''AllowGroups''': Specifies a list of groups whose members are allowed to access the SSH server. Users not belonging to these groups will be denied access. <code>AllowGroups group1 group2</code> * '''DenyGroups''': Specifies a list of groups whose members are denied access to the SSH server. Users not belonging to these groups will be allowed access. <code>DenyGroups group3 group4</code> Note that the order in which these options are applied is '''DenyUsers''', '''AllowUsers''', '''DenyGroups''', and finally '''AllowGroups'''. ===Banner=== The Banner option allows you to display a message or warning to users before they log in to the SSH server. This is often used to display legal notices, security warnings, or other important information. To enable the banner, set the Banner option to the path of a text file containing the message you want to display: <code>Banner /etc/ssh/banner.txt</code> Create the /etc/ssh/banner.txt file and add your desired message. The content of this file will be displayed to users before they log in. ==Advanced sshd_config Options== === PermitTunnel=== The PermitTunnel option enables or disables the use of SSH tunneling. Tunnels can be used to forward ports or create VPN-like connections between the client and the server. * There are four possible values for this option: : '''"yes"''': Allows all types of tunnels.<br> : '''"point-to-point"''': Allows only point-to-point (Layer 3) tunnels.<br> : '''"ethernet"''': Allows only Ethernet (Layer 2) tunnels.<br> : '''"no"''': Disables tunneling (default).<br> To enable tunneling, set the PermitTunnel option in the sshd_config file: <code>PermitTunnel yes</code> Keep in mind that enabling tunnels may expose your server to additional security risks. Only enable this option if you understand the implications and have a specific use case that requires it. === ChrootDirectory=== The ChrootDirectory option allows you to restrict a user or a group to a specific directory (known as a chroot jail) when they log in via SSH. This can enhance security by isolating users and limiting their access to only the necessary parts of the filesystem. To set up a chroot jail, follow these steps: Create a directory that will serve as the chroot jail. For example, let's create a directory for user1: <code>sudo mkdir /home/user1/chroot</code> Change the ownership of the directory to the user and their primary group: <code>sudo chown user1:user1 /home/user1/chroot</code> In the sshd_config file, add a Match block at the end of the file to specify the ChrootDirectory for user1: <pre> Match User user1 ChrootDirectory /home/user1/chroot </pre> Restart the SSH server to apply the changes: <code>sudo systemctl restart ssh</code> Now, when user1 logs in via SSH, they will be restricted to the /home/user1/chroot directory and won't be able to access other parts of the filesystem. Note that the chroot jail should be owned by root and not writable by the user. If you need to provide write access to specific directories, create subdirectories inside the chroot jail and set appropriate permissions for those. Also, some features like SFTP may require additional configuration within the chroot jail. ===ForceCommand=== The ForceCommand option allows you to specify a command that will be executed when a user logs in via SSH, regardless of the command requested by the user. This can be useful for limiting the actions a user can perform or for automatically running specific tasks upon login. To use the ForceCommand option, follow these steps: In the sshd_config file, add a Match block at the end of the file to specify the ForceCommand for a specific user or group. For example, to force user1 to execute the command /usr/bin/my-command upon login: <pre> Match User user1 ForceCommand /usr/bin/my-command </pre> Restart the SSH server to apply the changes: <code>sudo systemctl restart ssh</code> Now, when user1 logs in via SSH, the /usr/bin/my-command will be executed automatically, and they will not be able to run any other command. Keep in mind that using ForceCommand may limit the user's ability to interact with the server or transfer files via SFTP. Make sure to test and verify the functionality for your specific use case. === Match Blocks=== Match blocks in the sshd_config file allow you to apply specific configuration options based on certain criteria, such as the user, group, address, or host. This enables you to create custom rules and settings for different users, groups, or connections. Match block syntax: <pre> Match criteria Option value </pre> Here are some examples of Match blocks and their usage: Apply settings only for a specific user: <pre> Match User user1 PasswordAuthentication no AllowTcpForwarding yes </pre> This configuration disables password authentication and enables TCP forwarding only for user1. Apply settings for multiple users: <pre> Match User user1,user2 ChrootDirectory /home/%u/chroot </pre> This configuration sets the chroot directory for both user1 and user2. Apply settings for a specific group: <pre> Match Group group1 PasswordAuthentication yes </pre> This configuration enables password authentication only for members of group1. Apply settings based on the client's IP address: <pre> Match Address 192.168.1.0/24 PasswordAuthentication no </pre> This configuration disables password authentication for clients connecting from the 192.168.1.0/24 subnet. Combine multiple criteria: <pre> Match User user1 Address 192.168.1.0/24 PasswordAuthentication yes </pre> This configuration enables password authentication only for user1 when they connect from the 192.168.1.0/24 subnet. Remember to restart the SSH server after making changes to the sshd_config file: <code>sudo systemctl restart ssh</code> Match blocks offer flexibility in customizing your SSH server's configuration based on various criteria. Use them wisely to enhance security and optimize your server's settings. ==Best Practices and Tips '''sshd_config'''== When configuring your '''sshd_config''' file, it's essential to follow best practices to ensure the security and stability of your SSH server. Here are some recommendations and tips: :* Keep the server up-to-date: Always update your SSH server software and the underlying operating system to ensure you have the latest security patches and features. :* Use strong authentication: Enable key-based authentication (PubkeyAuthentication) and consider disabling password authentication (PasswordAuthentication) to reduce the risk of brute-force attacks. :* Limit root access: Set "PermitRootLogin" to "no" or "without-password" to prevent direct root login or require key-based authentication for root. :* Use non-standard ports: Change the default SSH port (22) to a non-standard port to reduce the exposure to automated scans and attacks. Keep in mind this is security through obscurity and should be combined with other security measures. '''Restrict user access''': Use "AllowUsers," "DenyUsers," "AllowGroups," and "DenyGroups" options to control which users and groups can access the SSH server. '''Monitor logs''': Regularly check your SSH server logs for any suspicious activity or failed login attempts. Adjust the "LogLevel" setting in sshd_config as needed. * Default Log Path Ubuntu 22.04: '''/var/log/auth.log''' '''Use chroot jails''': Isolate users by creating chroot jails using the "ChrootDirectory" option, especially when providing SFTP access or when users don't require full access to the server. '''Configure connection settings''': Set appropriate values for "LoginGraceTime" and "MaxAuthTries" to limit the time allowed for successful login and the number of authentication attempts per connection. '''Use a strong firewall''': Configure your server's firewall to only allow SSH connections from trusted IP addresses or networks. '''Regularly review and audit''': Periodically review your sshd_config settings and make adjustments as necessary. Keep up-to-date with SSH security best practices and recommendations. By following these best practices and tips, you can enhance the security and performance of your SSH server, protecting it from unauthorized access and potential attacks. ===Troubleshooting sshd_config Issues=== When encountering problems with your SSH server configuration, it's important to know how to diagnose and resolve issues. Here are some common problems and troubleshooting steps: Check syntax and configuration errors: If the SSH server is not starting or not functioning as expected, check the sshd_config file for any syntax or configuration errors. Use the following command to test the configuration file for errors: <code>sudo sshd -t</code> If there are any issues, the command will provide error messages with information on what needs to be fixed. Review log files: Inspect the SSH server log files for any error messages or relevant information. The location of the log files may vary depending on your system, but common locations are /var/log/auth.log or /var/log/secure. Tail the log file while attempting to connect to get real-time information: <code>sudo tail -f /var/log/auth.log</code> Restart the SSH server Check firewall settings: Ensure that the server's firewall is allowing SSH connections on the correct port. If you changed the default SSH port, update your firewall rules accordingly. Verify user permissions: If a specific user is unable to connect, check the user's permissions, home directory, and the settings in the sshd_config file, such as "AllowUsers," "DenyUsers," "AllowGroups," or "DenyGroups." SSH server from a client, use the verbose mode to get more detailed information about the connection process. This can help identify any issues with authentication or configuration. Run the following command to enable verbose mode: <code>ssh -v user@example.com</code> Replace "user@example.com" with the appropriate username and server address. You can increase the verbosity level by adding more "v" characters (e.g., -vv or -vvv) if needed. Check file permissions: Ensure that the file permissions for the user's home directory, the .ssh directory, and the authorized_keys file are set correctly. The user's home directory should not be writable by other users, the .ssh directory should have permissions set to 700 (drwx------), and the authorized_keys file should have permissions set to 600 (-rw-------). Test network connectivity: If you're unable to connect to the SSH server, verify that you can reach the server on the network. Use tools like ping, traceroute, or telnet to check the connection to the server and the specific SSH port. By following these troubleshooting steps, you should be able to diagnose and resolve most issues related to the sshd_config file and the SSH server configuration. Remember to carefully review the settings in your sshd_config file and consult the server logs for additional information when encountering problems. ====After making changes, restart the SSH server:==== <code>sudo systemctl restart ssh</code><br> == Running commands on a remote server== Once you've connected to a remote server using SSH, you can execute commands on the remote machine just as you would on your local system. However, you can also run commands on a remote server without establishing an interactive SSH session. This can be useful for automation, scripting, or quick tasks. Here's how to do it: Use the SSH command: To run a command on a remote server without entering an interactive session, use the following syntax: <code>ssh username@hostname_or_IP -p port 'command'</code> Replace username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, port with the SSH port number (if different from the default 22), and command with the command you want to execute. For example, to list the contents of the remote server's home directory, you can use: <code>ssh john@example.com -p 22 'ls -la'</code> ===Handling multiple commands=== If you need to execute multiple commands, you can chain them together using a '''semicolon''' or '''&&'''. The semicolon allows you to run multiple commands sequentially, while the && operator runs the next command only if the previous command was successful. For example, to update the package list and then upgrade the packages on a remote Ubuntu server: <code>ssh john@example.com -p 2222 'sudo apt-get update; sudo apt-get upgrade -y'</code> * Command output: The output of the command will be displayed in your local terminal, just as if you were running the command on your local machine. Using key-based authentication ==Transferring files with SCP== The Secure Copy Protocol (SCP) is a useful tool for transferring files between your local machine and a remote server using SSH. SCP ensures that the data is encrypted during transit, providing a secure and efficient way to transfer files. ===Install an SCP client=== Most Unix-based systems, including Linux and macOS, have an SCP client pre-installed. For Windows, you can use the built-in SCP client included with the OpenSSH package (available in Windows 10 and later) or a third-party client like WinSCP. ===Transfer a file from your local machine to a remote server=== To copy a file from your local machine to a remote server, use the following command: * Note the use of the upper case '''-P''' for ports with '''scp''' <code>scp -P port local_file_path username@hostname_or_IP:remote_file_path</code> Replace port with the SSH port number (if different from the default 22), local_file_path with the path to the file on your local machine, username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, and remote_file_path with the desired location on the remote server. For example: <code>scp -P 22 /home/john/documents/report.pdf john@example.com:/home/john/reports/</code> This command will copy the "report.pdf" file from the local machine to the "reports" directory on the remote server. ===Transfer a file from a remote server to your local machine=== To copy a file from a remote server to your local machine, use the following command: <code>scp -P port username@hostname_or_IP:remote_file_path local_file_path</code> Replace port with the SSH port number (if different from the default 22), username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, remote_file_path with the path to the file on the remote server, and local_file_path with the desired location on your local machine. For example: <code>scp -P 2222 john@example.com:/home/john/reports/report.pdf /home/john/documents/</code> : Or <code>scp john@example.com:/home/john/reports/report.pdf /home/john/documents/</code>- This command will copy the "report.pdf" file from the remote server's "reports" directory to the "documents" directory on your local machine. ===Transferring directories=== To transfer an entire directory, use the '''-r''' flag: <code>scp -r -P port local_directory_path username@hostname_or_IP:remote_directory_path</code> Or, to copy a directory from the remote server to your local machine: <code>scp -r -P port username@hostname_or_IP:remote_directory_path local_directory_path</code> Using SCP is a convenient and secure way to transfer files between your local machine and a remote server. It leverages the security of the SSH protocol to ensure that your data remains encrypted during transit. ===Transferring from Remote Computer to Remote Computer=== Copy the file '''stuff.txt''' from remote host '''12.34.56.67''' to host '''11.22.33.44''' <code>scp name@12.34.56.67:/home/user/Documents/stuff.txt name@11.22.33.44:/home/user/Documents/</code> With the '''-3''' flag copies between two remote hosts "12.34.56.67" and "11.22.33.44" are transferred through the local host running the command. <code>scp -3 name@12.34.56.67:/home/user/Documents/stuff.txt \ name@11.22.33.44:/home/user/Documents/ </code> ===Transferring multiple files=== Send files foo.txt and bar.txt to remote. <code>scp foo.txt bar.txt user@12.34.56.78:~/Documents/</code> Copy multiple files from remote "Documents" directory to local "Documents" directory. <code>scp user@11.22.33.44:/home/user/Documents/\{todo_list.txt,links.txt,stuff.txt\} /home/$USER/Documents/</code> Copy multiple files from the remote to local current directory. <code>scp name@12.34.56.78:~/\{README.md,.bashrc\} . </code> == Transferring files with SFTP== The SSH File Transfer Protocol (SFTP) is another method for transferring files securely between your local machine and a remote server. Unlike SCP, SFTP provides an interactive interface that allows you to navigate, upload, and download files more easily. Install an SFTP client: Most Unix-based systems, including Linux and macOS, have an SFTP client pre-installed. For Windows, you can use the built-in SFTP client included with the OpenSSH package (available in Windows 10 and later) or a third-party client like WinSCP or FileZilla. Connect to a remote server: To start an SFTP session with a remote server, open a terminal or command prompt on your local machine and use the following command: <code>sftp -P port username@hostname_or_IP</code> Replace port with the SSH port number (if different from the default 22), username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. For example: <code>sftp -P 22 john@example.com</code> Navigate the remote filesystem: Once connected, you can use commands similar to those available in a Unix shell to navigate the remote server's filesystem. Some common SFTP commands include: : '''ls''': List files and directories<br> : '''cd''': Change the current directory<br> : '''mkdir''': Create a new directory<br> : '''rmdir''': Remove an empty directory<br> : '''get''': Download a file from the remote server<br> : '''put''': Upload a file to the remote server<br> <br> : '''rm''': Remove a file<br> : '''rename''': Rename a file or directory<br> : '''exit''': Exit the SFTP session<br> Transfer files: To transfer files, use the put command to upload a file from your local machine to the remote server, and the get command to download a file from the remote server to your local machine. For example: Upload a file: <code>put local_file_path remote_file_path</code> Download a file: <code>get remote_file_path local_file_path</code> Replace local_file_path and remote_file_path with the appropriate paths for the files you want to transfer. Transferring directories: To transfer entire directories, use the -r flag with the put and get commands: Upload a directory: <code>put -r local_directory_path remote_directory_path</code> Download a directory: <code>get -r remote_directory_path local_directory_path</code> Disconnect from the remote server: When you've finished transferring files, type exit to close the SFTP session. SFTP offers a more user-friendly, interactive experience for transferring files compared to SCP. By utilizing the secure and encrypted SSH protocol, SFTP ensures that your data remains safe during transfer. ==Advanced SSH Techniques== === Port forwarding and tunneling=== SSH port forwarding and tunneling allow you to securely forward network traffic between your local machine and a remote server. This can be useful for accessing remote services, bypassing firewalls, or securely transmitting sensitive data. Local Port Forwarding: Local port forwarding creates a secure tunnel between your local machine and a remote server, allowing you to access remote services as if they were running on your local machine. To set up local port forwarding, use the -L flag with the SSH command: <code>ssh -L local_port:remote_host:remote_port username@hostname_or_IP</code> Replace local_port with an available port on your local machine, remote_host with the hostname or IP address of the remote server hosting the service, remote_port with the port number of the remote service, username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. Remote Port Forwarding: Remote port forwarding enables you to expose a local service running on your machine to a remote network. To set up remote port forwarding, use the -R flag with the SSH command: <code>ssh -R remote_port:local_host:local_port username@hostname_or_IP</code> Replace remote_port with an available port on the remote server, local_host with the hostname or IP address of the local machine hosting the service, local_port with the port number of the local service, username with your username on the remote server, and hostname_or_IP with the server's hostname or IP address. :**Forwarding X, Sound, and Video on Ubuntu 22.04 with Ubuntu 22.04 LXC**: To forward X, sound, and video from a remote Ubuntu 22.04 server to your local Ubuntu 22.04 machine, you'll need to enable X11 forwarding and install the necessary packages. :* Install required packages: On both your local machine and the remote server, install the x11-apps and pulseaudio packages: <code>sudo apt update</code><br> <code>sudo apt install x11-apps pulseaudio</code> :* Enable X11 forwarding: To enable X11 forwarding, you'll need to edit the SSH server configuration file (/etc/ssh/sshd_config) on the remote server: <code>sudo nano /etc/ssh/sshd_config</code> Find the line containing "X11Forwarding" and set its value to "yes": <code>X11Forwarding yes</code> If the line is commented out (i.e., it starts with a '#'), remove the '#' symbol. Save your changes and exit the text editor. :* Restart the SSH server: Apply the changes by restarting the SSH server: <code>sudo systemctl restart ssh</code> :* Connect with X11 forwarding: From your local machine, use the -X flag to enable X11 forwarding when connecting to the remote server: <code>ssh -X username@hostname_or_IP</code> :* Export PULSE_SERVER environment variable: On the remote server, export the PULSE_SERVER environment variable to forward sound: <code>export PULSE_SERVER=tcp:localhost</code> You can add this line to the remote user's ~/.bashrc or ~/.profile file to make the change permanent. :* Run applications: Now, you can run graphical applications on the remote server, and they will be displayed on your local machine with sound and video forwarded. Please note that forwarding X, sound, and video might cause increased latency and reduced performance compared to running the applications locally. === SSH agent forwarding=== SSH agent forwarding is a powerful feature that allows you to use your local SSH keys to authenticate with remote servers without having to copy your private keys to those servers. This is particularly useful when you need to access one remote server (Server B) through another remote server (Server A). ==== Start the SSH agent on your local machine ==== Before you enable SSH agent forwarding, you need to start the SSH agent on your local machine. Open a terminal and run the following command: :* For Linux and macOS: <code>eval "$(ssh-agent -s)"</code> For Windows (Git Bash or Cygwin): <code>eval $(ssh-agent)</code> This command starts the SSH agent and sets the required environment variables. ====Add your SSH key to the agent==== Next, add your private key to the SSH agent with the following command: <code>ssh-add ~/.ssh/your_private_key</code> Replace '''your_private_key''' with the filename of your private key. This might be '''id_rsa''', '''id_ed25519''', or another key file depending on your setup. ====Configure SSH agent forwarding on your local machine==== Edit your SSH config file to enable agent forwarding. The config file is usually located at '''~/.ssh/config'''. If the file doesn't exist, create it. Add the following lines to the config file: <pre> Host server_a_alias HostName server_a_ip_or_hostname User your_username_on_server_a ForwardAgent yes Host server_b_alias HostName server_b_ip_or_hostname User your_username_on_server_b ForwardAgent yes </pre> Replace :* '''server_a_alias''' :* ''' server_a_ip_or_hostname''' :* '''your_username_on_server_a''' :* '''server_b_alias''' :* '''server_b_ip_or_hostname''' :* '''your_username_on_server_b''' with the appropriate values. ====Make sure your public key is added to the remote servers==== Before you can use SSH agent forwarding, you need to add your public key to the '''~/.ssh/authorized_keys''' file on both Server A and Server B. If you haven't done this already, you can use the following command: <code>ssh-copy-id -i ~/.ssh/your_public_key user@server_ip_or_hostname</code> Replace '''your_public_key''', '''user''', and '''server_ip_or_hostname''' with the appropriate values. ====Test SSH agent forwarding==== First, SSH into Server A: <code>ssh server_a_alias</code> Then, from Server A, SSH into Server B: <code>ssh server_b_alias</code> If everything is set up correctly, you should be able to access Server B without being prompted for a password. ====Verify SSH agent forwarding==== To make sure that SSH agent forwarding is working, you can check the value of the '''SSH_AUTH_SOCK''' environment variable on Server B. From Server B, run the following command: <code>echo $SSH_AUTH_SOCK</code> If SSH agent forwarding is working, this command should return a non-empty value. That's it! You've successfully set up and tested SSH agent forwarding. Now you can use your local SSH keys to authenticate with remote servers without having to copy your private keys to those servers. ===Command Restriction=== The '''authorized_keys''' file can be used to restrict the commands that a specific SSH key can execute. This is especially useful for security purposes, to limit the potential damage that could be done if a key is compromised. By including a '''command=''' directive in the '''authorized_keys''' file, you can specify the exact command that will be run when a client connects using the associated key. Any command provided by the client will be ignored, and the command specified in the authorized_keys file will be used instead. Example: <code>command="/usr/bin/scp -t /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...</code> is set up to always execute the '''scp''' command (used for secure copy of files over SSH) to the specified directory, no matter what command was originally issued by the client. This is a good way to create a "write-only" drop box, for instance. However, the keyholder could potentially still execute arbitrary commands by carefully crafting the file names they upload, so additional precautions should be taken, such as using command= along with other directives like '''no-port-forwarding''', '''no-X11-forwarding''', and '''no-pty''' to further limit what can be done with the key. <code>command="/usr/bin/scp -t /home/rscp/media/",no-port-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...</code> This entry does the following: :* The '''command=''' directive runs the specified command when a client connects using this key. In this case, the command is scp, which securely copies files to the /home/rscp/media/ directory. :* The '''no-port-forwarding''' directive prevents the client from using SSH's port forwarding features, which could potentially be used to create a secure tunnel for other network traffic. :* The '''no-X11-forwarding''' directive prevents the client from forwarding X11 graphical sessions, which could be used to run graphical applications over the SSH connection. :* The '''no-pty''' directive prevents the allocation of a pseudo-terminal, which means the client can't interact with a shell or run interactive commands. The '''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...''' part is the public key of the client. Replace this with the actual key. This configuration significantly limits the operations that can be performed with this key, providing an additional layer of security. ====SCP Only==== Use Case Example: Have a Server hosting XML Dumps, and want to automate sending a file or directory from Server1 to Server2 using a script and ssh-key so i don't need to enter password. =====Create Account on Server===== Create user account you are going to use:<br> <code>adduser rscp</code> Make sure user has a '''.ssh''' directory to send public key to:<br> <code>mkdir /home/rscp/.ssh</code> Make a Directory to transfer files to:<br> <code>mkdir /home/rscp/media</code> Note: If you see error <code>scp: /home/rscp/media/test.txt: Permission denied</code> If you created directory '''media''' when logged in as '''root''' then check directory permissions and if need [[Linux_Users_and_Groups#File_Ownership_and_Permissions|assign ownership to '''user''' account.]]<br> Example:<code>chown rscp:rscp /home/rscp/media</code> [[Ubuntu_22.04_SSH_Guide#Copying_public_keys_to_the_remote_server|Send your public key to server]] After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> <pre> command="/usr/bin/scp -t /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... </pre> If from remote server you are sending a Directory include the '''-r''' flag in command:<br> After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> <pre> command="/usr/bin/scp -t -r /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... </pre> This entry in the authorized_keys file uses the command option to restrict the SSH command that can be run with the associated SSH key. The command option specifies that the scp command should be used to transfer files to the '''/home/rscp/media/''' directory on the server. Here's a breakdown of the entry: :* '''command="/usr/bin/scp -t /home/rscp/"''': This specifies that the scp command should be used as the SSH command for this key, with the '''-t''' option to specify that the remote end is a file (in this case, a directory), and the destination directory on the server is /home/rscp/. This means that the user can only use the SSH key to transfer files to the /home/rscp/ directory on the server. :* '''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...''': This is the public key associated with the private key that is used for authentication. By using the command option in this way, you can restrict the actions that the user can perform with the SSH key, which can help to improve security. In this case, the user can only transfer files to the specified directory on the server using the scp command. ======Tip - transfer file to a path your USER does not have permissions for====== You can write a shell script to check the '''/home/rscp/media''' directory every minute using a while loop and the sleep command. If any files are found in the directory, the script can move them to the '''/var/www/media''' directory using the mv command. Here's an example script: <syntaxhighlight lang="bash" line> #!/bin/bash while true do if [ "$(ls -A /home/rscp/media/)" ]; then mv /home/rscp/media/* /var/www/media/ fi sleep 60 done </syntaxhighlight> In this script, the while loop runs indefinitely ('''while true''') and sleeps for 60 seconds at the end of each iteration ('''sleep 60'''). The '''if''' statement checks if the '''/home/rscp/media''' directory is not empty ('''[ "$(ls -A /home/rscp/media/)" ]'''). If it is not empty, the '''mv''' command is used to move all files and directories from the '''/home/rscp/media/''' directory to the '''/var/www/media/''' directory. Save this script to a file (e.g. '''move-files.sh''') and make it executable using the '''chmod +x move-files.sh''' command. You can then run the script using '''./move-files.sh &''' to start it in the background and allow it to run indefinitely. The & symbol is used to run the script in the background so that you can continue using the terminal. Note that running this script indefinitely can consume system resources, so you may want to consider setting up a scheduled task (e.g. using '''[[Cron_ubuntu_22.04|cron]]''') to run the script at a specific interval instead of running it indefinitely. ==Tilde '''~''' the escape character== The tilde (~) character has a special meaning in the context of SSH. When using SSH, you can use the tilde character followed by a control sequence to perform certain actions. These are called "tilde escape sequences" or "tilde commands." They are useful for managing your SSH connections. Here's how to use tilde escape sequences when connected to a remote server via SSH: :* Make sure you are at the beginning of a new line in your terminal. Press '''Enter''' if you are not. :* Type the tilde (~) character, followed by the appropriate control sequence. Note that you should not press '''Enter''' after typing the tilde character, but rather type the control sequence directly after it. Here are some common tilde escape sequences: : '''~.''' : Close the SSH connection. This can be helpful if the connection is frozen or unresponsive. : '''~^Z''' : Suspend the SSH connection and return to your local shell. You can later resume the connection using the fg command. : '''~#''' : List all forwarded connections (both local and remote) that are active in the current SSH session. : '''~&''' : Run the SSH session in the background. This is useful if you want to perform other tasks on your local machine without closing the SSH connection. : '''~~''' : Send a literal tilde character to the remote system. This is useful if you need to type a tilde character in the remote system without triggering an escape sequence. Remember that these escape sequences only work if they are entered at the beginning of a new line in your terminal. If you're typing them in the middle of a command or text, they won't be recognized as special control sequences. ==Troubleshooting and Best Practices== In this section, we'll cover some common issues and best practices related to SSH connections, including managing a large number of SSH keys. ===Too many authentication attempts=== When connecting to an SSH server, you might encounter the "Too many authentication attempts" error. This is often caused by having too many private keys in your ~/.ssh directory. By default, SSH tries each key until it finds the correct one, but many servers limit the number of authentication attempts. '''Solution''': To resolve this issue, you can create a separate directory for your keys and configure the SSH config file to use the appropriate key for each connection. :* Create a new directory for your keys: <code>mkdir ~/.ssh/keys</code> :* Move your private key files to the new directory: <code>mv ~/.ssh/id_rsa_* ~/.ssh/keys/</code> Update your SSH config file to specify the correct key for each connection: <pre> Host server1 ... IdentityFile ~/.ssh/keys/id_rsa_server1 Host server2 ... IdentityFile ~/.ssh/keys/id_rsa_server2 </pre> ===Permission issues=== SSH is very strict about file and directory permissions. Ensure that your ~/.ssh directory and its contents have the correct permissions: :* The ~/.ssh directory should have permissions set to 700: <code>chmod 700 ~/.ssh</code> Private key files should have permissions set to 600: <code>chmod 600 ~/.ssh/id_rsa</code> The ~/.ssh/config file should have permissions set to 600: <code>chmod 600 ~/.ssh/config</code> :* <b>Best practices</b>: Follow these best practices to maintain secure and efficient SSH connections: :* Use SSH key pairs instead of passwords for authentication, as they provide better security. :* Regularly update your SSH keys to maintain their security. :* Use strong, unique passphrases to protect your private keys. :* Disable password authentication and root login on your SSH server to reduce the risk of brute-force attacks. :* Regularly update your SSH server software to ensure you're running the latest security patches. :* Use non-standard port numbers for your SSH server to make it less likely to be targeted by automated attacks. :* Implement multi-factor authentication (MFA) for your SSH connections, if possible. :* Regularly review and remove any unnecessary authorized keys from the ~/.ssh/authorized_keys file on your servers. :* Use the Match directive in the sshd_config file to apply custom rules and settings for different users, groups, or connections. 57pwt1rphvt08ge2q6fvv5m8btss3z3 0 127 433 2023-05-16T11:39:20Z Noob 1 Created page with " {{:LICENCE_HEADER_BSD3}} The following content is pulled in from the '''man ssh''' in ubuntu 22.04, we believe it is under the BSD-3 License, if we are wrong, please correct us. ==SSH(1)== BSD General Commands Manual SSH(1) ===NAME=== : ssh — OpenSSH remote login client ===SYNOPSIS=== : '''ssh''' [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface] [-b bind_address] [-c cipher_spec]..." 433 wikitext text/x-wiki {{:LICENCE_HEADER_BSD3}} The following content is pulled in from the '''man ssh''' in ubuntu 22.04, we believe it is under the BSD-3 License, if we are wrong, please correct us. ==SSH(1)== BSD General Commands Manual SSH(1) ===NAME=== : ssh — OpenSSH remote login client ===SYNOPSIS=== : '''ssh''' [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface] [-b bind_address] [-c cipher_spec] [-D [bind_address:]port] [-E log_file] [-e escape_char] [-F configfile] [-I pkcs11] [-i identity_file] [-J destination] [-L address] [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address] [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]] destination [command [argument ...]] ===DESCRIPTION=== : ssh (SSH client) is a program for logging into a remote machine and for executing commands on a remote machine. It is intended to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections, arbitrary TCP ports and UNIX-domain sockets can also be forwarded over the secure channel. : ssh connects and logs into the specified destination, which may be specified as either [user@]hostname or a URI of the form ssh://[user@]hostname[:port]. The user must prove their identity to the remote machine using one of several methods (see below). : If a command is specified, it will be executed on the remote host instead of a login shell. A complete command line may be specified as command, or it may have additional arguments. If supplied, the arguments will be appended to the command, separated by spaces, before it is sent to the server to be executed. ===Options=== The options are as follows: : '''-4''' Forces ssh to use IPv4 addresses only. : '''-6''' Forces ssh to use IPv6 addresses only. : '''-A''' Enables forwarding of connections from an authentication agent such as ssh-agent(1). This can also be specified on a per-host basis in a configuration file. : Agent forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the agent's UNIX-domain socket) can access the local agent through the forwarded connection. An attacker cannot obtain key material from the agent, however they can perform operations on the keys that enable them to authenticate using the identities loaded into the agent. A safer alternative may be to use a jump host (see -J). : '''-a''' Disables forwarding of the authentication agent connection. : '''-B bind_interface''' : Bind to the address of bind_interface before attempting to connect to the destination host. This is only useful on systems with more than one address. : '''-b bind_address''' : Use bind_address on the local machine as the source address of the connection. Only useful on systems with more than one address. : '''-C''' Requests compression of all data (including stdin, stdout, stderr, and data for forwarded X11, TCP and UNIX-domain connections). The compression algorithm is the same used by gzip(1). : Compression is desirable on modem lines and other slow connections, but will only slow down things on fast networks. The default value can be set on a host-by-host basis in the configuration files; see the Compression option. : '''-c cipher_spec''' : Selects the cipher specification for encrypting the session. cipher_spec is a comma-separated list of ciphers listed in order of preference. See the Ciphers keyword in ssh_config(5)for more information. : '''-D [bind_address:]port''' : Specifies a local “dynamic” application-level port forwarding. This works by allocating a socket to listen to port on the local side, optionally bound to the specified bind_address. : Whenever a connection is made to this port, the connection is forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. Currently the SOCKS4 and SOCKS5 protocols are supported, and ssh will act as a SOCKS server. Only root can forward privileged ports. Dynamic port forwardings can also be specified in the configuration file. : IPv6 addresses can be specified by enclosing the address in square brackets. Only the superuser can forward privileged ports. By default, the local port is bound in accordance with the GatewayPorts setting. However, an explicit bind_address may be used to bind the connection to a specific address. The bind_address of “localhost” indicates that the listening port be bound for local use only, while an empty address or ‘*’ indicates that the port should be available from all interfaces. : '''-E log_file''' : Append debug logs to log_file instead of standard error. : '''-e escape_char''' : Sets the escape character for sessions with a pty (default: ‘~’). The escape character is only recognized at the beginning of a line. The escape character followed by a dot (‘.’) closes the connection; followed by control-Z suspends the connection; and followed by itself sends the escape character once. Setting the character to “none” disables any escapes and makes the session fully transparent. : '''-F configfile''' : Specifies an alternative per-user configuration file. If a configuration file is given on the command line, the system-wide configuration file (/etc/ssh/ssh_config) will be ignored. : The default for the per-user configuration file is '''~/.ssh/config'''. If set to “none”, no configuration files will be read. : '''-f''' Requests ssh to go to background just before command execution. This is useful if ssh is going to ask for passwords or passphrases, but the user wants it in the background. This implies '''-n'''. The recommended way to start X11 programs at a remote site is with something like '''ssh -f host xterm'''. : If the ExitOnForwardFailure configuration option is set to “yes”, then a client started with -f will wait for all remote port forwards to be successfully established before placing it self in the background. Refer to the description of forkAfterAuthentication in ssh_config(5) for details. : '''-G''' Causes ssh to print its configuration after evaluating Host and Match blocks and exit. : '''-g''' Allows remote hosts to connect to local forwarded ports. If used on a multiplexed connection, then this option must be specified on the master process. : '''-I pkcs11''' : Specify the PKCS#11 shared library ssh should use to communicate with a PKCS#11 token providing keys for user authentication. : '''-i identity_file''' : Selects a file from which the identity (private key) for public key authentication is read. You can also specify a public key file to use the corresponding private key that is loaded in ssh-agent(1) when the private key file is not present locally. The default is ~/.ssh/id_rsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ecdsa_sk, ~/.ssh/id_ed25519, ~/.ssh/id_ed25519_sk and ~/.ssh/id_dsa. Identity files may also be specified on a per-host basis in the configuration file. It is possible to have multiple -i options (and multiple identities specified in configuration files). If no certificates have been explicitly specified by the CertificateFile directive, ssh will also try to load certificate information from the filename obtained by appending -cert.pub to identity filenames. : '''-J destination''' : Connect to the target host by first making a ssh connection to the jump host described by destination and then establishing a TCP forwarding to the ultimate destination from there. : Multiple jump hops may be specified separated by comma characters. This is a shortcut to specify a ProxyJump configuration directive. Note that configuration directives supplied on the command-line generally apply to the destination host and not any specified jump hosts. Use ~/.ssh/config to specify configuration for jump hosts. : '''-K''' Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI credentials to the server. : '''-k''' Disables forwarding (delegation) of GSSAPI credentials to the server. : '''-L [bind_address:]port:host:hostport''' : '''-L [bind_address:]port:remote_socket''' : '''-L local_socket:host:hostport''' : '''-L local_socket:remote_socket''' : Specifies that connections to the given TCP port or Unix socket on the local (client) host are to be forwarded to the given host and port, or Unix socket, on the remote side. This works by allocating a socket to listen to either a TCP port on the local side, optionally bound to the specified bind_address, or to a Unix socket. Whenever a connection is made to the local port or socket, the connection is forwarded over the secure channel, and a connection is made to either host port hostport, or the Unix socket remote_socket, from the remote machine. : Port forwardings can also be specified in the configuration file. Only the superuser can forward privileged ports. IPv6 addresses can be specified by enclosing the address in square brackets. : By default, the local port is bound in accordance with the GatewayPorts setting. However, an explicit bind_address may be used to bind the connection to a specific address. The bind_address of “localhost” indicates that the listening port be bound for local use only, while an empty address or ‘*’ indicates that the port should be available from all interfaces. : '''-l login_name''' : Specifies the user to log in as on the remote machine. This also may be specified on a per-host basis in the configuration file. : '''-M''' Places the ssh client into “master” mode for connection sharing. Multiple -M options places ssh into “master” mode but with confirmation required using ssh-askpass(1) before each operation that changes the multiplexing state (e.g. opening a new session). Refer to the description of ControlMaster in ssh_config(5) for details. : '''-m mac_spec''' : A comma-separated list of MAC (message authentication code) algorithms, specified in order of preference. See the MACs keyword for more information. : '''-N''' Do not execute a remote command. This is useful for just forwarding ports. Refer to the description of SessionType in ssh_config(5) for details. : '''-n''' Redirects stdin from /dev/null (actually, prevents reading from stdin). This must be used when ssh is run in the background. A common trick is to use this to run X11 programs on a remote machine. For example, ssh -n shadows.cs.hut.fi emacs & will start an emacs on shadows.cs.hut.fi, and the X11 connection will be automatically forwarded over an encrypted channel. The ssh program will be put in the background. (This does not work if ssh needs to ask for a password or passphrase; see also the -f option.) Refer to the description of StdinNull in ssh_config(5) for details. : '''-O ctl_cmd''' : Control an active connection multiplexing master process. When the -O option is specified, the ctl_cmd argument is interpreted and passed to the master process. Valid commands are: :* “check” (check that the master process is running) :* “forward” (request forwardings without command execution) :* “cancel” (cancel forwardings), “exit” (request the master to exit) :* “stop” (request the master to stop accepting further multiplexing requests). : '''-o option''' : Can be used to give options in the format used in the configuration file. This is useful for specifying options for which there is no separate command-line flag. For full details of the options listed below, and their possible values, see ssh_config(5). <pre> AddKeysToAgent AddressFamily BatchMode BindAddress CanonicalDomains CanonicalizeFallbackLocal CanonicalizeHostname CanonicalizeMaxDots CanonicalizePermittedCNAMEs CASignatureAlgorithms CertificateFile CheckHostIP Ciphers ClearAllForwardings Compression ConnectionAttempts ConnectTimeout ControlMaster ControlPath ControlPersist DynamicForward EscapeChar ExitOnForwardFailure FingerprintHash ForkAfterAuthentication ForwardAgent ForwardX11 ForwardX11Timeout ForwardX11Trusted GatewayPorts GlobalKnownHostsFile GSSAPIAuthentication GSSAPIKeyExchange GSSAPIClientIdentity GSSAPIDelegateCredentials GSSAPIKexAlgorithms GSSAPIRenewalForcesRekey GSSAPIServerIdentity GSSAPITrustDns HashKnownHosts Host HostbasedAcceptedAlgorithms HostbasedAuthentication HostKeyAlgorithms HostKeyAlias Hostname IdentitiesOnly IdentityAgent IdentityFile IPQoS KbdInteractiveAuthentication KbdInteractiveDevices KexAlgorithms KnownHostsCommand LocalCommand LocalForward LogLevel MACs Match NoHostAuthenticationForLocalhost NumberOfPasswordPrompts PasswordAuthentication PermitLocalCommand PermitRemoteOpen PKCS11Provider Port PreferredAuthentications ProxyCommand ProxyJump ProxyUseFdpass PubkeyAcceptedAlgorithms PubkeyAuthentication RekeyLimit RemoteCommand RemoteForward RequestTTY SendEnv ServerAliveInterval ServerAliveCountMax SessionType SetEnv StdinNull StreamLocalBindMask StreamLocalBindUnlink StrictHostKeyChecking TCPKeepAlive Tunnel TunnelDevice UpdateHostKeys User UserKnownHostsFile VerifyHostKeyDNS VisualHostKey XAuthLocation </pre> : '''-p port''' : Port to connect to on the remote host. This can be specified on a per-host basis in the configuration file. : '''-Q query_option''' : Queries for the algorithms supported by one of the following features: cipher (supported symmetric ciphers), cipher-auth (supported symmetric ciphers that support authenticated encryption), help (supported query terms for use with the -Q flag), mac (supported message integrity codes), kex (key exchange algorithms), kex-gss (GSSAPI key exchange algorithms), key (key types), key-cert (certificate key types), key-plain (non-certificate key types), key-sig (all key types and signature algorithms), protocol-version (supported SSH protocol versions), and sig (supported signature algorithms). Alternatively, any keyword from ssh_config(5) or sshd_config(5) that takes an algorithm list may be used as an alias for the corresponding query_option. : '''-q''' Quiet mode. Causes most warning and diagnostic messages to be suppressed. : '''-R [bind_address:]port:host:hostport''' : '''-R [bind_address:]port:local_socket''' : '''-R remote_socket:host:hostport''' : '''-R remote_socket:local_socket''' : '''-R [bind_address:]port''' : Specifies that connections to the given TCP port or Unix socket on the remote (server) host are to be forwarded to the local side. : This works by allocating a socket to listen to either a TCP port or to a Unix socket on the remote side. Whenever a connection is made to this port or Unix socket, the connection is forwarded over the secure channel, and a connection is made from the local machine to either an explicit destination specified by host port hostport, or local_socket, or, if no explicit destination was specified, ssh will act as a SOCKS 4/5 proxy and forward connections to the destinations requested by the remote SOCKS client. : Port forwardings can also be specified in the configuration file. Privileged ports can be forwarded only when logging in as root on the remote machine. IPv6 addresses can be specified by enclosing the address in square brackets. : By default, TCP listening sockets on the server will be bound to the loopback interface only. This may be overridden by specifying a bind_address. An empty bind_address, or the address ‘*’, indicates that the remote socket should listen on all interfaces. Specifying a remote bind_address will only succeed if the server's GatewayPorts option is enabled (see sshd_config(5)). : If the port argument is ‘0’, the listen port will be dynamically allocated on the server and reported to the client at run time. When used together with -O forward the allocated port will be printed to the standard output. : '''-S ctl_path''' : Specifies the location of a control socket for connection sharing, or the string “none” to disable connection sharing. Refer to the description of ControlPath and ControlMaster in ssh_config(5) for details. : '''-s''' May be used to request invocation of a subsystem on the remote system. Subsystems facilitate the use of SSH as a secure transport for other applications (e.g. sftp(1)). The subsystem is specified as the remote command. Refer to the description of SessionType in ssh_config(5) for details. : '''-T''' Disable pseudo-terminal allocation. : '''-t''' Force pseudo-terminal allocation. This can be used to execute arbitrary screen-based programs on a remote machine, which can be very useful, e.g. when implementing menu services. : Multiple '''-t''' options force tty allocation, even if ssh has no local tty. : '''-V''' Display the version number and exit. : '''-v''' Verbose mode. Causes ssh to print debugging messages about its progress. This is helpful in debugging connection, authentication, and configuration problems. Multiple -v options increase the verbosity. The maximum is 3. : '''-W host:port''' : Requests that standard input and output on the client be forwarded to host on port over the secure channel. Implies -N, -T, ExitOnForwardFailure and ClearAllForwardings, though these can be overridden in the configuration file or using -o command line options. : '''-w local_tun[:remote_tun]''' : Requests tunnel device forwarding with the specified tun(4) devices between the client (local_tun) and the server (remote_tun). : The devices may be specified by numerical ID or the keyword “any”, which uses the next available tunnel device. If remote_tun is not specified, it defaults to “any”. See also the Tunnel and TunnelDevice directives in ssh_config(5). : If the Tunnel directive is unset, it will be set to the default tunnel mode, which is “point-to-point”. If a different Tunnel forwarding mode it desired, then it should be specified before -w. : '''-X''' Enables X11 forwarding. This can also be specified on a per-host basis in a configuration file. : X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the user's X authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring. : For this reason, X11 forwarding is subjected to X11 SECURITY extension restrictions by default. Refer to the ssh -Y option and the ForwardX11Trusted directive in ssh_config(5) for more information. : (Debian-specific: X11 forwarding is not subjected to X11 SECURITY extension restrictions by default, because too many programs currently crash in this mode. Set the ForwardX11Trusted option to “no” to restore the upstream behaviour. This may change in future depending on client-side improvements.) : '''-x''' Disables X11 forwarding. : '''-Y''' Enables trusted X11 forwarding. Trusted X11 forwardings are not subjected to the X11 SECURITY extension controls. : (Debian-specific: In the default configuration, this option is equivalent to -X, since ForwardX11Trusted defaults to “yes” as described above. Set the ForwardX11Trusted option to “no” to restore the upstream behaviour. This may change in future depending on client-side improvements.) : '''-y''' Send log information using the syslog(3) system module. By default this information is sent to stderr. : ssh may additionally obtain configuration data from a per-user configuration file and a system-wide configuration file. The file format and configuration options are described in ssh_config(5). ===AUTHENTICATION=== : The OpenSSH SSH client supports SSH protocol 2. : The methods available for authentication are: '''GSSAPI-based''' authentication, '''host-based''' authentication, '''public key''' authentication, '''keyboard-interactive''' authentication, and '''password''' authentication. Authentication methods are tried in the order specified above, though PreferredAuthentications can be used to change the default order. : '''Host-based authentication''' works as follows: If the machine the user logs in from is listed in '''/etc/hosts.equiv''' or '''/etc/ssh/shosts.equiv''' on the remote machine, the user is non-root and the user names are the same on both sides, or if the files '''~/.rhosts''' or '''~/.shosts '''exist in the user's home directory on the remote machine and contain a line containing the name of the client machine and the name of the user on that machine, the user is considered for login. Additionally, the server must be able to verify the client's host key (see the description of '''/etc/ssh/ssh_known_hosts''' and '''~/.ssh/known_hosts''', below) for login to be permitted. This authentication method closes security holes due to IP spoofing, DNS spoofing, and routing spoofing. : [Note to the administrator: '''/etc/hosts.equiv''', '''~/.rhosts''', and the '''rlogin/rsh''' protocol in general, are inherently insecure and should be disabled if security is desired.] : '''Public key authentication''' works as follows: The scheme is based on public-key cryptography, using cryptosystems where encryption and decryption are done using separate keys, and it is unfeasible to derive the decryption key from the encryption key. The idea is that each user creates a '''public/private key pair''' for authentication purposes. The server knows the public key, and only the user knows the private key. ssh implements public key authentication protocol automatically, using one of the '''DSA''', '''ECDSA''', '''Ed25519''' or '''RSA''' algorithms. The HISTORY section of ssl(8) (on non-OpenBSD systems, see http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=8#HISTORY) contains a brief discussion of the '''DSA''' and '''RSA''' algorithms. : The file '''~/.ssh/authorized_keys''' lists the public keys that are permitted for logging in. When the user logs in, the ssh program tells the server which key pair it would like to use for authentication. The client proves that it has access to the private key and the server checks that the corresponding public key is authorized to accept the account. : The server may inform the client of errors that prevented public key authentication from succeeding after authentication completes using a different method. These may be viewed by increasing the LogLevel to DEBUG or higher (e.g. by using the -v flag). : The user creates their key pair by running ssh-keygen(1). This stores the private key in '''~/.ssh/id_dsa''' (DSA), '''~/.ssh/id_ecdsa''' (ECDSA), '''~/.ssh/id_ecdsa_sk''' (authenticator-hosted ECDSA), '''~/.ssh/id_ed25519''' (Ed25519), '''~/.ssh/id_ed25519_sk''' (authenticator-hosted Ed25519), or '''~/.ssh/id_rsa''' (RSA) and stores the public key in '''~/.ssh/id_dsa.pub''' (DSA), '''~/.ssh/id_ecdsa.pub''' (ECDSA), '''~/.ssh/id_ecdsa_sk.pub''' (authenticator-hosted ECDSA), '''~/.ssh/id_ed25519.pub''' (Ed25519), '''~/.ssh/id_ed25519_sk.pub''' (authenticator-hosted Ed25519), or '''~/.ssh/id_rsa.pub''' (RSA) in the user's home directory. The user should then copy the public key to '''~/.ssh/authorized_keys''' in their home directory on the remote machine. The authorized_keys file corresponds to the conventional '''~/.rhosts''' file, and has one key per line, though the lines can be very long. After this, the user can log in without giving the password. : A variation on public key authentication is available in the form of certificate authentication: instead of a set of public/private keys, signed certificates are used. This has the advantage that a single trusted certification authority can be used in place of many public/private keys. See the CERTIFICATES section of ssh-keygen(1) for more information. : The most convenient way to use public key or certificate authentication may be with an authentication agent. See ssh-agent(1) and (optionally) the AddKeysToAgent directive in ssh_config(5) for more information. : '''Keyboard-interactive authentication''' works as follows: The server sends an arbitrary "challenge" text and prompts for a response, possibly multiple times. Examples of keyboard-interactive authentication include BSD Authentication (see login.conf(5)) and PAM (some non-OpenBSD systems). : Finally, if other authentication methods fail, ssh prompts the user for a password. The password is sent to the remote host for checking; however, since all communications are encrypted, the password cannot be seen by someone listening on the network. : ssh automatically maintains and checks a database containing identification for all hosts it has ever been used with. Host keys are stored in ~/.ssh/known_hosts in the user's home directory. : Additionally, the file '''/etc/ssh/ssh_known_hosts''' is automatically checked for known hosts. Any new hosts are automatically added to the user's file. If a host's identification ever changes, ssh warns about this and disables password authentication to prevent server spoofing or man-in-the-middle attacks, which could otherwise be used to circumvent the encryption. The '''StrictHostKeyChecking''' option can be used to control logins to machines whose host key is not known or has changed. : When the user's identity has been accepted by the server, the server either executes the given command in a non-interactive session or, if no command has been specified, logs into the machine and gives the user a normal shell as an interactive session. All communication with the remote command or shell will be automatically encrypted. : If an interactive session is requested ssh by default will only request a pseudo-terminal (pty) for interactive sessions when the client has one. The flags '''-T''' and '''-t''' can be used to override this behaviour. : If a pseudo-terminal has been allocated the user may use the escape characters noted below. : If no pseudo-terminal has been allocated, the session is transparent and can be used to reliably transfer binary data. On most systems, setting the escape character to “none” will also make the session transparent even if a tty is used. : The session terminates when the command or shell on the remote machine exits and all X11 and TCP connections have been closed. ===ESCAPE CHARACTERS=== : When a pseudo-terminal has been requested, ssh supports a number of functions through the use of an escape character. : A single tilde character can be sent as ~~ or by following the tilde by a character other than those described below. The escape character must always follow a newline to be interpreted as special. The escape character can be changed in configuration files using the EscapeChar configuration directive or on the command line by the -e option. : The supported escapes (assuming the default ‘~’) are: : '''~.''' Disconnect. : '''~^Z''' Background ssh. : '''~#''' List forwarded connections. : '''~&''' Background ssh at logout when waiting for forwarded connection / X11 sessions to terminate. : '''~?''' Display a list of escape characters. : '''~B''' Send a BREAK to the remote system (only useful if the peer supports it). : '''~C''' Open command line. Currently this allows the addition of port forwardings using the -L, -R and -D options (see above). It also allows the cancellation of existing port-forwardings with -KL[bind_address:]port for local, -KR[bind_address:]port for remote and -KD[bind_address:]port for dynamic port-forwardings. !command allows the user to execute a local command if the '''PermitLocalCommand''' option is enabled in ssh_config(5). Basic help is available, using the -h option. : '''~R''' Request rekeying of the connection (only useful if the peer supports it). : '''~V''' Decrease the verbosity (LogLevel) when errors are being written to stderr. : '''~v''' Increase the verbosity (LogLevel) when errors are being written to stderr. ===TCP FORWARDING=== : Forwarding of arbitrary TCP connections over a secure channel can be specified either on the command line or in a configuration file. One possible application of TCP forwarding is a secure connection to a mail server; another is going through firewalls. : In the example below, we look at encrypting communication for an IRC client, even though the IRC server it connects to does not directly support encrypted communication. This works as follows: the user connects to the remote host using ssh, specifying the ports to be used to forward the connection. After that it is possible to start the program locally, and ssh will encrypt and forward the connection to the remote server. : The following example tunnels an IRC session from the client to an IRC server at “server.example.com”, joining channel “#users”, nickname “pinky”, using the standard IRC port, 6667: <code>ssh -f -L 6667:localhost:6667 server.example.com sleep 10</code> <code>irc -c '#users' pinky IRC/127.0.0.1</code> : The -f option backgrounds ssh and the remote command “sleep 10” is specified to allow an amount of time (10 seconds, in the example) to start the program which is going to use the tunnel. If no connections are made within the time specified, ssh will exit. ===X11 FORWARDING=== : If the ForwardX11 variable is set to “yes” (or see the description of the -X, -x, and -Y options above) and the user is using X11 (the DISPLAY environment variable is set), the connection to the X11 display is automatically forwarded to the remote side in such a way that any X11 programs started from the shell (or command) will go through the encrypted channel, and the connection to the real X server will be made from the local machine. The user should not manually set DISPLAY. Forwarding of X11 connections can be configured on the command line or in configuration files. : The DISPLAY value set by ssh will point to the server machine, but with a display number greater than zero. This is normal, and happens because ssh creates a “proxy” X server on the server machine for forwarding the connections over the encrypted channel. : ssh will also automatically set up '''Xauthority''' data on the server machine. For this purpose, it will generate a random authorization cookie, store it in Xauthority on the server, and verify that any forwarded connections carry this cookie and replace it by the real cookie when the connection is opened. The real authentication cookie is never sent to the server machine (and no cookies are sent in the plain). : If the '''ForwardAgent''' variable is set to “yes” (or see the description of the -A and -a options above) and the user is using an authentication agent, the connection to the agent is automatically forwarded to the remote side. ===VERIFYING HOST KEYS=== : When connecting to a server for the first time, a fingerprint of the server's public key is presented to the user (unless the option '''StrictHostKeyChecking''' has been disabled). Fingerprints can be determined using ssh-keygen(1): <code>ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key</code> : If the fingerprint is already known, it can be matched and the key can be accepted or rejected. If only legacy (MD5) fingerprints for the server are available, the ssh-keygen(1) -E option may be used to downgrade the fingerprint algorithm to match. : Because of the difficulty of comparing host keys just by looking at fingerprint strings, there is also support to compare host keys visually, using random art. By setting the '''VisualHostKey''' option to “yes”, a small ASCII graphic gets displayed on every login to a server, no matter if the session itself is interactive or not. By learning the pattern a known server produces, a user can easily find out that the host key has changed when a completely different pattern is displayed. Because these patterns are not unambiguous however, a pattern that looks similar to the pattern remembered only gives a good probability that the host key is the same, not guaranteed proof. : To get a listing of the fingerprints along with their random art for all known hosts, the following command line can be used: <code>ssh-keygen -lv -f ~/.ssh/known_hosts</code> : If the fingerprint is unknown, an alternative method of verification is available: SSH fingerprints verified by DNS. An additional resource record (RR), SSHFP, is added to a zonefile and the connecting client is able to match the fingerprint with that of the key presented. : In this example, we are connecting a client to a server, “host.example.com”. The SSHFP resource records should first be added to the zonefile for host.example.com: <code>ssh-keygen -r host.example.com</code> : The output lines will have to be added to the zonefile. To check that the zone is answering fingerprint queries: <code>dig -t SSHFP host.example.com</code> : Finally the client connects: <pre> $ ssh -o "VerifyHostKeyDNS ask" host.example.com [...] Matching host key fingerprint found in DNS. Are you sure you want to continue connecting (yes/no)? </pre> : See the VerifyHostKeyDNS option in ssh_config(5) for more information. ===SSH-BASED VIRTUAL PRIVATE NETWORKS=== : ssh contains support for Virtual Private Network (VPN) tunnelling using the tun(4) network pseudo-device, allowing two networks to be joined securely. The sshd_config(5) configuration option '''PermitTunnel''' controls whether the server supports this, and at what level (layer 2 or 3 traffic). : The following example would connect client network 10.0.50.0/24 with remote network 10.0.99.0/24 using a point-to-point connection from 10.1.1.1 to 10.1.1.2, provided that the SSH server running on the gateway to the remote network, at 192.168.1.15, allows it. : On the client: <code>ssh -f -w 0:1 192.168.1.15 true</code> <code>ifconfig tun0 10.1.1.1 10.1.1.2 netmask 255.255.255.252</code> <code>route add 10.0.99.0/24 10.1.1.2</code> : On the server: <code>ifconfig tun1 10.1.1.2 10.1.1.1 netmask 255.255.255.252</code> <code>route add 10.0.50.0/24 10.1.1.1</code> : Client access may be more finely tuned via the /root/.ssh/authorized_keys file (see below) and the PermitRootLogin server option. The following entry would permit connections on tun(4) device 1 from user “jane” and on tun device 2 from user “john”, if '''PermitRootLogin''' is set to “forced-commands-only”: <pre> tunnel="1",command="sh /etc/netstart tun1" ssh-rsa ... jane tunnel="2",command="sh /etc/netstart tun2" ssh-rsa ... john </pre> : Since an SSH-based setup entails a fair amount of overhead, it may be more suited to temporary setups, such as for wireless VPNs. More permanent VPNs are better provided by tools such as ipsecctl(8) and isakmpd(8). ===ENVIRONMENT=== : ssh will normally set the following environment variables: : '''DISPLAY''' The DISPLAY variable indicates the location of the X11 server. It is automatically set by ssh to point to a value of the form “hostname:n”, where “hostname” indicates the host where the shell runs, and ‘n’ is an integer ≥ 1. ssh uses this special value to forward X11 connections over the secure channel. The user should normally not set DISPLAY explicitly, as that will render the X11 connection insecure (and will require the user to manually copy any required authorization cookies). : '''HOME''' Set to the path of the user's home directory. : '''LOGNAME''' Synonym for USER; set for compatibility with systems that use this variable. : '''MAIL''' Set to the path of the user's mailbox. : '''PATH''' Set to the default PATH, as specified when compiling ssh. : '''SSH_ASKPASS''' If ssh needs a passphrase, it will read the passphrase from the current terminal if it was run from a terminal. If ssh does not have a terminal associated with it but DISPLAY and SSH_ASKPASS are set, it will execute the program specified by SSH_ASKPASS and open an X11 window to read the passphrase. This is particularly useful when calling ssh from a .xsession or related script. (Note that on some machines it may be necessary to redirect the input from /dev/null to make this work.) : '''SSH_ASKPASS_REQUIRE''' Allows further control over the use of an askpass program. If this variable is set to “never” then ssh will never attempt to use one. If it is set to “prefer”, then ssh will prefer to use the askpass program instead of the TTY when requesting passwords. Finally, if the variable is set to “force”, then the askpass program will be used for all passphrase input regardless of whether DISPLAY is set. : '''SSH_AUTH_SOCK''' Identifies the path of a UNIX-domain socket used to communicate with the agent. : '''SSH_CONNECTION''' Identifies the client and server ends of the connection. The variable contains four space-separated values: client IP address, client port number, server IP address, and server port number. : '''SSH_ORIGINAL_COMMAND''' This variable contains the original command line if a forced command is executed. It can be used to extract the original arguments. : '''SSH_TTY''' This is set to the name of the tty (path to the device) associated with the current shell or command. If the current session has no tty, this variable is not set. : '''SSH_TUNNEL''' Optionally set by sshd(8) to contain the interface names assigned if tunnel forwarding was requested by the client. : '''SSH_USER_AUTH''' Optionally set by sshd(8), this variable may contain a pathname to a file that lists the authentication methods successfully used when the session was established, including any public keys that were used. : '''TZ''' This variable is set to indicate the present time zone if it was set when the daemon was started (i.e. the daemon passes the value on to new connections). : '''USER''' Set to the name of the user logging in. : Additionally, ssh reads '''~/.ssh/environment''', and adds lines of the format “VARNAME=value” to the environment if the file exists and users are allowed to change their environment. For more information, see the '''PermitUserEnvironment''' option in sshd_config(5). ===FILES=== : '''~/.rhosts''' : This file is used for host-based authentication (see above). On some machines this file may need to be world-readable if the user's home directory is on an NFS partition, because sshd(8) reads it as root. Additionally, this file must be owned by the user, and must not have write permissions for anyone else. The recommended permission for most machines is read/write for the user, and not accessible by others. : '''~/.shosts''' : This file is used in exactly the same way as .rhosts, but allows host-based authentication without permitting login with rlogin/rsh. : '''~/.ssh/''' : This directory is the default location for all user-specific configuration and authentication information. There is no general requirement to keep the entire contents of this directory secret, but the recommended permissions are read/write/execute for the user, and not accessible by others. : '''~/.ssh/authorized_keys''' : Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used for logging in as this user. The format of this file is described in the sshd(8) manual page. This file is not highly sensitive, but the recommended permissions are read/write for the user, and not accessible by others. : '''~/.ssh/config''' : This is the per-user configuration file. The file format and configuration options are described in ssh_config(5). Because of the potential for abuse, this file must have strict permissions: read/write for the user, and not writable by others. It may be group-writable provided that the group in question contains only the user. : '''~/.ssh/environment''' : Contains additional definitions for environment variables; see ENVIRONMENT, above. : '''~/.ssh/id_dsa''' : '''~/.ssh/id_ecdsa''' : '''~/.ssh/id_ecdsa_sk''' : '''~/.ssh/id_ed25519''' : '''~/.ssh/id_ed25519_sk''' : '''~/.ssh/id_rsa''' : Contains the private key for authentication. These files contain sensitive data and should be readable by the user but not accessible by others (read/write/execute). ssh will simply ignore a private key file if it is accessible by others. It is possible to specify a passphrase when generating the key which will be used to encrypt the sensitive part of this file using AES-128. : '''~/.ssh/id_dsa.pub''' : '''~/.ssh/id_ecdsa.pub''' : '''~/.ssh/id_ecdsa_sk.pub''' : '''~/.ssh/id_ed25519.pub''' : '''~/.ssh/id_ed25519_sk.pub''' : '''~/.ssh/id_rsa.pub''' : Contains the public key for authentication. These files are not sensitive and can (but need not) be readable by anyone. : '''~/.ssh/known_hosts''' : Contains a list of host keys for all hosts the user has logged into that are not already in the systemwide list of known host keys. See sshd(8) for further details of the format of this file. : '''~/.ssh/rc''' : Commands in this file are executed by ssh when the user logs in, just before the user's shell (or command) is started. See the sshd(8) manual page for more information. : '''/etc/hosts.equiv''' : This file is for host-based authentication (see above). It should only be writable by root. : '''/etc/ssh/shosts.equiv''' : This file is used in exactly the same way as hosts.equiv, but allows host-based authentication without permitting login with rlogin/rsh. : '''/etc/ssh/ssh_config''' : Systemwide configuration file. The file format and configuration options are described in ssh_config(5). : '''/etc/ssh/ssh_host_key''' : '''/etc/ssh/ssh_host_dsa_key''' : '''/etc/ssh/ssh_host_ecdsa_key''' : '''/etc/ssh/ssh_host_ed25519_key''' : '''/etc/ssh/ssh_host_rsa_key''' : These files contain the private parts of the host keys and are used for host-based authentication. : '''/etc/ssh/ssh_known_hosts''' : Systemwide list of known host keys. This file should be prepared by the system administrator to contain the public host keys of all machines in the organization. It should be world-readable. See sshd(8) for further details of the format of this file. : '''/etc/ssh/sshrc''' : Commands in this file are executed by ssh when the user logs in, just before the user's shell (or command) is started. See the sshd(8) manual page for more information. ===EXIT STATUS=== : ssh exits with the exit status of the remote command or with 255 if an error occurred. ===SEE ALSO=== : scp(1), sftp(1), ssh-add(1), ssh-agent(1), ssh-argv0(1), ssh-keygen(1), ssh-keyscan(1), tun(4), ssh_config(5), ssh-keysign(8), sshd(8) ===STANDARDS=== * S. Lehtinen and C. Lonvick, The Secure Shell (SSH) Protocol Assigned Numbers, RFC 4250, January 2006. * T. Ylonen and C. Lonvick, The Secure Shell (SSH) Protocol Architecture, RFC 4251, January 2006. * T. Ylonen and C. Lonvick, The Secure Shell (SSH) Authentication Protocol, RFC 4252, January 2006. * T. Ylonen and C. Lonvick, The Secure Shell (SSH) Transport Layer Protocol, RFC 4253, January 2006. * T. Ylonen and C. Lonvick, The Secure Shell (SSH) Connection Protocol, RFC 4254, January 2006. * J. Schlyter and W. Griffin, Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints, RFC 4255, January 2006. * F. Cusack and M. Forssen, Generic Message Exchange Authentication for the Secure Shell Protocol (SSH), RFC 4256, January 2006. * J. Galbraith and P. Remaker, The Secure Shell (SSH) Session Channel Break Extension, RFC 4335, January 2006. * M. Bellare, T. Kohno, and C. Namprempre, The Secure Shell (SSH) Transport Layer Encryption Modes, RFC 4344, January 2006. * B. Harris, Improved Arcfour Modes for the Secure Shell (SSH) Transport Layer Protocol, RFC 4345, January 2006. * M. Friedl, N. Provos, and W. Simpson, Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006. * J. Galbraith and R. Thayer, The Secure Shell (SSH) Public Key File Format, RFC 4716, November 2006. * D. Stebila and J. Green, Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer, RFC 5656, December 2009. * A. Perrig and D. Song, Hash Visualization: a New Technique to improve Real-World Security, 1999, International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC '99). ===AUTHORS=== : OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt and Dug Song removed many bugs, re-added newer features and created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. BSD February 6, 2022 BSD t4ghxtauft4l9amorg4wbaw5smje8ot 0 128 436 2023-05-16T12:01:09Z Noob 1 Created page with "Man pages, short for manual pages, are the standard form of documentation on a Unix-like system like Ubuntu 22.04. They provide detailed information about commands, system calls, library routines, and other components of the system. Man pages serve as a comprehensive reference, explaining the function of these components, their syntax, options, return values, and more. ==Accessing Man Pages== To access a man page for a specific command or program, use the man command f..." 436 wikitext text/x-wiki Man pages, short for manual pages, are the standard form of documentation on a Unix-like system like Ubuntu 22.04. They provide detailed information about commands, system calls, library routines, and other components of the system. Man pages serve as a comprehensive reference, explaining the function of these components, their syntax, options, return values, and more. ==Accessing Man Pages== To access a man page for a specific command or program, use the man command followed by the name of the command or program. For example, to view the man page for the ls command, you would type: <code>man ls</code> This will bring up the man page for ls, which you can scroll through using the arrow keys. To exit, press '''q'''. ===Sections of Man Pages=== In Ubuntu 20.04 and other Linux distributions, man pages are typically stored in several directories under /usr/share/man. These directories are organized by sections, which are represented by numbers. The sections are as follows: :* 1 '''User commands''' (Executable programs or shell commands) :* 2 '''System calls''' (Functions provided by the kernel) :* 3 '''Library calls''' (Functions within program libraries) :* 4 '''Special files''' (Files found in /dev) :* 5 '''File formats and conventions''' :* 6 '''Games''' :* 7 '''Miscellaneous''' (including macro packages and conventions) :* 8 '''System administration commands''' (usually only for root) :* 9 '''Kernel routines''' (Non-standard) To access a man page in a specific section, you can specify the section number before the topic. For example, to access the system call read, you would type: <code>man 2 read</code> ===Searching Man Pages=== If you're not sure what command or program you're looking for, you can search the man pages using the '''apropos''' command followed by a keyword. For example, to find commands related to "copy", you would type: <code>apropos copy</code> This will return a list of man pages related to the keyword "copy". Conclusion Man pages are a vital resource for users and administrators of Ubuntu 22.04, providing in-depth information on how to use and understand the system's various components. Understanding how to read and navigate man pages can greatly enhance your proficiency with the system. Please note that man pages can sometimes be quite technical and may not be the easiest resource for beginners. Other resources, such as online tutorials, guides, and community forums, can often provide more accessible explanations and examples. ==Find the License of Man Pages== The man pages in Ubuntu also use a variety of licenses, depending on the specific software and authors' preferences. As mentioned in my previous response, common licenses used for man pages in Ubuntu distributions include the GNU General Public License (GPL), GNU Lesser General Public License (LGPL), BSD License, MIT License, and Apache License. To find the specific license for a particular man page in Ubuntu 20.04, you can look at the copyright information typically found at the bottom of the man page or consult the package documentation. Additionally, you can check the '''/usr/share/doc/<package_name>/copyright''' file, where '''<package_name>''' is the name of the package you are interested in. Please note that some man pages may use other licenses or have custom licensing terms specified by the authors. Always refer to the documentation and copyright information for the specific man page or software package to determine its licensing terms. ===find the location of a specific man page=== To find the location of a specific man page, you can use the '''manpath''' command to display the search path for man pages, and the '''man -w <command>''' command to find the location of a specific man page. Replace '''<command>''' with the command or topic you are looking for. For example: :* The '''manpath''' command will show the directories where man pages are stored <code>manpath</code> :* The '''man -w <package>''' command will display the location of the '''<package>''' command's man page. Example: :<code>man -w ls</code> Will display the location of the '''ls''' command's man page. The output will show the full path to the man page file, such as '''/usr/share/man/man1/ls.1.gz''' Please note that man pages are usually compressed using gzip, so the file extensions will often be .gz. To read the man page, use the man command, as it automatically decompresses the file: <code>man ls</code> The License of the '''ls''' man page is '''GPLv3+''' <br> The "GPL-3+" means that the man page is licensed under the GNU General Public License version 3 or any later version. <pre> COPYRIGHT Copyright © 2020 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. </pre> ==Example of finding the license of the '''mc''' man page== : The '''mc''' "''midnight commander''" package is not installed on ubuntu by default: <code>sudo apt install mc</code><br> : Check the '''man mc''' page for license of the '''man''' for '''mc''' <code>man mc</code> <pre> LICENSE This program is distributed under the terms of the GNU General Public License as published by the Free Software Foundation. See the built-in help for details on the License and the lack of warranty. </pre> The easiest way to find the license of a man page is to look for the license or copyright information within the man page itself, as you've done with the 'mc' man page. In some cases, the man page may not include the license information, and you will need to look for the copyright information in the package documentation instead. To find the package documentation, you can check the '''/usr/share/doc/<package_name>/copyright''' file, where '''<package_name>''' is the name of the package you are interested in. For the 'mc' package, you can find the copyright file using the following command: <code>cat /usr/share/doc/mc/copyright</code> This command will display the copyright and license information for the 'mc' package, which should also cover the associated man page. In the case of the 'mc' man page, the license information is already provided in the man page itself, stating that the program is distributed under the terms of the GNU General Public License. ===OutPut from <code>cat /usr/share/doc/mc/copyright</code>=== <pre> Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: Midnight Commander Source: http://www.midnight-commander.org/downloads Copyright: 1996-2021 Free Software Foundation License: GPL-3+ Comment: This package was debianized on Tue Apr 1 14:32:15 1997 by Paul Seelig <pseelig@mail.uni-mainz.de>. Files: * Copyright: 1991-1992,1994-2021 Free Software Foundation 1996 andrey joukov <2:5020/337.13@fidonet.org> 2002 ARJ Software Russia 2003 Alexander Serkov <serkov@ukrpost.net> 1992-1998 Andrew Tridgell 1995 Ian Jackson <iwj10@cus.cam.ac.uk> 2008 Jacques Pelletier <jpelletier@ieee.org> 1996-1997 Joseph M. Hinkle <jhinkle@rockisland.com> 1998 John H Terpstra <jht@aquasoft.com.au> 1990-1998 Karl Auer 2005-2006 Leonard den Ottolander <leonard den ottolander nl> 1996-1998 Luke Kenneth Casson Leighton 1995-1996 Miguel de Icaza 2000-2001 Oskar Liljeblad <osk@hem.passagen.se> 1996 Paul Sheer 2003 Pavel Roskin 2002 Petr Kozelka <pkozelka@email.cz> 1999 Piotr Roszatycki <dexter@debian.org> 1995-1998 Samba-Team 2001 Walery Studennikov <despair@sama.ru> 1997-1998 the University of Minnesota License: GPL-3+ Comment: See list of authors and contributors in file AUTHORS Note that all these authors assigned the copyright to FSF. Files: doc/doxygen-include.am m4.include/dx_doxygen.m4 Copyright: 2004,2007 Oren Ben-Kiki License: Apache-2.0 Files: misc/syntax/nemerle.syntax Copyright: 2004 the University of Wroclaw License: BSD-3-Clause Files: misc/syntax/meson.syntax Copyright: 2018 Vitold S License: Expat Files: debian/* Copyright: 2002-2004 Adam Byrtek <alpha@debian.org> 2011 Andreas Tille <tille@debian.org> 2002 Colin Watson <cjwatson@debian.org> 2008-2015 Denis Briand <debian@denis-briand.fr> 2012-2021 Dmitry Smirnov <onlyjob@debian.org> 1997 Fernando Alegre <alegre@debian.org> 2004-2007 Ludovic Drolez <ldrolez@debian.org> 1999-2001 Martin Bialasinski <martinb@debian.org> 1999 Martin Bialasinski <mc@internet-treff.uni-koeln.de> 1998-1999 Michael Bramer <grisu@debian.org> 2008-2009 Patrick Winnertz <winnie@debian.org> 1998 Paul Seelig <pseelig@goofy.zdv.uni-mainz.de> 2004-2007 Stefano Melchior <stefano.melchior@openlabs.it> 1997 Vincent Renardias <vincent@waw.com> 2008-2010 Yury V. Zaytsev <yury@shurup.com> License: GPL-2+ Files: src/vfs/smbfs/helpers/* Copyright: 2011 Free Software Foundation 1992-1998 Andrew Tridgell 1995-1998 Samba-Team 1998 John H Terpstra <jht@aquasoft.com.au> License: GPL-3+ Files: m4.include/gnulib/fsusage.m4 m4.include/gnulib/sys_types_h.m4 m4.include/gnulib/windows-stat-inodes.m4 Copyright: 1997-2018 Free Software Foundation, Inc. License: FSFULLR This file is free software; the Free Software Foundation gives unlimited permission to copy and/or distribute it, with or without modifications, as long as this notice is preserved. Files: m4.include/ax_gcc_func_attribute.m4 Copyright: 2013 Gabriele Svelto <gabriele.svelto@gmail.com> License: FSF-Install Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. This file is offered as-is, without any warranty. License: Apache-2.0 Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at . http://www.apache.org/licenses/LICENSE-2.0 . Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. ․ On Debian systems, the complete text of the Apache License, Version 2.0 can be found in "/usr/share/common-licenses/Apache-2.0". License: BSD-3-Clause Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The name of the University may not be used to endorse or promote products derived from this software without specific prior written permission. . THIS SOFTWARE IS PROVIDED BY THE UNIVERSITY ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE UNIVERSITY BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. License: Expat Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: ․ The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. ․ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. License: GPL-2+ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. ․ This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. ․ On Debian systems, the complete text of the GNU General Public License Version 2 can be found in "/usr/share/common-licenses/GPL-2". License: GPL-3+ This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. ․ This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. ․ On Debian systems, the complete text of the GNU General Public License Version 3 can be found in "/usr/share/common-licenses/GPL-3". </pre> Based on the information from the '''/usr/share/doc/mc/copyright''' file, the license for the Midnight Commander man page would be '''"GPL-3+"''', as indicated in the following section of the file: <pre> Files: * Copyright: 1991-1992,1994-2021 Free Software Foundation ... License: GPL-3+ </pre> The "GPL-3+" means that the man page is licensed under the GNU General Public License version 3 or any later version. ==Export a 'man' page== To export a man page in a readable format for copy and paste, you can use the man command with the '''-P''' flag to output the content to a specific pager, such as cat. To export a man page in a readable format for copy and paste, you can use the man command with the -P flag to output the content to a specific pager, such as cat. Alternatively, you can use man with the col command to remove any formatting characters. The '''-P''' flag in the man command allows you to specify a pager to view the manual page. A pager is a program that helps you read and navigate through text, such as less (default pager), more, or cat. To use the man command with the '''-P''' flag, follow this syntax: <code>man -P <pager> <command></code> Replace '''<pager>''' with the pager you want to use (e.g., cat, less, more) and '''<command>''' with the command you want to view the manual page for. For example, if you want to view the ssh man page using the cat pager: <code>man -P cat ssh</code> This will output the ssh man page without any pagination, making it easy to copy and paste the content. Keep in mind that using cat as the pager will output the entire man page at once, which might be overwhelming for very long pages. To navigate through the content, you may want to use less or more instead. '''Alternatively''', you can use man with the '''col''' command to remove any formatting characters. For example, to view the ssh man page in a plain text format: <code>man ssh | col -bx</code> If you want to save the output to a file for easy copy and paste, you can redirect the output to a file: <code>man ssh | col -bx > ssh_man_page.txt</code> Now you can open the '''ssh_man_page.txt''' file with a text editor. otvhdsczp6f0urvv6x91d7crjpspize 0 129 446 2023-07-10T22:38:27Z AwesomO 5 Created page with "==prerequisite== * LXD - Basic knowledge , install LXD and launch a container * Terminal: will be using the terminal. == Create a container == <code>lxc launch ubuntu:2204 nix</code> <code>lxc exec nix bash</code> <code>apt update && apt upgrade -y</code> == Optional steps for the paranoid == The default Ubuntu containers come with a user named '''ubuntu'''. In a new container, this user does not have a password set and can run sudo without being prompted for a pa..." 446 wikitext text/x-wiki ==prerequisite== * LXD - Basic knowledge , install LXD and launch a container * Terminal: will be using the terminal. == Create a container == <code>lxc launch ubuntu:2204 nix</code> <code>lxc exec nix bash</code> <code>apt update && apt upgrade -y</code> == Optional steps for the paranoid == The default Ubuntu containers come with a user named '''ubuntu'''. In a new container, this user does not have a password set and can run sudo without being prompted for a password. This configuration is not ideal from a security perspective. === Create a new user === Next, we will create a new user named '''nix''' and set a password for this user. This user will be used for the rest of the setup and general use of the container. Create the new user: <code>adduser nix</code> Follow the prompts to set a password and provide any other requested information. ====Adding new user to '''sudoers''' file==== '''WARNING''': Be cautious while editing the sudoers file as errors could lead to some serious issues with the system. A syntax error in the sudoers file could potentially lock out all users from gaining superuser privileges. * Note: by default in Ubuntu when you use '''visudo''' the default terminal editor is '''nano''' <code>visudo</code> Once you're in the editor, you can navigate using the arrow keys. Go down to the section that looks like this: <pre> # User privilege specification root ALL=(ALL:ALL) ALL </pre> Below the root user line, add a similar line for the 'nix' user: <pre> nix ALL=(ALL:ALL) ALL </pre> press <code>CTRL O</code> to write to file and <code>CTRL X</code> to exit. === Delete the 'ubuntu' user === Now that we have a new, secure user set up, we can delete the default ubuntu user for added security. Delete the ubuntu user: <code>deluser --remove-home ubuntu</code> Now, switch to the new nix user: <code>su - nix</code> You now have a container set up with the nix user. This user is more secure than the default ubuntu user because it requires a password for sudo operations. You can now proceed with the rest of your setup process. ==Download and install== If you did not follow the '''Optional steps for the paranoid''' change user to '''ubuntu''' * <code>su - ubuntu</code> <code>wget https://nixos.org/nix/install</code> * install using '''Single-user installation''' <code>sh install --no-daemon</code> Return Output:<br> <pre> ubuntu@nix:~$ sh install --no-daemon downloading Nix 2.16.1 binary tarball for x86_64-linux from 'https://releases.nixos.org/nix/nix-2.16.1/nix-2.16.1-x86_64-linux.tar.xz' to '/tmp/nix-binary-tarball-unpack.g0HlgbTnoO'... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 21.0M 100 21.0M 0 0 5176k 0 0:00:04 0:00:04 --:--:-- 5178k Note: a multi-user installation is possible. See https://nixos.org/manual/nix/stable/installation/installing-binary.html#multi-user-installation performing a single-user installation of Nix... directory /nix does not exist; creating it by running 'mkdir -m 0755 /nix && chown ubuntu /nix' using sudo copying Nix to /nix/store................................................. installing 'nix-2.16.1' building '/nix/store/2bdqkggqrhiwrklp7y9sfrqdkrw9xihd-user-environment.drv'... unpacking channels... modifying /home/ubuntu/.profile... Installation finished! To ensure that the necessary environment variables are set, either log in again, or type . /home/ubuntu/.nix-profile/etc/profile.d/nix.sh in your shell. </pre> * set necessary environment variables <code>. /home/ubuntu/.nix-profile/etc/profile.d/nix.sh</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>. /home/ubuntu/.nix-profile/etc/profile.d/nix.sh</code> <div class="mw-collapsible-content"> Let's break down the command <code>. /home/ubuntu/.nix-profile/etc/profile.d/nix.sh</code>: : '''.''' (also known as source in bash): This is a shell built-in command which reads and executes commands from the file specified as its argument, in the current shell environment. So it is as if they were typed at the keyboard. : <code>/home/ubuntu/.nix-profile/etc/profile.d/nix.sh</code> This is the full path of the script that is sourced. When you execute the command <code>. /home/ubuntu/.nix-profile/etc/profile.d/nix.sh</code>, you are essentially telling your shell to execute the commands in the nix.sh file within the same shell you're currently running. This is done instead of starting a new shell process, which would be the case if you ran the script like a typical shell script with bash /path/to/script.sh or ./script.sh. The nix.sh script contains environment variable settings and possibly other setup needed for using Nix packages. By running this script with ., these environment settings are preserved in your current shell. The '''.''' command is often used in configuration and startup scripts where you want settings within a script to affect your current shell's environment. </div> </div> == Channels == A channel in Nix is a collection of Nix expressions (the packages available for installation) that are versioned and updated together. In other words, a channel in Nix is similar to a repository in other types of package management systems. ===List channels=== <code>nix-channel --list</code> * Output: <pre> nixpkgs https://nixos.org/channels/nixpkgs-unstable </pre> ===Update channels=== When you update your channels (with the nix-channel --update command), you're downloading the latest set of package expressions from the channels you are subscribed to. <code>nix-channel --update</code> ===Search a package=== Syntax: <code>nix search nixpkgs <PACKAGE_NAME></code> <code>nix search nixpkgs bluefish</code> * Return Output: <pre> ubuntu@nix:~$ nix search nixpkgs bluefish error: experimental Nix feature 'nix-command' is disabled; use '--extra-experimental-features nix-command' to override </pre> FIX:<br> <code>nix search nixpkgs bluefish --extra-experimental-features nix-command</code> *Return Ouput: <pre> error: experimental Nix feature 'flakes' is disabled; use '--extra-experimental-features flakes' to override </pre> FIX: <code>nix search nixpkgs bluefish --extra-experimental-features nix-command --extra-experimental-features flakes</code> * Ruturn output: <pre> * legacyPackages.x86_64-linux.bluefish (2.2.12) A powerful editor targeted towards programmers and webdevelopers trace: warning: qt5 now uses makeScopeWithSplicing which does not have "overrideScope'", use "overrideScope". </pre> <div class="toccolours mw-collapsible mw-collapsed"> This warning is a developer-oriented message and doesn't directly impact you as an end-user: <div class="mw-collapsible-content"> The trace: warning message is intended for the maintainers of the package you're trying to install (in this case, the bluefish package from nixpkgs). Nix is telling us that the qt5 package (which bluefish may depend on) has switched to a different method for managing its internal dependencies. More specifically, it's switched to a method called makeScopeWithSplicing. This is just a way that Nix organizes and overrides dependencies within packages. It seems like qt5 previously used something called overrideScope', but it now uses makeScopeWithSplicing. The overrideScope' method is no longer available in this context, so the warning is instructing developers to use makeScopeWithSplicing instead when they're working on the qt5 package or packages that depend on it. For you as an end-user, there is no action required unless the warning turns into an error or if the package does not work as expected. The package should still install and function normally. This warning is more of an FYI for people maintaining or developing with these packages. </div> </div> Bluefish is a GUI program and we have not setup container for X forwarding so lets try cowsay. <code>nix search nixpkgs cowsay --extra-experimental-features nix-command --extra-experimental-features flakes</code> * Return output: ** Note: the package name is after <code>legacyPackages.x86_64-linux.</code> ** <code>legacyPackages.x86_64-linux.<PACKAGE_NAME></code> <pre> * legacyPackages.x86_64-linux.charasay (3.0.0) The future of cowsay - Colorful characters saying something * legacyPackages.x86_64-linux.cowsay (3.7.0) A program which generates ASCII pictures of a cow with a message * legacyPackages.x86_64-linux.emacsPackages.cowsay (20210510.1540) * legacyPackages.x86_64-linux.neo-cowsay (2.0.1) Cowsay reborn, written in Go * legacyPackages.x86_64-linux.pokemonsay (1.0.0) Print pokemon in the CLI! An adaptation of the classic cowsay * legacyPackages.x86_64-linux.ponysay (2021-03-27) Cowsay reimplemention for ponies * legacyPackages.x86_64-linux.tewisay (2022-11-04) Cowsay replacement with unicode and partial ansi escape support * legacyPackages.x86_64-linux.xcowsay (1.6) Tool to display a cute cow and messages </pre> ===Install a package=== <code>nix-env -iA nixpkgs.pokemonsay</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>nix-env -iA nixpkgs.pokemonsay</code> <div class="mw-collapsible-content"> The command '''nix-env -iA nixpkgs.pokemonsay''' is used to install the pokemonsay package from the nixpkgs channel in Nix. Here's a breakdown of the command: : nix-env: This is the main command used for user environment management in Nix. It can install, upgrade, and remove software, among other tasks. : -iA: This is a combination of two options. -i stands for install and -A stands for attribute. The -A option allows you to install a package using its attribute path (nixpkgs.pokemonsay in this case), which is often more reliable than using the package name. : nixpkgs.pokemonsay: This is the attribute path of the package you want to install. nixpkgs is the name of the channel, and pokemonsay is the name of the package in that channel. So, when you run nix-env -iA nixpkgs.pokemonsay, Nix will look for the pokemonsay package in the nixpkgs channel and install it into your user environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Understanding -A flag in Nix commands: <div class="mw-collapsible-content"> The command '''nix-env -i <package>''' installs a package by its name rather than its attribute path. For example, '''nix-env -i firefox''' will install the Firefox browser. This command can sometimes lead to ambiguity because multiple versions of the same package may be available in the channel, or there may be similarly-named packages. This is why it is often recommended to install packages using the -A flag and the package's attribute path, like '''nix-env -iA nixpkgs.firefox'''. It's important to note that while the attribute path usually includes the package name, it might also include other information. For instance, a channel might have separate attributes for different versions of a package, or for the same package built with different options. Here's a little more information on the difference between these two commands: * '''nix-env -i <package>''': This command installs a package by its name. The name is a human-readable identifier for the package, like "firefox". * '''nix-env -iA <attribute path>''': This command installs a package by its attribute path. The attribute path is a precise identifier for the package within a channel, like "nixpkgs.firefox". This command is more reliable because it is more specific. If you're uncertain about the attribute path for a package, you can find it by searching the package in the [https://nixos.org/nixos/packages.html Nix Packages Search] page. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Where does Nix Package Manager install packages? <div class="mw-collapsible-content"> When you install a package using Nix, the package's files are installed into a directory in the Nix store, which is typically located at '''/nix/store'''. Each package gets its own unique directory in the Nix store, which includes a hash of the package's dependencies to ensure isolation and reproducibility. For example, if you install the '''pokemonsay''' package, you might end up with a directory like '''/nix/store/abcd1234-pokemonsay-0.0.1''' (the actual hash will be different). The binary executables of a package are typically located in the '''bin''' subdirectory of the package's directory in the Nix store. For example, the '''pokemonsay''' executable might be located at '''/nix/store/abcd1234-pokemonsay-0.0.1/bin/pokemonsay'''. When you install a package with '''nix-env -i''', Nix creates symlinks in your user profile (usually in '''/nix/var/nix/profiles''') to the package's files in the Nix store. When you run a command like '''pokemonsay''', your shell finds the '''pokemonsay''' executable through these symlinks. The result is that each user can have their own set of installed packages, and packages can be installed, upgraded, and removed atomically and without interfering with each other. </div> </div> ====using pokemonsay==== '''pokemonsay''' is a fun little command line utility that generates an ASCII picture of a random Pokemon saying a message you provide. Here's how to use it: <code>pokemonsay -p Pikachu "Greetings fellow Noob"</code> <div class="toccolours mw-collapsible mw-collapsed"> Explain Syntax: <code>pokemonsay -p Pikachu "Greetings fellow Noob"</code> <div class="mw-collapsible-content"> * '''pokemonsay''' is the main command. It's the name of the program you're running. It generates an ASCII art image of a Pokémon saying a message. * '''-p Pikachu''' is an option given to the pokemonsay command. The -p flag specifies that the next argument will be the name of the Pokémon you want to use. In this case, you're asking for Pikachu. ** '''See list of Pokemon''' Use: <code>pokemonsay -l</code> * '''"Greetings fellow Noob"''' is the message you're asking Pikachu to say. The quotes are used to group the words together into a single argument to the command. Without the quotes, each word would be treated as a separate argument, which is not what you want in this case. </div> </div> <code>pokemonsay --help</code> for more info. ===Upgrade a package=== To upgrade a package installed with Nix, you can use the following command: <code>nix-env -uA nixpkgs.pokemonsay</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>nix-env -uA nixpkgs.pokemonsay</code> <div class="mw-collapsible-content"> The command '''nix-env -uA nixpkgs.pokemonsay''' is used to upgrade the pokemonsay package from the nixpkgs channel in Nix. Here's a breakdown of the command: : nix-env: This is the main command used for user environment management in Nix. It can install, upgrade, and remove software, among other tasks. : -uA: This is a combination of two options. -u stands for upgrade and -A stands for attribute. The -A option allows you to upgrade a package using its attribute path (nixpkgs.pokemonsay in this case), which is often more reliable than using the package name. : nixpkgs.pokemonsay: This is the attribute path of the package you want to upgrade. nixpkgs is the name of the channel, and pokemonsay is the name of the package in that channel. When you run '''nix-env -uA nixpkgs.pokemonsay''', Nix will look for the pokemonsay package in the nixpkgs channel and upgrade it in your user environment. To upgrade all installed packages in your user environment, you can use the command <code>nix-env -u</code> without specifying a package. </div> </div> ===Check for updates=== To check for updates to the packages installed on your system without actually installing them, you can use the `nix-env -u` command in "dry run" mode by including the `--dry-run` option. The command would look like this: <code>nix-env -u --dry-run</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>nix-env -u --dry-run</code> <div class="mw-collapsible-content"> The '''nix-env -u --dry-run''' command will list the updates available for the packages installed on your system without actually applying the updates. : '''nix-env''' : This is the main command used for user environment management in Nix. : '''-u''' : This flag stands for update. When used alone, it will update all installed packages to their latest versions. : '''--dry-run''' : This option prevents the command from actually installing the updates. Instead, it just shows what updates would be installed if you ran the command without the --dry-run option. </div> </div> ===List installed packages=== To list the packages that you have installed using Nix, you can use the nix-env -q command. If you want to see more details, including the version number, you can use the --verbose flag: <code>nix-env -q --verbose</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>nix-env -q --verbose</code> <div class="mw-collapsible-content"> The '''nix-env -q --verbose''' command lists all installed packages, showing their names and versions: : '''nix-env''' : This is the main command used for user environment management in Nix. It can install, upgrade, and remove software, among other tasks. : '''-q''' : This option stands for "query". It lists the installed packages. : '''--verbose''' : This option shows more detailed information, including the version number of each installed package. </div> </div> ===Check for specific package version=== To check the version of a specific package available in the Nix packages channel, you can use the `nix-env -qaP` command with a regex pattern matching the package name: <code>nix-env -qaP '.*pokemonsay.*'</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>nix-env -qaP '.*pokemonsay.*'</code> <div class="mw-collapsible-content"> The '''nix-env -qaP '.*pokemonsay.*''' command queries the Nix packages channel for available versions of 'pokemonsay', and shows the latest version that is available in the channel. : '''nix-env''' : This is the main command used for user environment management in Nix. : '''-qaP''' : These options stand for "query available --attr-path". It queries the available packages in the Nix packages channel and shows their attribute paths and versions. : '''.*pokemonsay.*''' : This is a regex pattern matching the package name. It will match any package name that contains 'pokemonsay'. ::* '''.*''': This part of the pattern matches any number of any characters. The . means "any character", and the * means "zero or more times". ::* '''pokemonsay'''': This is the sequence of characters that you want to find. ::* '''.*''': This part of the pattern matches any number of any characters after 'pokemonsay'. </div> </div> Certainly, here's the formatted wiki entry: ===Remove/Uninstall a Package=== To remove or uninstall a package that you have installed using Nix, you can use the nix-env -e command followed by the package name: <code>nix-env -e pokemonsay</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>nix-env -e pokemonsay</code> <div class="mw-collapsible-content"> The '''nix-env -e pokemonsay''' command uninstalls the 'pokemonsay' package from your user environment in Nix. Here's a breakdown of the command: : '''nix-env''': This is the main command used for user environment management in Nix. : '''-e''': This option stands for "erase", which is used to remove a package. : '''pokemonsay''': This is the name of the package that you want to remove. You should use the same name format that nix-env -q uses when it lists your installed packages. After running this command, the 'pokemonsay' package will be removed from your user environment. To confirm the package has been removed successfully, you can run the nix-env -q command again and you should not see the uninstalled package in the list of installed packages. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Troubleshooting: Uninstalling a Package <div class="mw-collapsible-content"> In case you encounter an error similar to the following: <code>warning: selector 'nixpkgs.pokemonsay' matched no installed derivations</code> This might mean that the package name you're trying to uninstall does not match exactly with the installed version. You should use the name format that appears when you list your installed packages with the `nix-env -q` command. </div> </div> This command will only remove the package from your user environment. The package's files will remain in the Nix store (/nix/store) until you run a garbage collection operation, which you can do with the nix-collect-garbage command. This is because other users or profiles might still be using the package. The garbage collector in Nix works by deleting any packages from the Nix store that are no longer referenced by any profiles or by the Nix packages channel. This ensures that it's safe to delete the package: it won't break anything else that depends on it. gs1a157lhcrs6wm57naa8jweqbt4q7o 447 446 2023-07-17T13:45:21Z Noob 1 /* Remove/Uninstall a Package */ 447 wikitext text/x-wiki ==prerequisite== * LXD - Basic knowledge , install LXD and launch a container * Terminal: will be using the terminal. == Create a container == <code>lxc launch ubuntu:2204 nix</code> <code>lxc exec nix bash</code> <code>apt update && apt upgrade -y</code> == Optional steps for the paranoid == The default Ubuntu containers come with a user named '''ubuntu'''. In a new container, this user does not have a password set and can run sudo without being prompted for a password. This configuration is not ideal from a security perspective. === Create a new user === Next, we will create a new user named '''nix''' and set a password for this user. This user will be used for the rest of the setup and general use of the container. Create the new user: <code>adduser nix</code> Follow the prompts to set a password and provide any other requested information. ====Adding new user to '''sudoers''' file==== '''WARNING''': Be cautious while editing the sudoers file as errors could lead to some serious issues with the system. A syntax error in the sudoers file could potentially lock out all users from gaining superuser privileges. * Note: by default in Ubuntu when you use '''visudo''' the default terminal editor is '''nano''' <code>visudo</code> Once you're in the editor, you can navigate using the arrow keys. Go down to the section that looks like this: <pre> # User privilege specification root ALL=(ALL:ALL) ALL </pre> Below the root user line, add a similar line for the 'nix' user: <pre> nix ALL=(ALL:ALL) ALL </pre> press <code>CTRL O</code> to write to file and <code>CTRL X</code> to exit. === Delete the 'ubuntu' user === Now that we have a new, secure user set up, we can delete the default ubuntu user for added security. Delete the ubuntu user: <code>deluser --remove-home ubuntu</code> Now, switch to the new nix user: <code>su - nix</code> You now have a container set up with the nix user. This user is more secure than the default ubuntu user because it requires a password for sudo operations. You can now proceed with the rest of your setup process. ==Download and install== If you did not follow the '''Optional steps for the paranoid''' change user to '''ubuntu''' * <code>su - ubuntu</code> <code>wget https://nixos.org/nix/install</code> * install using '''Single-user installation''' <code>sh install --no-daemon</code> Return Output:<br> <pre> ubuntu@nix:~$ sh install --no-daemon downloading Nix 2.16.1 binary tarball for x86_64-linux from 'https://releases.nixos.org/nix/nix-2.16.1/nix-2.16.1-x86_64-linux.tar.xz' to '/tmp/nix-binary-tarball-unpack.g0HlgbTnoO'... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 21.0M 100 21.0M 0 0 5176k 0 0:00:04 0:00:04 --:--:-- 5178k Note: a multi-user installation is possible. See https://nixos.org/manual/nix/stable/installation/installing-binary.html#multi-user-installation performing a single-user installation of Nix... directory /nix does not exist; creating it by running 'mkdir -m 0755 /nix && chown ubuntu /nix' using sudo copying Nix to /nix/store................................................. installing 'nix-2.16.1' building '/nix/store/2bdqkggqrhiwrklp7y9sfrqdkrw9xihd-user-environment.drv'... unpacking channels... modifying /home/ubuntu/.profile... Installation finished! To ensure that the necessary environment variables are set, either log in again, or type . /home/ubuntu/.nix-profile/etc/profile.d/nix.sh in your shell. </pre> * set necessary environment variables <code>. /home/ubuntu/.nix-profile/etc/profile.d/nix.sh</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>. /home/ubuntu/.nix-profile/etc/profile.d/nix.sh</code> <div class="mw-collapsible-content"> Let's break down the command <code>. /home/ubuntu/.nix-profile/etc/profile.d/nix.sh</code>: : '''.''' (also known as source in bash): This is a shell built-in command which reads and executes commands from the file specified as its argument, in the current shell environment. So it is as if they were typed at the keyboard. : <code>/home/ubuntu/.nix-profile/etc/profile.d/nix.sh</code> This is the full path of the script that is sourced. When you execute the command <code>. /home/ubuntu/.nix-profile/etc/profile.d/nix.sh</code>, you are essentially telling your shell to execute the commands in the nix.sh file within the same shell you're currently running. This is done instead of starting a new shell process, which would be the case if you ran the script like a typical shell script with bash /path/to/script.sh or ./script.sh. The nix.sh script contains environment variable settings and possibly other setup needed for using Nix packages. By running this script with ., these environment settings are preserved in your current shell. The '''.''' command is often used in configuration and startup scripts where you want settings within a script to affect your current shell's environment. </div> </div> == Channels == A channel in Nix is a collection of Nix expressions (the packages available for installation) that are versioned and updated together. In other words, a channel in Nix is similar to a repository in other types of package management systems. ===List channels=== <code>nix-channel --list</code> * Output: <pre> nixpkgs https://nixos.org/channels/nixpkgs-unstable </pre> ===Update channels=== When you update your channels (with the nix-channel --update command), you're downloading the latest set of package expressions from the channels you are subscribed to. <code>nix-channel --update</code> ===Search a package=== Syntax: <code>nix search nixpkgs <PACKAGE_NAME></code> <code>nix search nixpkgs bluefish</code> * Return Output: <pre> ubuntu@nix:~$ nix search nixpkgs bluefish error: experimental Nix feature 'nix-command' is disabled; use '--extra-experimental-features nix-command' to override </pre> FIX:<br> <code>nix search nixpkgs bluefish --extra-experimental-features nix-command</code> *Return Ouput: <pre> error: experimental Nix feature 'flakes' is disabled; use '--extra-experimental-features flakes' to override </pre> FIX: <code>nix search nixpkgs bluefish --extra-experimental-features nix-command --extra-experimental-features flakes</code> * Ruturn output: <pre> * legacyPackages.x86_64-linux.bluefish (2.2.12) A powerful editor targeted towards programmers and webdevelopers trace: warning: qt5 now uses makeScopeWithSplicing which does not have "overrideScope'", use "overrideScope". </pre> <div class="toccolours mw-collapsible mw-collapsed"> This warning is a developer-oriented message and doesn't directly impact you as an end-user: <div class="mw-collapsible-content"> The trace: warning message is intended for the maintainers of the package you're trying to install (in this case, the bluefish package from nixpkgs). Nix is telling us that the qt5 package (which bluefish may depend on) has switched to a different method for managing its internal dependencies. More specifically, it's switched to a method called makeScopeWithSplicing. This is just a way that Nix organizes and overrides dependencies within packages. It seems like qt5 previously used something called overrideScope', but it now uses makeScopeWithSplicing. The overrideScope' method is no longer available in this context, so the warning is instructing developers to use makeScopeWithSplicing instead when they're working on the qt5 package or packages that depend on it. For you as an end-user, there is no action required unless the warning turns into an error or if the package does not work as expected. The package should still install and function normally. This warning is more of an FYI for people maintaining or developing with these packages. </div> </div> Bluefish is a GUI program and we have not setup container for X forwarding so lets try cowsay. <code>nix search nixpkgs cowsay --extra-experimental-features nix-command --extra-experimental-features flakes</code> * Return output: ** Note: the package name is after <code>legacyPackages.x86_64-linux.</code> ** <code>legacyPackages.x86_64-linux.<PACKAGE_NAME></code> <pre> * legacyPackages.x86_64-linux.charasay (3.0.0) The future of cowsay - Colorful characters saying something * legacyPackages.x86_64-linux.cowsay (3.7.0) A program which generates ASCII pictures of a cow with a message * legacyPackages.x86_64-linux.emacsPackages.cowsay (20210510.1540) * legacyPackages.x86_64-linux.neo-cowsay (2.0.1) Cowsay reborn, written in Go * legacyPackages.x86_64-linux.pokemonsay (1.0.0) Print pokemon in the CLI! An adaptation of the classic cowsay * legacyPackages.x86_64-linux.ponysay (2021-03-27) Cowsay reimplemention for ponies * legacyPackages.x86_64-linux.tewisay (2022-11-04) Cowsay replacement with unicode and partial ansi escape support * legacyPackages.x86_64-linux.xcowsay (1.6) Tool to display a cute cow and messages </pre> ===Install a package=== <code>nix-env -iA nixpkgs.pokemonsay</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>nix-env -iA nixpkgs.pokemonsay</code> <div class="mw-collapsible-content"> The command '''nix-env -iA nixpkgs.pokemonsay''' is used to install the pokemonsay package from the nixpkgs channel in Nix. Here's a breakdown of the command: : nix-env: This is the main command used for user environment management in Nix. It can install, upgrade, and remove software, among other tasks. : -iA: This is a combination of two options. -i stands for install and -A stands for attribute. The -A option allows you to install a package using its attribute path (nixpkgs.pokemonsay in this case), which is often more reliable than using the package name. : nixpkgs.pokemonsay: This is the attribute path of the package you want to install. nixpkgs is the name of the channel, and pokemonsay is the name of the package in that channel. So, when you run nix-env -iA nixpkgs.pokemonsay, Nix will look for the pokemonsay package in the nixpkgs channel and install it into your user environment. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Understanding -A flag in Nix commands: <div class="mw-collapsible-content"> The command '''nix-env -i <package>''' installs a package by its name rather than its attribute path. For example, '''nix-env -i firefox''' will install the Firefox browser. This command can sometimes lead to ambiguity because multiple versions of the same package may be available in the channel, or there may be similarly-named packages. This is why it is often recommended to install packages using the -A flag and the package's attribute path, like '''nix-env -iA nixpkgs.firefox'''. It's important to note that while the attribute path usually includes the package name, it might also include other information. For instance, a channel might have separate attributes for different versions of a package, or for the same package built with different options. Here's a little more information on the difference between these two commands: * '''nix-env -i <package>''': This command installs a package by its name. The name is a human-readable identifier for the package, like "firefox". * '''nix-env -iA <attribute path>''': This command installs a package by its attribute path. The attribute path is a precise identifier for the package within a channel, like "nixpkgs.firefox". This command is more reliable because it is more specific. If you're uncertain about the attribute path for a package, you can find it by searching the package in the [https://nixos.org/nixos/packages.html Nix Packages Search] page. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Where does Nix Package Manager install packages? <div class="mw-collapsible-content"> When you install a package using Nix, the package's files are installed into a directory in the Nix store, which is typically located at '''/nix/store'''. Each package gets its own unique directory in the Nix store, which includes a hash of the package's dependencies to ensure isolation and reproducibility. For example, if you install the '''pokemonsay''' package, you might end up with a directory like '''/nix/store/abcd1234-pokemonsay-0.0.1''' (the actual hash will be different). The binary executables of a package are typically located in the '''bin''' subdirectory of the package's directory in the Nix store. For example, the '''pokemonsay''' executable might be located at '''/nix/store/abcd1234-pokemonsay-0.0.1/bin/pokemonsay'''. When you install a package with '''nix-env -i''', Nix creates symlinks in your user profile (usually in '''/nix/var/nix/profiles''') to the package's files in the Nix store. When you run a command like '''pokemonsay''', your shell finds the '''pokemonsay''' executable through these symlinks. The result is that each user can have their own set of installed packages, and packages can be installed, upgraded, and removed atomically and without interfering with each other. </div> </div> ====using pokemonsay==== '''pokemonsay''' is a fun little command line utility that generates an ASCII picture of a random Pokemon saying a message you provide. Here's how to use it: <code>pokemonsay -p Pikachu "Greetings fellow Noob"</code> <div class="toccolours mw-collapsible mw-collapsed"> Explain Syntax: <code>pokemonsay -p Pikachu "Greetings fellow Noob"</code> <div class="mw-collapsible-content"> * '''pokemonsay''' is the main command. It's the name of the program you're running. It generates an ASCII art image of a Pokémon saying a message. * '''-p Pikachu''' is an option given to the pokemonsay command. The -p flag specifies that the next argument will be the name of the Pokémon you want to use. In this case, you're asking for Pikachu. ** '''See list of Pokemon''' Use: <code>pokemonsay -l</code> * '''"Greetings fellow Noob"''' is the message you're asking Pikachu to say. The quotes are used to group the words together into a single argument to the command. Without the quotes, each word would be treated as a separate argument, which is not what you want in this case. </div> </div> <code>pokemonsay --help</code> for more info. ===Upgrade a package=== To upgrade a package installed with Nix, you can use the following command: <code>nix-env -uA nixpkgs.pokemonsay</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>nix-env -uA nixpkgs.pokemonsay</code> <div class="mw-collapsible-content"> The command '''nix-env -uA nixpkgs.pokemonsay''' is used to upgrade the pokemonsay package from the nixpkgs channel in Nix. Here's a breakdown of the command: : nix-env: This is the main command used for user environment management in Nix. It can install, upgrade, and remove software, among other tasks. : -uA: This is a combination of two options. -u stands for upgrade and -A stands for attribute. The -A option allows you to upgrade a package using its attribute path (nixpkgs.pokemonsay in this case), which is often more reliable than using the package name. : nixpkgs.pokemonsay: This is the attribute path of the package you want to upgrade. nixpkgs is the name of the channel, and pokemonsay is the name of the package in that channel. When you run '''nix-env -uA nixpkgs.pokemonsay''', Nix will look for the pokemonsay package in the nixpkgs channel and upgrade it in your user environment. To upgrade all installed packages in your user environment, you can use the command <code>nix-env -u</code> without specifying a package. </div> </div> ===Check for updates=== To check for updates to the packages installed on your system without actually installing them, you can use the `nix-env -u` command in "dry run" mode by including the `--dry-run` option. The command would look like this: <code>nix-env -u --dry-run</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>nix-env -u --dry-run</code> <div class="mw-collapsible-content"> The '''nix-env -u --dry-run''' command will list the updates available for the packages installed on your system without actually applying the updates. : '''nix-env''' : This is the main command used for user environment management in Nix. : '''-u''' : This flag stands for update. When used alone, it will update all installed packages to their latest versions. : '''--dry-run''' : This option prevents the command from actually installing the updates. Instead, it just shows what updates would be installed if you ran the command without the --dry-run option. </div> </div> ===List installed packages=== To list the packages that you have installed using Nix, you can use the nix-env -q command. If you want to see more details, including the version number, you can use the --verbose flag: <code>nix-env -q --verbose</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>nix-env -q --verbose</code> <div class="mw-collapsible-content"> The '''nix-env -q --verbose''' command lists all installed packages, showing their names and versions: : '''nix-env''' : This is the main command used for user environment management in Nix. It can install, upgrade, and remove software, among other tasks. : '''-q''' : This option stands for "query". It lists the installed packages. : '''--verbose''' : This option shows more detailed information, including the version number of each installed package. </div> </div> ===Check for specific package version=== To check the version of a specific package available in the Nix packages channel, you can use the `nix-env -qaP` command with a regex pattern matching the package name: <code>nix-env -qaP '.*pokemonsay.*'</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>nix-env -qaP '.*pokemonsay.*'</code> <div class="mw-collapsible-content"> The '''nix-env -qaP '.*pokemonsay.*''' command queries the Nix packages channel for available versions of 'pokemonsay', and shows the latest version that is available in the channel. : '''nix-env''' : This is the main command used for user environment management in Nix. : '''-qaP''' : These options stand for "query available --attr-path". It queries the available packages in the Nix packages channel and shows their attribute paths and versions. : '''.*pokemonsay.*''' : This is a regex pattern matching the package name. It will match any package name that contains 'pokemonsay'. ::* '''.*''': This part of the pattern matches any number of any characters. The . means "any character", and the * means "zero or more times". ::* '''pokemonsay'''': This is the sequence of characters that you want to find. ::* '''.*''': This part of the pattern matches any number of any characters after 'pokemonsay'. </div> </div> Certainly, here's the formatted wiki entry: ===Remove/Uninstall a Package=== To remove or uninstall a package that you have installed using Nix, you can use the nix-env -e command followed by the package name: <code>nix-env -e pokemonsay</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>nix-env -e pokemonsay</code> <div class="mw-collapsible-content"> The '''nix-env -e pokemonsay''' command uninstalls the 'pokemonsay' package from your user environment in Nix. Here's a breakdown of the command: : '''nix-env''': This is the main command used for user environment management in Nix. : '''-e''': This option stands for "erase", which is used to remove a package. : '''pokemonsay''': This is the name of the package that you want to remove. You should use the same name format that nix-env -q uses when it lists your installed packages. After running this command, the 'pokemonsay' package will be removed from your user environment. To confirm the package has been removed successfully, you can run the nix-env -q command again and you should not see the uninstalled package in the list of installed packages. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Troubleshooting: Uninstalling a Package <div class="mw-collapsible-content"> In case you encounter an error similar to the following: <code>warning: selector 'nixpkgs.pokemonsay' matched no installed derivations</code> This might mean that the package name you're trying to uninstall does not match exactly with the installed version. You should use the name format that appears when you list your installed packages with the `nix-env -q` command. </div> </div> This command will only remove the package from your user environment. The package's files will remain in the Nix store (/nix/store) until you run a garbage collection operation, which you can do with the nix-collect-garbage command. This is because other users or profiles might still be using the package. The garbage collector in Nix works by deleting any packages from the Nix store that are no longer referenced by any profiles or by the Nix packages channel. This ensures that it's safe to delete the package: it won't break anything else that depends on it. ===Using nix-shell for Temporary Environment=== Nix-shell is a command that creates a temporary environment in your shell with certain packages available. The -p option allows you to specify the packages you want to include. For example, if you want to have gcc (the GNU Compiler Collection) available in your shell, you would use: <code>nix-shell -p gcc</code> <div class="toccolours mw-collapsible mw-collapsed"> Explanation: <code>nix-shell -p gcc</code> <div class="mw-collapsible-content"> The '''nix-shell -p gcc''' command creates a temporary environment with the specified packages available for use: : '''nix-shell''' : This command creates a temporary shell environment. It's a feature of Nix that lets you create an isolated environment for your shell, where you can make certain packages available without affecting your global environment. : '''-p gcc''' : The -p option specifies the packages you want to include in your temporary environment. In this case, 'gcc' is specified, so the GNU Compiler Collection will be available in the temporary environment. This command doesn't affect your global environment or other shells. This feature is useful if you want to test a certain package or need to use different versions of packages for different projects. It can also help with scripting, since you can specify exactly which packages a script needs to run. </div> </div> 8kyrc98ueso7byttmgy7abqkv50c5ok 0 130 448 2023-12-03T18:31:26Z Noob 1 Created page with "{{:LICENCE_HEADER_CC_BY-NC-SA_4.0}} <!-- This site is non commercial and is a concept development. <br> Note - this is quickly put together to test and demonstrate hosting heavy data content on IPFS. --> <b> NOTE: This page is for demonstration purposes Only, and is not meant to be hosted on CompleteNoobs.com which is not intended to contain CC_BY-NC-SA Licensed Content. <br> This page is CC_BY-NC-SA It is intended for a fork of "CompleteNoobs.com" called "CompleteNo..." 448 wikitext text/x-wiki {{:LICENCE_HEADER_CC_BY-NC-SA_4.0}} <!-- This site is non commercial and is a concept development. <br> Note - this is quickly put together to test and demonstrate hosting heavy data content on IPFS. --> <b> NOTE: This page is for demonstration purposes Only, and is not meant to be hosted on CompleteNoobs.com which is not intended to contain CC_BY-NC-SA Licensed Content. <br> This page is CC_BY-NC-SA It is intended for a fork of "CompleteNoobs.com" called "CompleteNoobz.com" <br> CompleteNoobz.com is a noncommercial mirror of CompleteNoobs.com Which can pullin CC_BY-NC-SA Licensed Content <br> This page is quickly put together to test and demonstrate hosting heavy data content on IPFS. <br> It is a first draft and required many more Reiterations, This content is first draft concept demonstration content. </b> ==Course Information== ===Source=== https://ocw.mit.edu/MIT OPEN COURSEWARE - MASSACHUSETTS INSTITUTE OF TECHNOLOGY.<br> Donations to support MIT Open Courseware <code>https://giving.mit.edu/give/to/ocw/</code><br> <br> https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/download/<br> https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/pages/assignments/<br> https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/lecture-videos/<br> ==Syllabus== <div class="toccolours mw-collapsible mw-collapsed"> Syllabus <div class="mw-collapsible-content"> ===Course Meeting Times=== Lectures: 2 sessions / week, 1 hour / session Recitations: 1 sessions / week, 1 hour / session ===Course Information=== 6.0001 Introduction to Computer Science and Programming in Python is intended for students with little or no programming experience. It aims to provide students with an understanding of the role computation can play in solving problems and to help students, regardless of their major, feel justifiably confident of their ability to write small programs that allow them to accomplish useful goals. The class will use the Python 3.5 programming language. This is a half-semester course. Students who successfully complete 6.0001 may continue into 6.0002 Introduction to Computational Thinking and Data Science, which is taught in the second half of the semester. ===Goals=== *Provide an understanding of the role computation can play in solving problems. *Help students, including those who do not plan to major in Computer Science and Electrical Engineering, feel confident of their ability to write small programs that allow them to accomplish useful goals. *Position students so that they can compete for research projects and excel in subjects with programming components. ===Textbook=== The textbook is Buy at MIT Press Guttag, John. Introduction to Computation and Programming Using Python: With Application to Understanding Data Second Edition. MIT Press, 2016. ISBN: 9780262529624. The book and the course lectures parallel each other, though there is more detail in the book about some topics. It is available both in hard copy and as an e-book. ===Lecture and Recitation Attendance=== A significant portion of the material for this course will presented only in lecture, so students are expected to regularly attend lectures. Recitations give students a chance to ask questions about the lecture material or the problem set for the given week. Sometimes, new material may be covered in recitation. Recitation attendance is encouraged but not required. ===Problem Sets and Quizzes=== Each problem set will involve programming in Python. There will be 6 problem sets in the course. There will be two quizzes. All quizzes will be closed-book, though you will be allowed to bring one page of notes to the first quiz and two pages of notes to the second quiz. Pages must be letter-sized, double-sided, either handwritten or typed. ===Grading Policy=== {| class="wikitable" |+ Grades will be roughly computed as follows: |- |ACTIVITIES |PERCENTAGES |- |Problem sets |30% |- |Completion of mandatory finger exercises |10% |- |Midterm Quiz |20% |- |Final Quiz |40% |} Problem sets will be graded out of 10 points. Submissions that do not run will receive at most 20% of the points. Please contact your Teaching Assistant if you have a problem understanding your problem set grade. Note: Quizzes and finger exercises are not available on OpenCourseWare. ===Extension and Dropping Problem Sets Policy=== We do not grant any extensions. Instead, we offer late days and the option of rolling at most 2 problem set grades into the final quiz score. ===Late Days=== At the beginning of the term, students are given two late days that they can use on problem sets. Starting with Problem Set 1, additional late days can be accumulated for each assignment, one late day for each day the assignment is turned in ahead of the deadline. Up to three late days may be accumulated in this fashion in this course, i.e you can only have a maximum of 3 late days at any point in time. Late days are discrete (a student cannot use half a late day). The staff will keep track of late days and feedback for each problem set will include the number of late days the student has remaining. Any additional late work beyond these late days will not be accepted. To avoid surprises, we suggest that after you submit your problem set, you double check to make sure the submission was uploaded correctly. ===Rolling Over Problem Sets=== Before the final quiz, we will send out an announcement in which you can choose at most 2 problem sets that you can drop. If dropped, the percent that the problem sets are worth will be rolled into the final quiz score. We strongly urge you to see the late days and dropping the problem sets as backup in case of an emergency. Your best strategy is to do the problem sets early before work starts to pile up. ===Calendar=== {| class="wikitable" |+ Calendar |- |SES # |TOPICS |ASSIGNMENTS |- |1 |What is computation? |Pset 0 released |- |2 |Branching and Iteration |Pset 1 released |- |3 |String Manipulation, Guess and Check, Approximations, Bisection |Pset 0 due |- |4 |Decomposition, Abstractions, Functions |Pset 2 released |- |5 |Tuples, Lists, Aliasing, Mutability, Cloning |Pset 1 due |- |6 |Recursion, Dictionaries |Pset 3 released |- |7 |Testing, Debugging, Exceptions, Assertions |Pset 2 due; Quiz 1 |- |8 |Object Oriented Programming | |- |9 |Python Classes and Inheritance |Pset 3 due; Pset 4 released |- |10 |Understanding Program Efficiency, Part 1 |Pset 4 due; Pset 5 released |- |11 |Understanding Program Efficiency, Part 2 | |- |12 |Searching and Sorting |Pset 5 due; Final Quiz |} </div> </div> ==Course Materials== ===Downloading Using IPFS=== <code>https://github.com/ipfs/ipfs-desktop/releases</code><br> [[IPFS_Basics|PFS Basics]] ===Software=== This class is using python3 IDE <b>spyder</b> which is in Anaconda3<br> https://www.anaconda.com/<br> How to install is on Problem Set 0<br> ===MIT6_0001F16_Style Guide=== Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/mit6_0001f16_styleguide/<br> IPFS:<code>QmUmtyNpSLr2fXwGY1gL2hNnpwbYe8Y7CP2rPwjSNXasxJ</code><br> ==Problem Set 0== Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/ps0/<br> IPFS:<code>QmRWpBvwUNiFRjSvgLjRoiCNXQBBL2aLg55PVfGWw7S1ns</code><br> ==Lecture 1: What is Computation?== {{#evu:https://www.youtube.com/watch?v=4-CmQesbQvw |alignment=inline }} <br> Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/lecture-1-what-is-computation/<br> IPFS:<code>QmaTdTMxWdz6ySLbx258zQU5McpJTo4ZEVJ63GSKmVEyeM</code><br> ===Glossary=== <div class="toccolours mw-collapsible mw-collapsed"> Glossary for lecture with timestamps: <div class="mw-collapsible-content"> Time: data<br> 2:10 pset = problem set<br> 12:18 [[Square_root]]<br> </div> </div> ===Video transcript=== <div class="toccolours mw-collapsible mw-collapsed"> Video transcript <div class="mw-collapsible-content"> <pre> The following content is provided under a Creative 0:03Commons license. 0:04Your support will help MIT OpenCourseWare 0:07continue to offer high-quality, educational resources for free. 0:11To make a donation, or view additional materials 0:13from hundreds of MIT courses, visit MIT OpenCourseWare 0:17at ocw.mit.edu. 0:29ANA BELL: All right. 0:30Let's begin. 0:33As I mentioned before, this lecture 0:35will be recorded for OCW. 0:37Again, in future lectures, if you 0:39don't want to have the back of your head show up, 0:41just don't sit in this front area here. 0:44First of all, wow, what a crowd, you guys. 0:46We're finally in 26-100. 0:486.0001 made it big, huh? 0:52Good afternoon and welcome to the very first class of 6.0001, 0:55and also 600, this semester. 0:58My name is Ana Bell. 1:00First name, Ana. 1:01Last name, Bell. 1:03I'm a lecturer in the EECS Department. 1:06And I'll be giving some of the lectures for today, 1:08along with later on in the term, Professor Eric Grimson, who's 1:13sitting right down there, will be giving some of the lectures, 1:15as well. 1:17Today we're going to go over some basic administrivia, 1:21a little bit of course information. 1:23And then, we're going to talk a little bit 1:24about what is computation? 1:26We'll discuss at a very high level 1:27what computers do just to make sure we're all 1:29on the same page. 1:31And then, we're going to dive right into Python basics. 1:34We're going to talk a little bit about mathematical operations 1:36you can do with Python. 1:38And then, we're going to talk about Python variables 1:40and types. 1:42As I mentioned in my introductory email, all 1:43the slides and code that I'll talk about during lectures 1:46will be up before lecture, so I highly 1:48encourage you to download them and to have them open. 1:52We're going to go through some in-class exercises which will 1:56be available on those slides. 1:57And it's fun to do. 1:59And it's also great if could take notes about the code just 2:07for future reference. 2:09It's true. 2:10This is a really fast-paced course, 2:12and we ramp up really quickly. 2:14We do want to position you to succeed in this course. 2:17As I was writing this, I was trying 2:19to think about when I was first starting 2:21to program what helped me get through my very 2:24first programming course. 2:26And this is really a good list. 2:29The first thing was I just read the psets as soon 2:31as they came out, made sure that the terminology just sunk in. 2:37And then, during lectures, if the lecturer 2:39was talking about something that suddenly I remembered, 2:42oh, I saw that word in the pset and I didn't know what it was. 2:45Well, hey, now I know what it is. 2:46Right? 2:47So just give it a read. 2:48You don't need to start it. 2:51If you're new to programming, I think the key word is practice. 2:55It's like math or reading. 2:57The more you practice, the better you get at it. 3:00You're not going to absorb programming 3:01by watching me write programs because I already know how 3:04to program. 3:05You guys need to practice. 3:07Download the code before lecture. 3:09Follow along. 3:10Whatever I type, you guys can type. 3:12And I think, also, one of the big things 3:14is if you're new to programming, you're 3:16kind of afraid that you're going to break your computer. 3:19And you can't really do that just by running Anaconda 3:24and typing in some commands. 3:26So don't be afraid to just type some stuff in 3:28and see what it does. 3:29Worst case, you just restart the computer. 3:35Yeah. 3:36That's probably the big thing right there. 3:38I should have probably highlighted it, 3:39but don't be afraid. 3:40Great. 3:41So this is pretty much a roadmap of all of 6.0001 or 600 3:46as I've just explained it. 3:47There's three big things we want to get out of this course. 3:51The first thing is the knowledge of concepts, 3:54which is pretty much true of any class that you'll take. 3:56The class will teach you something through lectures. 3:59Exams will test how much you know. 4:02This is a class in programming. 4:05The other thing we want you to get out of it 4:08is programming skills. 4:10And the last thing, and I think this 4:12is what makes this class really great, 4:13is we teach you how to solve problems. 4:16And we do that through the psets. 4:18That's really how I feel the roadmap of this course 4:21looks like. 4:22And underlying all of these is just practice. 4:25You have to just type some stuff away and code a lot. 4:29And you'll succeed in this course, I think. 4:33OK. 4:35So what are the things we're going to learn in this class? 4:38I feel like the things we're going learn in this class 4:41can be divided into basically three different sections. 4:44The first one is related to these first two items here. 4:50It's really about learning how to program. 4:53Learning how to program, part of it 4:55is figuring out what objects to create. 4:58You'll learn about these later. 5:00How do you represent knowledge with data structures? 5:02That's sort of the broad term for that. 5:04And then, as you're writing programs, 5:06you need to-- programs aren't just linear. 5:08Sometimes programs jump around. 5:10They make decisions. 5:11There's some control flow to programs. 5:13That's what the second line is going to be about. 5:18The second big part of this course 5:20is a little bit more abstract, and it 5:24deals with how do you write good code, good style, 5:29code that's readable. 5:30When you write code, you want to write it such 5:33that-- you're in big company, other people will read it, 5:35other people will use it, so it has 5:37to be readable and understandable by others. 5:40To that end, you need to write code 5:41that's well organized, modular, easy to understand. 5:48And not only that, not only will your code 5:50be read by other people, but next year, maybe, 5:53you'll take another course, and you'll 5:55want to look back at some of the problems 5:56that you wrote in this class. 5:58You want to be able to reread your code. 6:00If it's a big mess, you might not be able to understand-- 6:03or reunderstand-- what you were doing. 6:06So writing readable code and organizing code 6:08is also a big part. 6:10And the last section is going to deal with-- the first two 6:15are actually part of the programming in Introduction 6:19to Programming and Computer Science in Python. 6:21And the last one deals mostly with the computer science part 6:26in Introduction to Programming and Computer Science in Python. 6:29We're going to talk about, once you have learned 6:31how to write programs in Python, how do 6:33you compare programs in Python? 6:35How do you know that one program is better than the other? 6:38How do you know that one program is 6:39more efficient than the other? 6:41How do you know that one algorithm 6:42is better than the other? 6:45That's what we're going to talk about in the last part 6:47of the course. 6:48OK. 6:50That's all for the administrative part 6:52of the course. 6:54Let's start by talking at a high level what does a computer do. 6:59Fundamentally, it does two things. 7:03One, performs calculations. 7:05It performs a lot of calculations. 7:07Computers these days are really, really fast, 7:09a billion calculations per second is probably not far off. 7:15It performs these calculations and it 7:16has to store them somewhere. 7:18Right? 7:19Stores them in computer memory. 7:21So a computer also has to remember results. 7:24And these days, it's not uncommon to find computers 7:26with hundreds of gigabytes of storage. 7:30The kinds of calculations that computers do, 7:34there are two kinds. 7:35One are calculations that are built into the language. 7:37These are the very low level types 7:39of calculations, things like addition, 7:41subtraction, multiplication, and so on. 7:45And once you have a language that 7:47has these primitive calculation types, you, as a programmer, 7:53can put these types together and then define 7:55your own calculations. 7:57You can create new types of calculations. 8:00And the computer will be able to perform those, as well. 8:04I think, one thing I want to stress-- 8:07and we're going to come back to this 8:09again during this entire lecture, actually-- 8:12is computers only know what you tell them. 8:15Computers only do what you tell them to do. 8:18They're not magical. 8:19They don't have a mind. 8:22They just know how to perform calculations really, 8:24really quickly. 8:26But you have to tell them what calculations to do. 8:32Computers don't know anything. 8:34All right. 8:35We've come to that. 8:40Let's go into the types of knowledge. 8:44The first type of knowledge is declarative knowledge. 8:48And those are things like statements of fact. 8:50And this is where my email came into play. 8:53If you read it all the way to the bottom, 8:55you would have entered a raffle. 8:57So a statement of fact for today's lecture 8:59is, someone will win a prize before class ends. 9:03And the prize was a Google Cardboard. 9:06Google state-of-the-art virtual reality glasses. 9:09And I have them right here. 9:14Yea. 9:15I delivered on my promise. 9:18That's a statement of fact. 9:20So pretend I'm a machine. 9:22OK? 9:23I don't know anything except what you tell me. 9:26I don't know. 9:28I know that you tell me this statement. 9:30I'm like, OK. 9:31But how is someone going to win a Google Cardboard 9:33before class ends, right? 9:35That's where imperative knowledge comes in. 9:37Imperative knowledge is the recipe, or the how-to, 9:39or the sequence of steps. 9:42Sorry. 9:43That's just my funny for that one. 9:47So the sequence of steps is imperative knowledge. 9:53If I'm a machine, you need to tell me 9:57how someone will win a Google Cardboard before class. 10:00If I follow these steps, then technically, 10:02I should reach a conclusion. 10:06Step one, I think we've already done that. 10:08Whoever wanted to sign up has signed up. 10:11Now I'm going to open my IDE. 10:13I'm just basically being a machine 10:14and following the steps that you've told me. 10:17The IDE that we're using in this class is called Anaconda. 10:21I'm just scrolling down to the bottom. 10:25Hopefully, you've installed it in problem set zero. 10:28I've opened my IDE. 10:30I'm going to follow the next set of instructions. 10:34I'm going to choose a random number between the first 10:36and the nth responder. 10:39Now, I'm going to actually use Python to do this . 10:42And this is also an example of how just 10:44a really simple task in your life, 10:46you can use computers or programming to do that. 10:48Because if I chose a random number, 10:50I might be biased because, for example, 10:51I might like the number 8. 10:53To choose a random number, I'm going to go and say, OK, 10:57where's the list of responders? 10:58It starts at 15. 10:59Actually, it starts at 16 because that's me. 11:03We're going to choose a random number between 16 11:05and the end person 266. 11:09Oh, we just got-- oh. 11:11OK. 11:13OK. 11:13I'm going to cut it off right here. 11:15271. 11:15OK. 11:1616 and 271. 11:18Perfect. 11:19OK. 11:20I'm going to choose a random number. 11:21I'm going to go to my IDE. 11:22And you don't need to know how to do this yet, 11:24but by the end of this class, you will. 11:26I'm just going to use Python. 11:29I'm just going to get the random number package that's going 11:31to give me a random number. 11:32I'm going to say random.randint. 11:35And I'm going to choose a random number between 16 and 272, 11:40OK. 11:4175. 11:42OK. 11:43Great. 11:44I chose a random number. 11:45And I'm going to find the number in the responder's sheet. 11:48What was the number again? 11:49Sorry. 11:5175. 11:52OK. 11:54Up we go. 11:56There we go. 11:57Lauren Z-O-V. Yeah. 12:01Nice. 12:02You're here. 12:14Awesome. 12:16All right. 12:17That's an example of me being a machine and also, 12:21at the same time, using Python in my everyday life, 12:23just lecturing, to find a random number. 12:28Try to use Python wherever you can. 12:30And that just gives you practice. 12:34That was fun. 12:35But we're at MIT. 12:37We're MIT students. 12:39And we love numbers here at MIT. 12:41Here's a numerical example that shows 12:44the difference between declarative and imperative 12:46knowledge. 12:50An example of declarative knowledge 12:51is the square root of a number x is y such that y times y 12:54is equal to x. 12:57That's just a statement of fact It's true. 13:02Computers don't know what to do with that. 13:05They don't know what to do with that statement. 13:07But computers do know how to follow a recipe. 13:11Here's a well-known algorithm. 13:13To find the square root of a number x, 13:16let's say x is originally 16, if a computer follows 13:23this algorithm, it's going to start with a guess, g, 13:26let's say, 3. 13:28We're trying to find the square root of 16. 13:30We're going to calculate g times g is 9. 13:34And we're going to ask is if g times g 13:36is close enough to x, then stop and say, g is the answer. 13:39I'm not really happy with 9 being really close to 16. 13:42So I'm going to say, I'm not stopping here. 13:44I'm going to keep going. 13:47If it's not close enough, then I'm 13:48going to make a new guess by averaging g and x over g. 13:52That's x over g here. 13:54And that's the average over there. 13:57And the new average is going to be my new guess. 14:04And that's what it says. 14:05And then, the last step is using the new guess, 14:07repeat the process. 14:08Then we go back to the beginning and repeat the whole process 14:11over and over again. 14:13And that's what the rest of the rows do. 14:15And you keep doing this until you decide 14:16that you're close enough. 14:23What we saw for the imperative knowledge 14:25in the previous numerical example 14:26was the recipe for how to find the square root of x. 14:31What were the three parts of the recipe? 14:33One was a simple sequence of steps. 14:36There were four steps. 14:39The other was a flow of control, so there were 14:42parts where we made decisions. 14:45Are we close enough? 14:46There were parts where we repeated some steps. 14:49At the end, we said, repeat steps 1, 2, 3. 14:52That's the flow of control. 14:55And the last part of the recipe was a way to stop. 14:58You don't want a program that keeps going and going. 15:00Or for a recipe, you don't want to keep baking bread forever. 15:03You want to stop at some point. 15:05Like 10 breads is enough, right? 15:07So you have to have a way of stopping. 15:10In the previous example, the way of stopping 15:12was that we decided we were close enough. 15:15Close enough was maybe being within .01, .001, 15:20whatever you pick. 15:23This recipe is there for an algorithm. 15:26In computer science speak, it's going to be an algorithm. 15:29And that's what we're going to learn about in this class. 15:34We're dealing with computers. 15:35And we actually want to capture a recipe 15:37inside a computer, a computer being a mechanical process. 15:49Historically, there were two different types of computers. 15:55Originally, there were these things 15:57called fixed-program computers. 15:59And I'm old enough to have used something 16:02like this, where there's just numbers and plus, minus, 16:06multiplication, divide, and equal. 16:08But calculators these days are a lot more complicated. 16:11But way back then, an example of a fixed-program computer 16:15is this calculator. 16:16It only knows how to do addition, multiplication, 16:19subtraction, division. 16:20If you want to plot something, you can't. 16:22If you want to go on the internet, send email with it, 16:27you can't. 16:27It can only do this one thing. 16:31And if you wanted to create a machine that did another thing, 16:33then you'd have to create another fixed-program computer 16:37that did a completely separate test. 16:39That's not very great. 16:41That's when stored-program computers came into play. 16:45And these were machines that could store 16:47a sequence of instructions. 16:50And these machines could execute the sequence of instructions. 16:54And you could change the sequence of instructions 16:56and execute this different sequence of instructions. 17:00You could do different tasks in the same machine. 17:03And that's the computer as we know it these days. 17:07The central processing unit is where all of these decisions 17:11get made. 17:11And these are all the peripherals. 17:16The basic machine architecture-- at the heart of every computer 17:20there's just this basic architecture-- 17:25and it contains, I guess, four main parts. 17:28The first is the memory. 17:31Input and output is the other one. 17:34The ALU is where all of the operations are done. 17:39And the operations that the ALU can do 17:41are really primitive operations, addition, subtraction, 17:44and so on. 17:46What the memory contains is a bunch of data 17:52and your sequence of instructions. 18:00Interacting with the Arithmetic Logic Unit is the Control Unit. 18:03And the Control Unit contains one program counter. 18:07When you load a sequence of instructions, 18:09the program counter starts at the first sequence. 18:15It starts at the sequence, at the first instruction. 18:18It gets what the instruction is, and it sends it to the ALU. 18:22The ALU asks, what are we doing operations on here? 18:25What's happening? 18:27It might get some data. 18:29If you're adding two numbers, it might get two numbers 18:31from memory. 18:33It might do some operations. 18:34And it might store data back into memory. 18:37And after it's done, the ALU is going to go back, 18:41and the program counter is going to increase 18:43by 1, which means that we're going 18:45to go to the next sequence in the instruction set. 18:50And it just goes linearly, instruction by instruction. 18:53There might be one particular instruction 18:56that does some sort of test. 18:58It's going to say, is this particular value 19:07greater or equal to or the same as this other particular value? 19:11That's a test, an example of a test. 19:13And the test is going to either return true or false. 19:17And depending on the result of that test, 19:20you might either go to the next instruction, 19:24or you might set the program counter 19:26to go all the way back to the beginning, and so on. 19:29You're not just linearly stepping 19:32through all the instructions. 19:33There might be some control flow involved, 19:35where you might skip an instruction, 19:36or start from the beginning, or so on. 19:39And after you're done, when you finished 19:42executing the last instruction, then you 19:44might output something. 19:47That's really the basic way that a computer works. 19:53Just to recap, you have the stored program computer 19:55that contains these sequences of instructions. 19:59The primitive operations that it can do 20:00are addition, subtraction, logic operations, tests-- 20:06which are something equal to something else, something 20:08less than, and so on-- and moving data, 20:10so storing data, moving data around, and things like that. 20:14And the interpreter goes through every instruction 20:19and decides whether you're going to go to the next instruction, 20:22skip instructions, or repeat instructions, and so on. 20:28So we've talked about primitives. 20:30And in fact, Alan Turing, who was a really great computer 20:35scientist, he showed that you can compute anything 20:37using the six primitives. 20:38And the six primitives are move left, move right, read, write, 20:46scan, and do nothing. 20:49Using those six instructions and the piece of tape, 20:54he showed that you can compute anything. 20:57And using those six instructions, 21:00programming languages came about that 21:03created a more convenient set of primitives. 21:05You don't have to program in only these six commands. 21:11And one interesting thing, or one really important thing, 21:16that came about from these six primitives 21:19is that if you can compute something in Python, 21:22let's say-- if you write a program that computes something 21:25in Python, then, in theory, you can 21:28write a program that computes the exact same thing 21:31in any other language. 21:32And that's a really powerful statement. 21:36Think about that today when you review your slides. 21:39Think about that again. 21:40That's really powerful. 21:45Once you have your set of primitives 21:49for a particular language, you can start creating expressions. 21:53And these expressions are going to be 21:55combinations of the primitives in the programming language. 22:00And the expressions are going to have some value. 22:02And they're going up some meaning in the programming 22:05language. 22:08Let's do a little bit of a parallel with English 22:10just so you see what I mean. 22:14In English, the primitive constructs 22:15are going to be words. 22:17There's a lot of words in the English language. 22:19Programming languages-- in Python, there are primitives, 22:23but there aren't as many of them. 22:25There are floats, Booleans, these 22:28are numbers, strings, and simple operators, 22:31like addition, subtraction, and so on. 22:35So we have primitive constructs. 22:38Using these primitive constructs, 22:39we can start creating, in English, phrases, sentences, 22:48and the same in programming languages. 22:49In English, we can say something like, "cat, dog, boy. 22:54That, we say, is not syntactically valid. 22:58That's bad syntax. 23:00That's noun, noun, noun. 23:01That doesn't make sense. 23:05What does have good syntax in English is noun, verb, noun. 23:08So, "cat, hugs boy" is syntactically valid. 23:12Similarly, in a programming language, 23:14something like this-- in Python, in this case-- a word 23:18and then the number five doesn't really make sense. 23:20It's not syntactically valid. 23:22But something like operator, operand, operator is OK. 23:28So once you've created these phrases, or these expressions, 23:34that are syntactically valid, you 23:37have to think about the static semantics of your phrase, 23:41or of your expression. 23:45For example, in English, "I are hungry" is good syntax. 23:51But it's weird to say. 23:55We have a pronoun, a verb, and an adjective, which 23:58doesn't really make sense. 23:59"I am hungry" is better. 24:03This does not have good static semantics. 24:07Similarly, in programming languages-- 24:09and you'll get the hang of this the more 24:11you do it-- something like this, "3.2 times 5, is OK. 24:15But what does it mean? 24:17What's the meaning to have a word added to a number? 24:22There's no meaning behind that. 24:25Its syntax is OK, because you have 24:28operator, operand, operator. 24:30But it doesn't really make sense to add a number to a word, 24:32for example. 24:36Once you have created these expressions that 24:39are syntactically correct and static, semantically correct, 24:44in English, for example, you think about the semantics. 24:48What's the meaning of the phrase? 24:50In English, you can actually have more than one 24:52meaning to an entire phrase. 24:56In this case, "flying planes can be dangerous" 25:01can have two meanings. 25:02It's the act of flying a plane is dangerous, 25:04or the plane that is in the air is dangerous. 25:08And this might be a cuter example. 25:10"This reading lamp hasn't uttered a word 25:12since I bought it. 25:13What's going on?" 25:15So that has two meanings. 25:16It's playing on the word "reading lamp." 25:21That's in English. 25:21In English, you can have a sentence 25:23that has more than one meaning, that's 25:25syntactically correct and static, semantically correct. 25:28But in programming languages, the program that you write, 25:31the set of instructions that you write, only has one meaning. 25:34Remember, we're coming back to the fact 25:35that the computer only does what you tell it to do. 25:40It's not going to suddenly decide 25:42to add another variable for some reason. 25:46It's just going to execute whatever statements you've 25:49put up. 25:50In programming languages, there's only one meaning. 25:52But the problem that comes into play in programming languages 25:58is it's not the meaning that you might have 25:59intended, as the programmer. 26:03That's where things can go wrong. 26:05And there's going to be a lecture 26:07on debugging a little bit later in the course. 26:10But this is here just to tell you 26:12that if you see an error pop up in your program, 26:16it's just some text that says, error. 26:21For example, if we do something like this, 26:28this is syntactically correct. 26:30Incorrect. 26:31Syntactically incorrect. 26:32See? 26:32There's some angry text right here. 26:36What is going on? 26:37The more you program, the more you'll 26:39get the hang of reading these errors. 26:41But this is basically telling me the line 26:43that I wrote is syntactically incorrect. 26:45And it's pointing to the exact line and says, this is wrong, 26:49so I can go back and fix it as a programmer. 26:55Syntax errors are actually really easily caught by Python. 27:00That was an example of a syntax error. 27:02Static semantic errors can also be 27:04caught by Python as long as, if your program has some decisions 27:09to make, as long as you've gone down the branch where 27:13the static semantic error happens. 27:18And this is probably going to be the most frustrating one, 27:22especially as you're starting out. 27:23The program might do something different than what 27:25you expected it to do. 27:27And that's not because the program suddenly-- for example, 27:32you expected the program to give you an output of 0 27:34for a certain test case, and the output that you got was 10. 27:37Well, the program didn't suddenly 27:39decide to change its answer to 10. 27:42It just executed the program that you wrote. 27:48That's the case where the program gave you 27:50a different answer than expected. 27:53Programs might crash, which means they stop running. 27:55That's OK. 27:57Just go back to your code and figure out what was wrong. 28:00And another example of a different meaning 28:03than what you intended was maybe the program won't stop. 28:06It's also OK. 28:07There are ways to stop it besides restarting 28:10the computer. 28:12So then Python programs are going 28:17to be sequences of definitions and commands. 28:20We're going to have expressions that are going to be evaluated 28:25and commands that tell the interpreter to do something. 28:33If you've done problem set 0, you'll 28:35see that you can type commands directly 28:37in the shell here, which is the part on the right where 28:40I did some really simple things, 2 plus 4. 28:44Or you can type commands up in here, on the left-hand side, 28:49and then run your program. 28:52Notice that, well, we'll talk about this-- I 28:54won't talk about this now. 28:55But these are-- on the right-hand side, typically, 28:59you write very simple commands just if you're 29:01testing something out. 29:03And on the left-hand side here in the editor, 29:04you write more lines and more complicated programs. 29:15Now we're going to start talking about Python. 29:18And in Python, we're going to come back to this, 29:20everything is an object. 29:23And Python programs manipulate these data objects. 29:27All objects in Python are going to have a type. 29:30And the type is going to tell Python the kinds of operations 29:34that you can do on these objects. 29:37If an object is the number five, for example, 29:39you can add the number to another number, 29:42subtract the number, take it to the power of something, 29:45and so on. 29:47As a more general example, for example, I am a human. 29:51So that's my type. 29:52And I can walk, speak English, et cetera. 29:55Chewbacca is going to be a type Wookie. 29:59He can walk, do that sound that I can't do. 30:02He can do that, but I can't. 30:04I'm not even going to try, and so on. 30:09Once you have these Python objects, 30:11everything is an object in Python. 30:14There are actually two types of objects. 30:16One are scalar objects. 30:18That means these are very basic objects in Python from which 30:21everything can be made. 30:24These are scalar objects. 30:26That can't be subdivided. 30:28The other type of object is a non-scalar object. 30:31And these are objects that have some internal structure. 30:33For example, the number five is a scalar 30:36object because it can't be subdivided. 30:39But a list of numbers, for example, 5, 6, 30:417,8, is going to be a non-scalar object 30:45because you can subdivide it. 30:46You can subdivide it into-- you can find parts to it. 30:53It's made up of a sequence of numbers. 30:58Here's the list of all of the scalar objects in Python. 31:01We have integers, for example, all of the whole numbers. 31:05Floats, which are all of the real numbers, anything 31:10with a decimal. 31:11Bools are Booleans. 31:13There's only two values to Booleans. 31:16That's True and False. 31:18Note the capitalization, capital T and capital F. 31:23And this other thing called NoneType. 31:24It's special. 31:26It has only one value called None. 31:28And it represents the absence of a type. 31:30And it sometimes comes in handy for some programs. 31:34If you want to find the type of an object, 31:36you can use this special command called type. 31:39And then in the parentheses, you put down 31:41what you want to find the type of. 31:44You can write into the shell "type of 5," 31:47and the shell will tell you, that's an integer. 31:52If you happen to want to convert between two different types, 31:56Python allows you to do that. 31:58And to do that, you put the type that you 32:01want to convert to right before the object 32:03that you want to convert to. 32:05So float(3) will convert the integer 3 to the float 3.0. 32:12And similarly, you can convert any float into an integer. 32:16And converting to an integer just truncates. 32:20It just takes away the decimal and whatever's 32:22after it-- it does not round-- and keeps just the integer 32:26part. 32:30For this slide, I'm going to talk about it. 32:31But if you'd like if you have the slides up, 32:35go to go to this exercise. 32:37And after I'm done talking about the slide, 32:41we'll see what people think for that exercise. 32:45One of the most important things that you 32:47can do in basically any programming, 32:51in Python also, is to print things out. 32:55Printing out is how you interact with the user. 33:00To print things out, you use the print command. 33:04If you're in the shell, if you simply type "3 plus 2," 33:07you do see a value here. 33:09Five, right? 33:11But that's not actually printing something out. 33:13And that becomes apparent when you actually 33:18type things into the editor. 33:19If you just do "3 plus 2," and you run the program-- that's 33:23the green button here-- you see on the right-hand side here, 33:26it ran my program. 33:27But it didn't actually print anything. 33:30If you type this into the console, 33:32it does show you this value, but that's 33:33just like peeking into the value for you as a programmer. 33:39It's not actually printing it out to anyone. 33:41If you want to print something out, 33:42you have to use the print statement like that. 33:47In this case, this is actually going to print this number 33:50five to the console. 33:58That's basically what it says. 33:59It just tells you it's an interaction within the shell 34:01only. 34:02It's not interacting with anyone else. 34:04And if you don't have any "Out," that 34:06means it got printed out to the console. 34:09All right. 34:09We talked a little bit about objects. 34:13Once you have objects, you can combine objects and operators 34:16to form these expressions. 34:17And each expression is going to have a value. 34:19So an expression evaluates to a value. 34:22The syntax for an expression is going 34:24to be object, operator, object, like that. 34:30And these are some operators you can do on ints and floats. 34:34There's the typical ones, addition, subtraction, 34:36multiplication, and division. 34:38If, for the first three, the answer 34:43that you get-- the type of the answer that you get-- 34:45is going to depend on the type of your variables. 34:48If both of the variables of the operands are integers, 34:52then the result you're going to get is of type integer. 34:55But if at least one of them is a float, then 34:56the result you're going to get is a float. 34:58Division is a little bit special in that 35:02no matter what the operands are, the result 35:04is always going to be a float. 35:09The other operations you can do, and these are also useful, 35:14are the remainder, so the percent sign. 35:19If you use the percent sign between two operands, 35:22that's going to give you the remainder when you divide i 35:25by j. 35:28And raising something to the power of something else 35:30is using the star star operator. 35:32And i star stars j is going to take i to the power of j. 35:41These operations have the typical precedence 35:43that you might expect in math, for example. 35:47And if you'd like to put precedence 35:49toward some other operations, you 35:50can use parentheses to do that. 36:01All right. 36:03So we have ways of creating expressions. 36:07And we have operations we can do on objects. 36:13But what's going to be useful is to be able to save values 36:19to some name. 36:21And the name is going to be something that you pick. 36:24And it should be a descriptive name. 36:27And when you save the value to a name, 36:32you're going to be able to access that value later 36:36on in your program. 36:37And that's very useful. 36:40To save a value to a variable name, you use the equal sign. 36:49And the equal sign is an assignment. 36:51It assigns the right-hand side, which 36:53is a value, to the left-hand side, which 36:55is going to be a variable name. 36:59In this case, I assigned the float 3.14159 37:03to the variable pi. 37:05And in the second line, I'm going 37:08to take this expression, 22 divided by 7, 37:10I'm going to evaluate it. 37:13It's going to come up with some decimal number. 37:16And I'm going to save it into the variable pi_approx. 37:19values are stored in memory. 37:21And this assignment in Python, we 37:22say the assignment binds the name to the value. 37:26When you use that name later on in your program, 37:30you're going to be referring to the value in memory. 37:35And if you ever want to refer to the value 37:37later on in your code, you just simply type 37:39the name of the variable that you've assigned it to. 37:44So why do we want to give names to expressions? 37:48Well, you want to reuse the names instead of the values. 37:51And it makes your code look a lot nicer. 37:54This is a piece of code that calculates 37:56the area of a circle. 37:59And notice, I've assigned a variable pi to 3.14159. 38:03I've assigned another variable called radius to be 2.2. 38:07And then, later on in my code, I have another line 38:09that says area-- this is another variable-- is 38:12equal to-- this is an assignment-- 38:15to this expression. 38:17And this expression is referring to these variable names, pi 38:23and radius. 38:24And it's going look up their values in memory. 38:26And it's going to replace these variable names 38:29with those values. 38:30And it's going to do the calculation for me. 38:32And in the end, this whole expression 38:34is going to be replaced by one number. 38:36And it's going to be the float. 38:40Here's another exercise, while I'm talking about the slide. 38:45I do want to make a note about programming versus math. 38:49In math, you're often presented with a problem 38:55that says, solve for x. 38:57x plus y is equal to something something. 39:00Solve for x, for example. 39:03That's coming back to the fact that computers don't 39:09know what to do with that. 39:10Computers need to be told what to do. 39:12In programming, if you want to solve for x, 39:14you need to tell the computer exactly how to solve for x. 39:18You need to figure out what formula 39:20you need to give the computer in order to be 39:22able to solve for x. 39:25That means always in programming the right-hand side is 39:29going to be an expression. 39:33It's something that's going to be evaluated to a value. 39:35And the left-hand side is always a variable. 39:39It's going to be an assignment. 39:40The equal sign is not like in math 39:43where you can have a lot of things to the left 39:45and a lot of things to the right of the equal sign. 39:47There's only one thing to the left of the equal sign. 39:49And that's going to be a variable. 39:50An equal sign stands for an assignment. 39:53Once we've created expressions, and we have these assignments, 39:57you can rebind variable names using new assignment 39:59statements. 40:03Let's look at an example for that. 40:05Let's say this is our memory. 40:07Let's type back in the example with finding the radius. 40:13Let's say, pi is equal to 3.14. 40:19In memory, we're going to create this value 3.14. 40:22We're going to bind it to the variable named pi. 40:28Next line, radius is equal to 2.2. 40:31In memory, we're creating this value 2.2. 40:35And we're going to bind it to the variable named radius. 40:40Then we have this expression here. 40:44It's going to substitute the values for pi 40:46from memory and the value for radius from memory. 40:49It's going to calculate the value that this expression 40:54evaluates to. 40:56It's going to pop that into the memory. 40:57And it's going to assign-- because we're 40:59using the equal sign-- it's going 41:01to assign that value to that variable area. 41:08Now, let's say we rebind radius to be something else. 41:14Radius i is bound to the value 2.2. 41:21But when we do this line, radius is equal to radius plus 1, 41:24we're going to take away the binding to 2.2. 41:27We're going to do this calculation. 41:29The new value is 3.2. 41:31And we're going to rebind that value to that same variable. 41:38In memory, notice we're still going 41:40to have this value, 2.2, floating around. 41:43But we've lost the handle for it. 41:46There's no way to get it back. 41:48It's just in memory sitting there. 41:52At some point, it might get collected by what 41:55we call the garbage collector. 41:56In Python, And it'll retrieve these lost values, 42:00and it'll reuse them for new values, and things like that. 42:05But radius now points to the new value. 42:08We can never get back 2.2. 42:13And that's it. 42:16The value of area-- notice, this is very important. 42:18The value of area did not change. 42:23And it did not change because these are all the instructions 42:26we told the computer to do. 42:28We just told it to change radius to be radius plus 1. 42:33We never told it to recalculate the value of area. 42:37If I copied that line down here, then the value of area 42:41would change. 42:42But we never told it to do that. 42:44The computer only does what we tell it to do. 42:46That's the last thing. 42:47Next lecture, we're going to talk about adding control 42:51flow to our programs, so how do you tell the computer 42:53to do one thing or another? 42:55All right. </pre> </div> </div> ===Lecture Notes - lecture 1 py=== Source: https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/920cc911b6eb5747f2ccd431bbc4306b_lec1.py<br> <div class="toccolours mw-collapsible mw-collapsed"> lecture 1 py <div class="mw-collapsible-content"> <pre> pi = 3.14159 radius = 2.2 # area of circle equation <- this is a comment area = pi*(radius**2) print(area) # change values of radius <- another comment # use comments to help others understand what you are doing in code radius = radius + 1 print(area) # area doesn't change area = pi*(radius**2) print(area) ############################# #### COMMENTING LINES ####### ############################# # to comment MANY lines at a time, highlight all of them then CTRL+1 # do CTRL+1 again to uncomment them # try it on the next few lines below! #area = pi*(radius**2) #print(area) #radius = radius + 1 #area = pi*(radius**2) #print(area) ############################# #### AUTOCOMPLETE ####### ############################# # Spyder can autocomplete names for you # start typing a variable name defined in your program and hit tab # before you finish typing -- try it below # define a variable a_very_long_variable_name_dont_name_them_this_long_pls = 0 # below, start typing a_ve then hit tab... cool, right! # use autocomplete to change the value of that variable to 1 # use autocomplete to write a line that prints the value of that long variable # notice that Spyder also automatically adds the closed parentheses for you! </pre> </div> </div> ===pdf-Slides for Lecture 1=== Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/mit6_0001f16_lec1/<br> IPFS:<code>QmemB25bVuN2fuiAq3JaDM4J5MYit6HfCCsU3EFTWL7wpF</code><br> ===Problem Set 1=== Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/mit6_0001f16_ps1/<br> IPFS:<code>QmbxaDU9U4hquK4Dhb365nD5qG5eEFUM6NABqXRaux6tRB</code><br> ===Additional Python Resources === Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/mit6_0001f16_additional/<br> IPFS:<code>QmYWPVdHEbhmdFXNR9R46ey5eykyFPeCZ1joXE6z28L1VB</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Additional Python Resources: <div class="mw-collapsible-content"> If you're having trouble with a particular concept or simply want to have access to more information, try one of the following links. ====DOCUMENTATION==== * [[https://docs.python.org/3/library/index.html Official Python 3 Documentation]] - "official"/technical explanation of what a particular function/operator does, examples of correct syntax, what the various libraries are, etc. ====TEXTBOOKS/TUTORIALS==== * [[https://diveintopython3.net/ Dive Into Python]] - another survey of Python syntax, datatypes, etc. * [[http://greenteapress.com/wp/think-python-2e/ Think Python by Allen Downey]] - a good general overview of the Python language. Includes exercises. * [[https://docs.python.org/3/tutorial/ The Official Python Tutorial]] - self-explanatory * [[https://learnpythonthehardway.org/book/ Learn Python the Hard Way]] - (note: for Python 2) another free online text * [[https://docs.python.org/3.0/reference/lexical_analysis.html#id8 Reserved Keywords in Python]] - don't use these as variable names * [[https://peps.python.org/pep-0008/ PEP 8 - Style Guide for Python Code]] - learn what is good and bad style in Python * [[https://checkio.org/ CheckIO]] - learn Python by exploring a game world * [[https://inventwithpython.com/ Invent with Python]] - develop your Python skills by making games or hacking ciphers * [[https://www.codecademy.com/catalog Codecademy]] - (note: for Python 2) learn Python by building web apps and manipulating data; interactive tutorial sequence * [[https://pythontutor.com Python Tutor]] - interactive tutorial sequence of exercises ====DEBUGGING==== * [[https://pythontutor.com/ Python Tutor]] - an excellent way to actually visualize how the interpreter actually reads and executes your code * [[https://www.diffchecker.com/ DiffChecker]] - compares two sets of text and shows you which lines are different * [[https://pythonconquerstheuniverse.wordpress.com/2009/09/10/debugging-in-python/ Debugging in Python]] - steps you can take to try to debug your program ====OTHER Q&A==== * [[https://stackoverflow.com/questions/tagged/python Stack Overflow]] - a large Q&A forum for programming concepts (not just Python). Try searching here before you post on the edX forum, and you may find that someone has already answered your question. ====MORE PRACTICE PROBLEMS==== * [[http://www.pythonchallenge.com/ Python Challenge]] - a series of puzzles you can try to test your Python abilities * [[https://projecteuler.net/ Project Euler]] - additional programming challenges you can try once your Python knowledge becomes stronger; problems are sorted by increasing difficulty * [[https://codingbat.com/python Coding Bat]] - problems you can solve within an online interpreter * [[https://www.codewars.com/?language=python Codewars]] - improve your skills by training on real code challenges MIT OpenCourseWare https://ocw.mit.edu 6.0001 Introduction to Computer Science and Programming in Python Fall 2016 For information about citing these materials or our Terms of Use, visit: https://ocw.mit.edu/terms. </div> </div> ==2== mit-test-course/2/MIT6_0001F16_Lecture_02_300k.mp4<br> https://ipfs.io/ipfs/QmTFdkMJnzUcwgs1hdoF7qtADE2NqTJVaF9CfgULbzSuA9<br> <code>QmTFdkMJnzUcwgs1hdoF7qtADE2NqTJVaF9CfgULbzSuA9</code> <br> <br> mit-test-course/2/ba2947b25b1580e4a84df0ec5dbe5cdd_MIT6_0001F16_Lec2.pdf<br> https://ipfs.io/ipfs/QmNiZvEh6UmpHLTxw4saN7WdojzBokp2JCbucYzrekoQBK<br> <code>QmNiZvEh6UmpHLTxw4saN7WdojzBokp2JCbucYzrekoQBK</code><br> <br> mit-test-course/2/d6ee838ee4c85ace93a4e170cfd83c03_lec2_branch_loops.py<br> https://ipfs.io/ipfs/QmPjEzEu56mqeE19Vth9AkDbAxz7wAWg9zMVvF9FZ1UBvK<br> <code>QmPjEzEu56mqeE19Vth9AkDbAxz7wAWg9zMVvF9FZ1UBvK</code><br> <br> ==3== MIT6_0001F16_Lecture_03_300k.mp4<br> <code>QmTTCsuhbnjXWuigZLSgKAt4DjFsm78MANo3KUMGcK98s1</code><br> <br> 88de925a1fb925e46a08bc5f34d029bd_lec3_strings_algos.py<br> <code>QmYppDgGMptihHA7ixFw2GHvspN8Bw1HY21HtUpQNxi23i</code><br> <br> b9b9a82a29e8746db1facfbd30c07940_MIT6_0001F16_Lec3.pdf<br> <code>QmP2AZfUx8RTqCGamJtPyodFU8dHG8QrBHYKkP79YepEe9</code><br> ==4== MIT6_0001F16_Lecture_04_300k.mp4<br> <code>QmQuc5zpaJdMfRYxTLyZc5DQuota1FjuJiqgWf8ctGmRsU</code><br> <br> 6ba59859535f1566dd57a7279aeba5d1_MIT6_0001F16_Lec4.pdf<br> <code>QmP1p4h21ogMxWeeX2PiDibQbHqWer7ABCsMrfMxEx7QBW</code><br> <br> 9e8439a27af18817e046ac37333d03f6_lec4_functions.py<br> <code>QmNtPQncXMYNBnX4NoNfx2ifetrfvrATamdrsjx4u9iQ7c</code><br> ==5== MIT6_0001F16_Lecture_05_300k.mp4<br> <code>Qmco5sKKQfnWUNP9ZUxLkDhoV6jfjv8L4AdzES7En41AzP</code><br> <br> 1776670e271578eeb99fc25975f20586_MIT6_0001F16_Lec5.pdf<br> <code>QmSdxg2inPbK1FSynNdPUka6CUZtEGG6sdPZgxaAgb46GE</code><br> <br> cdf5f8e7f109952655f4d253ed955555_lec5_tuples_lists.py<br> <code>QmThDori5ETa3U27DFpndU7RmsLgG7zjpqGVxAncCupSuc</code><br> ==6== <br>MIT6_0001F16_Lecture_06_300k.mp4<br> <code>QmVzK3PVETv69Y27UKDfaQQM5um8ByMdYQS3TzD2EkoR42</code><br> <br>876348c652c5353daccc96e1b7d577bb_MIT6_0001F16_Lec6.pdf<br> <code>QmQAqSGJAeoypUMyUnb7hRrziDyRAwymcTGdcaydT5i73s</code><br> <br>706228e592761d9c7c1c073f8ba7a6cc_lec6_recursion_dictionaries.py<br> <code>QmaGhNYnR5yUMYZf4q7qLsNwEW6B7pbLbgJokJBTNSA2FT</code><br> ==7== <br>MIT6_0001F16_Lecture_07_300k.mp4<br> <code>QmUyiqpAUA91w4Xm2Dz2wPr6kE6wTzA1apwJziTdBysRLw</code><br> <br> 51bdde43dfd773ba20747ce5d89119ac_MIT6_0001F16_Lec7.pdf<br> <code>QmcqZoeVrsfBv4Ri6M8KtiLdy3VpKnyznDFhX8zvfd3Qrs</code><br> <br> abdd1d61892ccce9be2ad84e52004e07_lec7_debug_except.py<br> <code>QmeVKCB6ponYr4f72MuNwegukX9t42NTywNHpDPgyNi9ae</code><br> <br> ==8== <br>MIT6_0001F16_Lecture_08_300k.mp4 <br><code>QmZFSSPndvRfPT2vyehuyEQitfb8CzdYkA7orFAKyvhA4u</code><br> <br>7a6f85d03f132dcd9d7592bc4643be1c_MIT6_0001F16_Lec8.pdf <br><code>QmdccChFuYBCiLmufEmk6oXCHybaUQiPXajD3c3xMupiaC</code><br> <br>0705ac9dcc7e637a0e8e9d97eb258a26_lec8_classes.py <br><code>QmQCaZZA75UQ5pAKy8zhcz6Ci8yY13UVHUvsuXmid86GUH</code><br> <br> ==9== <br>MIT6_0001F16_Lecture_09_300k.mp4 <br><code>QmdENonCipE7TK99i7dFz9paqDUSefR4PFdveEmVi5oXAb</code><br> <br>2dd6c75e7b4bd6bd135078e6f3701201_MIT6_0001F16_Lec9.pdf <br><code>QmbaJFk4mFRmCbtQybK94etyfRA2LcM22Kfvjbvdf6X8Gw</code><br> <br>bf8e8195044d5f6aefc1a455968e2f3e_lec9_inheritance.py <br><code>QmQ7UB4PaGBRHvHfDshrASwynvansFVXrp3RNULwhThUsC</code><br> <br> ==10== <br>MIT6_0001F16_Lecture_10_300k.mp4 <br><code>QmQNooq1g25LFp1Fxj2tfpKKMKi8NbutkhuXNf5Ppo7t5f</code><br> <br>066eba6ea6d56a88e56ae325940d4c4c_MIT6_0001F16_Lec10.pdf <br><code>QmbyP59ttPKGe5ZNADsgqTsgBF3oYGzhZXFfBhszG2nuPm</code><br> <br>bfa32fd241d88ae02cd3157aed232bac_lec10_complexity_part1.py <br><code>QmUtgXQXjj2C3qb2UXFrPmKHkFdEjmehk4ZLQhcZ37rEmw</code><br> <br> ==11== <br>MIT6_0001F16_Lecture_11_300k.mp4 <br><code>QmR7Ned6iZytjpVHVN6W53EZ5Qg4Zd6EkEcXxn8DjYMgrd</code><br> <br>bb953fb81d4afa3bc837c16eba613955_MIT6_0001F16_Lec11.pdf <br><code>QmNPjN3616QdmEWLPokwuTkLL1vrzcLVRSFLWUcukqtxZL</code><br> <br>bdf800867e6762c6758ecd2230178f41_lec11_complexity_part2.py <br><code>QmdpwFTFkwnkqWW3CozBBAfeYHchDeVAV7ArkA1dUqbUZ4</code><br> <br> ==12== <br>MIT6_0001F16_Lecture_12_300k.mp4 <br><code>QmPWidAv5mBrgEcKDVqWe62JaAiwBWs8KZc1S8r3bbJsvY</code><br> <br>6425d0dabb1cea1a076b8c46c0ae2da6_MIT6_0001F16_Lec12.pdf <br><code>QmToP68Knz71euVuntRWtz6UshRoiRssELJNFMeP1f2sR5</code><br> <br>310536cd5f5aa1fc0c11726ce13c565e_lec12_sorting.py <br><code>QmbV8ct8DEQyRGRDSX4PaQBXk8r8ryYLDNwTa2buC7kcP5</code><br> <br> opgvlzpqwd7epyb5d5a9sz8kzyuqq0u 449 448 2023-12-03T18:32:47Z Noob 1 449 wikitext text/x-wiki {{:LICENCE_HEADER_CC_BY-NC-SA_4.0}} <!-- This site is non commercial and is a concept development. <br> Note - this is quickly put together to test and demonstrate hosting heavy data content on IPFS. --> <b> NOTE: This page is for demonstration purposes Only, and is not meant to be hosted on CompleteNoobs.com which is not intended to contain CC_BY-NC-SA Licensed Content. <br> This page is CC_BY-NC-SA It is intended for a fork of "CompleteNoobs.com" called "CompleteNoobz.com" <br> CompleteNoobz.com is a noncommercial mirror of CompleteNoobs.com Which can pullin CC_BY-NC-SA Licensed Content <br> This page is quickly put together to test and demonstrate hosting heavy data content on IPFS. <br> It is a first draft (UNFINISHED) and required many more Reiterations, This content is first draft concept demonstration content. </b> ==Course Information== ===Source=== https://ocw.mit.edu/MIT OPEN COURSEWARE - MASSACHUSETTS INSTITUTE OF TECHNOLOGY.<br> Donations to support MIT Open Courseware <code>https://giving.mit.edu/give/to/ocw/</code><br> <br> https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/download/<br> https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/pages/assignments/<br> https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/lecture-videos/<br> ==Syllabus== <div class="toccolours mw-collapsible mw-collapsed"> Syllabus <div class="mw-collapsible-content"> ===Course Meeting Times=== Lectures: 2 sessions / week, 1 hour / session Recitations: 1 sessions / week, 1 hour / session ===Course Information=== 6.0001 Introduction to Computer Science and Programming in Python is intended for students with little or no programming experience. It aims to provide students with an understanding of the role computation can play in solving problems and to help students, regardless of their major, feel justifiably confident of their ability to write small programs that allow them to accomplish useful goals. The class will use the Python 3.5 programming language. This is a half-semester course. Students who successfully complete 6.0001 may continue into 6.0002 Introduction to Computational Thinking and Data Science, which is taught in the second half of the semester. ===Goals=== *Provide an understanding of the role computation can play in solving problems. *Help students, including those who do not plan to major in Computer Science and Electrical Engineering, feel confident of their ability to write small programs that allow them to accomplish useful goals. *Position students so that they can compete for research projects and excel in subjects with programming components. ===Textbook=== The textbook is Buy at MIT Press Guttag, John. Introduction to Computation and Programming Using Python: With Application to Understanding Data Second Edition. MIT Press, 2016. ISBN: 9780262529624. The book and the course lectures parallel each other, though there is more detail in the book about some topics. It is available both in hard copy and as an e-book. ===Lecture and Recitation Attendance=== A significant portion of the material for this course will presented only in lecture, so students are expected to regularly attend lectures. Recitations give students a chance to ask questions about the lecture material or the problem set for the given week. Sometimes, new material may be covered in recitation. Recitation attendance is encouraged but not required. ===Problem Sets and Quizzes=== Each problem set will involve programming in Python. There will be 6 problem sets in the course. There will be two quizzes. All quizzes will be closed-book, though you will be allowed to bring one page of notes to the first quiz and two pages of notes to the second quiz. Pages must be letter-sized, double-sided, either handwritten or typed. ===Grading Policy=== {| class="wikitable" |+ Grades will be roughly computed as follows: |- |ACTIVITIES |PERCENTAGES |- |Problem sets |30% |- |Completion of mandatory finger exercises |10% |- |Midterm Quiz |20% |- |Final Quiz |40% |} Problem sets will be graded out of 10 points. Submissions that do not run will receive at most 20% of the points. Please contact your Teaching Assistant if you have a problem understanding your problem set grade. Note: Quizzes and finger exercises are not available on OpenCourseWare. ===Extension and Dropping Problem Sets Policy=== We do not grant any extensions. Instead, we offer late days and the option of rolling at most 2 problem set grades into the final quiz score. ===Late Days=== At the beginning of the term, students are given two late days that they can use on problem sets. Starting with Problem Set 1, additional late days can be accumulated for each assignment, one late day for each day the assignment is turned in ahead of the deadline. Up to three late days may be accumulated in this fashion in this course, i.e you can only have a maximum of 3 late days at any point in time. Late days are discrete (a student cannot use half a late day). The staff will keep track of late days and feedback for each problem set will include the number of late days the student has remaining. Any additional late work beyond these late days will not be accepted. To avoid surprises, we suggest that after you submit your problem set, you double check to make sure the submission was uploaded correctly. ===Rolling Over Problem Sets=== Before the final quiz, we will send out an announcement in which you can choose at most 2 problem sets that you can drop. If dropped, the percent that the problem sets are worth will be rolled into the final quiz score. We strongly urge you to see the late days and dropping the problem sets as backup in case of an emergency. Your best strategy is to do the problem sets early before work starts to pile up. ===Calendar=== {| class="wikitable" |+ Calendar |- |SES # |TOPICS |ASSIGNMENTS |- |1 |What is computation? |Pset 0 released |- |2 |Branching and Iteration |Pset 1 released |- |3 |String Manipulation, Guess and Check, Approximations, Bisection |Pset 0 due |- |4 |Decomposition, Abstractions, Functions |Pset 2 released |- |5 |Tuples, Lists, Aliasing, Mutability, Cloning |Pset 1 due |- |6 |Recursion, Dictionaries |Pset 3 released |- |7 |Testing, Debugging, Exceptions, Assertions |Pset 2 due; Quiz 1 |- |8 |Object Oriented Programming | |- |9 |Python Classes and Inheritance |Pset 3 due; Pset 4 released |- |10 |Understanding Program Efficiency, Part 1 |Pset 4 due; Pset 5 released |- |11 |Understanding Program Efficiency, Part 2 | |- |12 |Searching and Sorting |Pset 5 due; Final Quiz |} </div> </div> ==Course Materials== ===Downloading Using IPFS=== <code>https://github.com/ipfs/ipfs-desktop/releases</code><br> [[IPFS_Basics|PFS Basics]] ===Software=== This class is using python3 IDE <b>spyder</b> which is in Anaconda3<br> https://www.anaconda.com/<br> How to install is on Problem Set 0<br> ===MIT6_0001F16_Style Guide=== Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/mit6_0001f16_styleguide/<br> IPFS:<code>QmUmtyNpSLr2fXwGY1gL2hNnpwbYe8Y7CP2rPwjSNXasxJ</code><br> ==Problem Set 0== Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/ps0/<br> IPFS:<code>QmRWpBvwUNiFRjSvgLjRoiCNXQBBL2aLg55PVfGWw7S1ns</code><br> ==Lecture 1: What is Computation?== {{#evu:https://www.youtube.com/watch?v=4-CmQesbQvw |alignment=inline }} <br> Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/lecture-1-what-is-computation/<br> IPFS:<code>QmaTdTMxWdz6ySLbx258zQU5McpJTo4ZEVJ63GSKmVEyeM</code><br> ===Glossary=== <div class="toccolours mw-collapsible mw-collapsed"> Glossary for lecture with timestamps: <div class="mw-collapsible-content"> Time: data<br> 2:10 pset = problem set<br> 12:18 [[Square_root]]<br> </div> </div> ===Video transcript=== <div class="toccolours mw-collapsible mw-collapsed"> Video transcript <div class="mw-collapsible-content"> <pre> The following content is provided under a Creative 0:03Commons license. 0:04Your support will help MIT OpenCourseWare 0:07continue to offer high-quality, educational resources for free. 0:11To make a donation, or view additional materials 0:13from hundreds of MIT courses, visit MIT OpenCourseWare 0:17at ocw.mit.edu. 0:29ANA BELL: All right. 0:30Let's begin. 0:33As I mentioned before, this lecture 0:35will be recorded for OCW. 0:37Again, in future lectures, if you 0:39don't want to have the back of your head show up, 0:41just don't sit in this front area here. 0:44First of all, wow, what a crowd, you guys. 0:46We're finally in 26-100. 0:486.0001 made it big, huh? 0:52Good afternoon and welcome to the very first class of 6.0001, 0:55and also 600, this semester. 0:58My name is Ana Bell. 1:00First name, Ana. 1:01Last name, Bell. 1:03I'm a lecturer in the EECS Department. 1:06And I'll be giving some of the lectures for today, 1:08along with later on in the term, Professor Eric Grimson, who's 1:13sitting right down there, will be giving some of the lectures, 1:15as well. 1:17Today we're going to go over some basic administrivia, 1:21a little bit of course information. 1:23And then, we're going to talk a little bit 1:24about what is computation? 1:26We'll discuss at a very high level 1:27what computers do just to make sure we're all 1:29on the same page. 1:31And then, we're going to dive right into Python basics. 1:34We're going to talk a little bit about mathematical operations 1:36you can do with Python. 1:38And then, we're going to talk about Python variables 1:40and types. 1:42As I mentioned in my introductory email, all 1:43the slides and code that I'll talk about during lectures 1:46will be up before lecture, so I highly 1:48encourage you to download them and to have them open. 1:52We're going to go through some in-class exercises which will 1:56be available on those slides. 1:57And it's fun to do. 1:59And it's also great if could take notes about the code just 2:07for future reference. 2:09It's true. 2:10This is a really fast-paced course, 2:12and we ramp up really quickly. 2:14We do want to position you to succeed in this course. 2:17As I was writing this, I was trying 2:19to think about when I was first starting 2:21to program what helped me get through my very 2:24first programming course. 2:26And this is really a good list. 2:29The first thing was I just read the psets as soon 2:31as they came out, made sure that the terminology just sunk in. 2:37And then, during lectures, if the lecturer 2:39was talking about something that suddenly I remembered, 2:42oh, I saw that word in the pset and I didn't know what it was. 2:45Well, hey, now I know what it is. 2:46Right? 2:47So just give it a read. 2:48You don't need to start it. 2:51If you're new to programming, I think the key word is practice. 2:55It's like math or reading. 2:57The more you practice, the better you get at it. 3:00You're not going to absorb programming 3:01by watching me write programs because I already know how 3:04to program. 3:05You guys need to practice. 3:07Download the code before lecture. 3:09Follow along. 3:10Whatever I type, you guys can type. 3:12And I think, also, one of the big things 3:14is if you're new to programming, you're 3:16kind of afraid that you're going to break your computer. 3:19And you can't really do that just by running Anaconda 3:24and typing in some commands. 3:26So don't be afraid to just type some stuff in 3:28and see what it does. 3:29Worst case, you just restart the computer. 3:35Yeah. 3:36That's probably the big thing right there. 3:38I should have probably highlighted it, 3:39but don't be afraid. 3:40Great. 3:41So this is pretty much a roadmap of all of 6.0001 or 600 3:46as I've just explained it. 3:47There's three big things we want to get out of this course. 3:51The first thing is the knowledge of concepts, 3:54which is pretty much true of any class that you'll take. 3:56The class will teach you something through lectures. 3:59Exams will test how much you know. 4:02This is a class in programming. 4:05The other thing we want you to get out of it 4:08is programming skills. 4:10And the last thing, and I think this 4:12is what makes this class really great, 4:13is we teach you how to solve problems. 4:16And we do that through the psets. 4:18That's really how I feel the roadmap of this course 4:21looks like. 4:22And underlying all of these is just practice. 4:25You have to just type some stuff away and code a lot. 4:29And you'll succeed in this course, I think. 4:33OK. 4:35So what are the things we're going to learn in this class? 4:38I feel like the things we're going learn in this class 4:41can be divided into basically three different sections. 4:44The first one is related to these first two items here. 4:50It's really about learning how to program. 4:53Learning how to program, part of it 4:55is figuring out what objects to create. 4:58You'll learn about these later. 5:00How do you represent knowledge with data structures? 5:02That's sort of the broad term for that. 5:04And then, as you're writing programs, 5:06you need to-- programs aren't just linear. 5:08Sometimes programs jump around. 5:10They make decisions. 5:11There's some control flow to programs. 5:13That's what the second line is going to be about. 5:18The second big part of this course 5:20is a little bit more abstract, and it 5:24deals with how do you write good code, good style, 5:29code that's readable. 5:30When you write code, you want to write it such 5:33that-- you're in big company, other people will read it, 5:35other people will use it, so it has 5:37to be readable and understandable by others. 5:40To that end, you need to write code 5:41that's well organized, modular, easy to understand. 5:48And not only that, not only will your code 5:50be read by other people, but next year, maybe, 5:53you'll take another course, and you'll 5:55want to look back at some of the problems 5:56that you wrote in this class. 5:58You want to be able to reread your code. 6:00If it's a big mess, you might not be able to understand-- 6:03or reunderstand-- what you were doing. 6:06So writing readable code and organizing code 6:08is also a big part. 6:10And the last section is going to deal with-- the first two 6:15are actually part of the programming in Introduction 6:19to Programming and Computer Science in Python. 6:21And the last one deals mostly with the computer science part 6:26in Introduction to Programming and Computer Science in Python. 6:29We're going to talk about, once you have learned 6:31how to write programs in Python, how do 6:33you compare programs in Python? 6:35How do you know that one program is better than the other? 6:38How do you know that one program is 6:39more efficient than the other? 6:41How do you know that one algorithm 6:42is better than the other? 6:45That's what we're going to talk about in the last part 6:47of the course. 6:48OK. 6:50That's all for the administrative part 6:52of the course. 6:54Let's start by talking at a high level what does a computer do. 6:59Fundamentally, it does two things. 7:03One, performs calculations. 7:05It performs a lot of calculations. 7:07Computers these days are really, really fast, 7:09a billion calculations per second is probably not far off. 7:15It performs these calculations and it 7:16has to store them somewhere. 7:18Right? 7:19Stores them in computer memory. 7:21So a computer also has to remember results. 7:24And these days, it's not uncommon to find computers 7:26with hundreds of gigabytes of storage. 7:30The kinds of calculations that computers do, 7:34there are two kinds. 7:35One are calculations that are built into the language. 7:37These are the very low level types 7:39of calculations, things like addition, 7:41subtraction, multiplication, and so on. 7:45And once you have a language that 7:47has these primitive calculation types, you, as a programmer, 7:53can put these types together and then define 7:55your own calculations. 7:57You can create new types of calculations. 8:00And the computer will be able to perform those, as well. 8:04I think, one thing I want to stress-- 8:07and we're going to come back to this 8:09again during this entire lecture, actually-- 8:12is computers only know what you tell them. 8:15Computers only do what you tell them to do. 8:18They're not magical. 8:19They don't have a mind. 8:22They just know how to perform calculations really, 8:24really quickly. 8:26But you have to tell them what calculations to do. 8:32Computers don't know anything. 8:34All right. 8:35We've come to that. 8:40Let's go into the types of knowledge. 8:44The first type of knowledge is declarative knowledge. 8:48And those are things like statements of fact. 8:50And this is where my email came into play. 8:53If you read it all the way to the bottom, 8:55you would have entered a raffle. 8:57So a statement of fact for today's lecture 8:59is, someone will win a prize before class ends. 9:03And the prize was a Google Cardboard. 9:06Google state-of-the-art virtual reality glasses. 9:09And I have them right here. 9:14Yea. 9:15I delivered on my promise. 9:18That's a statement of fact. 9:20So pretend I'm a machine. 9:22OK? 9:23I don't know anything except what you tell me. 9:26I don't know. 9:28I know that you tell me this statement. 9:30I'm like, OK. 9:31But how is someone going to win a Google Cardboard 9:33before class ends, right? 9:35That's where imperative knowledge comes in. 9:37Imperative knowledge is the recipe, or the how-to, 9:39or the sequence of steps. 9:42Sorry. 9:43That's just my funny for that one. 9:47So the sequence of steps is imperative knowledge. 9:53If I'm a machine, you need to tell me 9:57how someone will win a Google Cardboard before class. 10:00If I follow these steps, then technically, 10:02I should reach a conclusion. 10:06Step one, I think we've already done that. 10:08Whoever wanted to sign up has signed up. 10:11Now I'm going to open my IDE. 10:13I'm just basically being a machine 10:14and following the steps that you've told me. 10:17The IDE that we're using in this class is called Anaconda. 10:21I'm just scrolling down to the bottom. 10:25Hopefully, you've installed it in problem set zero. 10:28I've opened my IDE. 10:30I'm going to follow the next set of instructions. 10:34I'm going to choose a random number between the first 10:36and the nth responder. 10:39Now, I'm going to actually use Python to do this . 10:42And this is also an example of how just 10:44a really simple task in your life, 10:46you can use computers or programming to do that. 10:48Because if I chose a random number, 10:50I might be biased because, for example, 10:51I might like the number 8. 10:53To choose a random number, I'm going to go and say, OK, 10:57where's the list of responders? 10:58It starts at 15. 10:59Actually, it starts at 16 because that's me. 11:03We're going to choose a random number between 16 11:05and the end person 266. 11:09Oh, we just got-- oh. 11:11OK. 11:13OK. 11:13I'm going to cut it off right here. 11:15271. 11:15OK. 11:1616 and 271. 11:18Perfect. 11:19OK. 11:20I'm going to choose a random number. 11:21I'm going to go to my IDE. 11:22And you don't need to know how to do this yet, 11:24but by the end of this class, you will. 11:26I'm just going to use Python. 11:29I'm just going to get the random number package that's going 11:31to give me a random number. 11:32I'm going to say random.randint. 11:35And I'm going to choose a random number between 16 and 272, 11:40OK. 11:4175. 11:42OK. 11:43Great. 11:44I chose a random number. 11:45And I'm going to find the number in the responder's sheet. 11:48What was the number again? 11:49Sorry. 11:5175. 11:52OK. 11:54Up we go. 11:56There we go. 11:57Lauren Z-O-V. Yeah. 12:01Nice. 12:02You're here. 12:14Awesome. 12:16All right. 12:17That's an example of me being a machine and also, 12:21at the same time, using Python in my everyday life, 12:23just lecturing, to find a random number. 12:28Try to use Python wherever you can. 12:30And that just gives you practice. 12:34That was fun. 12:35But we're at MIT. 12:37We're MIT students. 12:39And we love numbers here at MIT. 12:41Here's a numerical example that shows 12:44the difference between declarative and imperative 12:46knowledge. 12:50An example of declarative knowledge 12:51is the square root of a number x is y such that y times y 12:54is equal to x. 12:57That's just a statement of fact It's true. 13:02Computers don't know what to do with that. 13:05They don't know what to do with that statement. 13:07But computers do know how to follow a recipe. 13:11Here's a well-known algorithm. 13:13To find the square root of a number x, 13:16let's say x is originally 16, if a computer follows 13:23this algorithm, it's going to start with a guess, g, 13:26let's say, 3. 13:28We're trying to find the square root of 16. 13:30We're going to calculate g times g is 9. 13:34And we're going to ask is if g times g 13:36is close enough to x, then stop and say, g is the answer. 13:39I'm not really happy with 9 being really close to 16. 13:42So I'm going to say, I'm not stopping here. 13:44I'm going to keep going. 13:47If it's not close enough, then I'm 13:48going to make a new guess by averaging g and x over g. 13:52That's x over g here. 13:54And that's the average over there. 13:57And the new average is going to be my new guess. 14:04And that's what it says. 14:05And then, the last step is using the new guess, 14:07repeat the process. 14:08Then we go back to the beginning and repeat the whole process 14:11over and over again. 14:13And that's what the rest of the rows do. 14:15And you keep doing this until you decide 14:16that you're close enough. 14:23What we saw for the imperative knowledge 14:25in the previous numerical example 14:26was the recipe for how to find the square root of x. 14:31What were the three parts of the recipe? 14:33One was a simple sequence of steps. 14:36There were four steps. 14:39The other was a flow of control, so there were 14:42parts where we made decisions. 14:45Are we close enough? 14:46There were parts where we repeated some steps. 14:49At the end, we said, repeat steps 1, 2, 3. 14:52That's the flow of control. 14:55And the last part of the recipe was a way to stop. 14:58You don't want a program that keeps going and going. 15:00Or for a recipe, you don't want to keep baking bread forever. 15:03You want to stop at some point. 15:05Like 10 breads is enough, right? 15:07So you have to have a way of stopping. 15:10In the previous example, the way of stopping 15:12was that we decided we were close enough. 15:15Close enough was maybe being within .01, .001, 15:20whatever you pick. 15:23This recipe is there for an algorithm. 15:26In computer science speak, it's going to be an algorithm. 15:29And that's what we're going to learn about in this class. 15:34We're dealing with computers. 15:35And we actually want to capture a recipe 15:37inside a computer, a computer being a mechanical process. 15:49Historically, there were two different types of computers. 15:55Originally, there were these things 15:57called fixed-program computers. 15:59And I'm old enough to have used something 16:02like this, where there's just numbers and plus, minus, 16:06multiplication, divide, and equal. 16:08But calculators these days are a lot more complicated. 16:11But way back then, an example of a fixed-program computer 16:15is this calculator. 16:16It only knows how to do addition, multiplication, 16:19subtraction, division. 16:20If you want to plot something, you can't. 16:22If you want to go on the internet, send email with it, 16:27you can't. 16:27It can only do this one thing. 16:31And if you wanted to create a machine that did another thing, 16:33then you'd have to create another fixed-program computer 16:37that did a completely separate test. 16:39That's not very great. 16:41That's when stored-program computers came into play. 16:45And these were machines that could store 16:47a sequence of instructions. 16:50And these machines could execute the sequence of instructions. 16:54And you could change the sequence of instructions 16:56and execute this different sequence of instructions. 17:00You could do different tasks in the same machine. 17:03And that's the computer as we know it these days. 17:07The central processing unit is where all of these decisions 17:11get made. 17:11And these are all the peripherals. 17:16The basic machine architecture-- at the heart of every computer 17:20there's just this basic architecture-- 17:25and it contains, I guess, four main parts. 17:28The first is the memory. 17:31Input and output is the other one. 17:34The ALU is where all of the operations are done. 17:39And the operations that the ALU can do 17:41are really primitive operations, addition, subtraction, 17:44and so on. 17:46What the memory contains is a bunch of data 17:52and your sequence of instructions. 18:00Interacting with the Arithmetic Logic Unit is the Control Unit. 18:03And the Control Unit contains one program counter. 18:07When you load a sequence of instructions, 18:09the program counter starts at the first sequence. 18:15It starts at the sequence, at the first instruction. 18:18It gets what the instruction is, and it sends it to the ALU. 18:22The ALU asks, what are we doing operations on here? 18:25What's happening? 18:27It might get some data. 18:29If you're adding two numbers, it might get two numbers 18:31from memory. 18:33It might do some operations. 18:34And it might store data back into memory. 18:37And after it's done, the ALU is going to go back, 18:41and the program counter is going to increase 18:43by 1, which means that we're going 18:45to go to the next sequence in the instruction set. 18:50And it just goes linearly, instruction by instruction. 18:53There might be one particular instruction 18:56that does some sort of test. 18:58It's going to say, is this particular value 19:07greater or equal to or the same as this other particular value? 19:11That's a test, an example of a test. 19:13And the test is going to either return true or false. 19:17And depending on the result of that test, 19:20you might either go to the next instruction, 19:24or you might set the program counter 19:26to go all the way back to the beginning, and so on. 19:29You're not just linearly stepping 19:32through all the instructions. 19:33There might be some control flow involved, 19:35where you might skip an instruction, 19:36or start from the beginning, or so on. 19:39And after you're done, when you finished 19:42executing the last instruction, then you 19:44might output something. 19:47That's really the basic way that a computer works. 19:53Just to recap, you have the stored program computer 19:55that contains these sequences of instructions. 19:59The primitive operations that it can do 20:00are addition, subtraction, logic operations, tests-- 20:06which are something equal to something else, something 20:08less than, and so on-- and moving data, 20:10so storing data, moving data around, and things like that. 20:14And the interpreter goes through every instruction 20:19and decides whether you're going to go to the next instruction, 20:22skip instructions, or repeat instructions, and so on. 20:28So we've talked about primitives. 20:30And in fact, Alan Turing, who was a really great computer 20:35scientist, he showed that you can compute anything 20:37using the six primitives. 20:38And the six primitives are move left, move right, read, write, 20:46scan, and do nothing. 20:49Using those six instructions and the piece of tape, 20:54he showed that you can compute anything. 20:57And using those six instructions, 21:00programming languages came about that 21:03created a more convenient set of primitives. 21:05You don't have to program in only these six commands. 21:11And one interesting thing, or one really important thing, 21:16that came about from these six primitives 21:19is that if you can compute something in Python, 21:22let's say-- if you write a program that computes something 21:25in Python, then, in theory, you can 21:28write a program that computes the exact same thing 21:31in any other language. 21:32And that's a really powerful statement. 21:36Think about that today when you review your slides. 21:39Think about that again. 21:40That's really powerful. 21:45Once you have your set of primitives 21:49for a particular language, you can start creating expressions. 21:53And these expressions are going to be 21:55combinations of the primitives in the programming language. 22:00And the expressions are going to have some value. 22:02And they're going up some meaning in the programming 22:05language. 22:08Let's do a little bit of a parallel with English 22:10just so you see what I mean. 22:14In English, the primitive constructs 22:15are going to be words. 22:17There's a lot of words in the English language. 22:19Programming languages-- in Python, there are primitives, 22:23but there aren't as many of them. 22:25There are floats, Booleans, these 22:28are numbers, strings, and simple operators, 22:31like addition, subtraction, and so on. 22:35So we have primitive constructs. 22:38Using these primitive constructs, 22:39we can start creating, in English, phrases, sentences, 22:48and the same in programming languages. 22:49In English, we can say something like, "cat, dog, boy. 22:54That, we say, is not syntactically valid. 22:58That's bad syntax. 23:00That's noun, noun, noun. 23:01That doesn't make sense. 23:05What does have good syntax in English is noun, verb, noun. 23:08So, "cat, hugs boy" is syntactically valid. 23:12Similarly, in a programming language, 23:14something like this-- in Python, in this case-- a word 23:18and then the number five doesn't really make sense. 23:20It's not syntactically valid. 23:22But something like operator, operand, operator is OK. 23:28So once you've created these phrases, or these expressions, 23:34that are syntactically valid, you 23:37have to think about the static semantics of your phrase, 23:41or of your expression. 23:45For example, in English, "I are hungry" is good syntax. 23:51But it's weird to say. 23:55We have a pronoun, a verb, and an adjective, which 23:58doesn't really make sense. 23:59"I am hungry" is better. 24:03This does not have good static semantics. 24:07Similarly, in programming languages-- 24:09and you'll get the hang of this the more 24:11you do it-- something like this, "3.2 times 5, is OK. 24:15But what does it mean? 24:17What's the meaning to have a word added to a number? 24:22There's no meaning behind that. 24:25Its syntax is OK, because you have 24:28operator, operand, operator. 24:30But it doesn't really make sense to add a number to a word, 24:32for example. 24:36Once you have created these expressions that 24:39are syntactically correct and static, semantically correct, 24:44in English, for example, you think about the semantics. 24:48What's the meaning of the phrase? 24:50In English, you can actually have more than one 24:52meaning to an entire phrase. 24:56In this case, "flying planes can be dangerous" 25:01can have two meanings. 25:02It's the act of flying a plane is dangerous, 25:04or the plane that is in the air is dangerous. 25:08And this might be a cuter example. 25:10"This reading lamp hasn't uttered a word 25:12since I bought it. 25:13What's going on?" 25:15So that has two meanings. 25:16It's playing on the word "reading lamp." 25:21That's in English. 25:21In English, you can have a sentence 25:23that has more than one meaning, that's 25:25syntactically correct and static, semantically correct. 25:28But in programming languages, the program that you write, 25:31the set of instructions that you write, only has one meaning. 25:34Remember, we're coming back to the fact 25:35that the computer only does what you tell it to do. 25:40It's not going to suddenly decide 25:42to add another variable for some reason. 25:46It's just going to execute whatever statements you've 25:49put up. 25:50In programming languages, there's only one meaning. 25:52But the problem that comes into play in programming languages 25:58is it's not the meaning that you might have 25:59intended, as the programmer. 26:03That's where things can go wrong. 26:05And there's going to be a lecture 26:07on debugging a little bit later in the course. 26:10But this is here just to tell you 26:12that if you see an error pop up in your program, 26:16it's just some text that says, error. 26:21For example, if we do something like this, 26:28this is syntactically correct. 26:30Incorrect. 26:31Syntactically incorrect. 26:32See? 26:32There's some angry text right here. 26:36What is going on? 26:37The more you program, the more you'll 26:39get the hang of reading these errors. 26:41But this is basically telling me the line 26:43that I wrote is syntactically incorrect. 26:45And it's pointing to the exact line and says, this is wrong, 26:49so I can go back and fix it as a programmer. 26:55Syntax errors are actually really easily caught by Python. 27:00That was an example of a syntax error. 27:02Static semantic errors can also be 27:04caught by Python as long as, if your program has some decisions 27:09to make, as long as you've gone down the branch where 27:13the static semantic error happens. 27:18And this is probably going to be the most frustrating one, 27:22especially as you're starting out. 27:23The program might do something different than what 27:25you expected it to do. 27:27And that's not because the program suddenly-- for example, 27:32you expected the program to give you an output of 0 27:34for a certain test case, and the output that you got was 10. 27:37Well, the program didn't suddenly 27:39decide to change its answer to 10. 27:42It just executed the program that you wrote. 27:48That's the case where the program gave you 27:50a different answer than expected. 27:53Programs might crash, which means they stop running. 27:55That's OK. 27:57Just go back to your code and figure out what was wrong. 28:00And another example of a different meaning 28:03than what you intended was maybe the program won't stop. 28:06It's also OK. 28:07There are ways to stop it besides restarting 28:10the computer. 28:12So then Python programs are going 28:17to be sequences of definitions and commands. 28:20We're going to have expressions that are going to be evaluated 28:25and commands that tell the interpreter to do something. 28:33If you've done problem set 0, you'll 28:35see that you can type commands directly 28:37in the shell here, which is the part on the right where 28:40I did some really simple things, 2 plus 4. 28:44Or you can type commands up in here, on the left-hand side, 28:49and then run your program. 28:52Notice that, well, we'll talk about this-- I 28:54won't talk about this now. 28:55But these are-- on the right-hand side, typically, 28:59you write very simple commands just if you're 29:01testing something out. 29:03And on the left-hand side here in the editor, 29:04you write more lines and more complicated programs. 29:15Now we're going to start talking about Python. 29:18And in Python, we're going to come back to this, 29:20everything is an object. 29:23And Python programs manipulate these data objects. 29:27All objects in Python are going to have a type. 29:30And the type is going to tell Python the kinds of operations 29:34that you can do on these objects. 29:37If an object is the number five, for example, 29:39you can add the number to another number, 29:42subtract the number, take it to the power of something, 29:45and so on. 29:47As a more general example, for example, I am a human. 29:51So that's my type. 29:52And I can walk, speak English, et cetera. 29:55Chewbacca is going to be a type Wookie. 29:59He can walk, do that sound that I can't do. 30:02He can do that, but I can't. 30:04I'm not even going to try, and so on. 30:09Once you have these Python objects, 30:11everything is an object in Python. 30:14There are actually two types of objects. 30:16One are scalar objects. 30:18That means these are very basic objects in Python from which 30:21everything can be made. 30:24These are scalar objects. 30:26That can't be subdivided. 30:28The other type of object is a non-scalar object. 30:31And these are objects that have some internal structure. 30:33For example, the number five is a scalar 30:36object because it can't be subdivided. 30:39But a list of numbers, for example, 5, 6, 30:417,8, is going to be a non-scalar object 30:45because you can subdivide it. 30:46You can subdivide it into-- you can find parts to it. 30:53It's made up of a sequence of numbers. 30:58Here's the list of all of the scalar objects in Python. 31:01We have integers, for example, all of the whole numbers. 31:05Floats, which are all of the real numbers, anything 31:10with a decimal. 31:11Bools are Booleans. 31:13There's only two values to Booleans. 31:16That's True and False. 31:18Note the capitalization, capital T and capital F. 31:23And this other thing called NoneType. 31:24It's special. 31:26It has only one value called None. 31:28And it represents the absence of a type. 31:30And it sometimes comes in handy for some programs. 31:34If you want to find the type of an object, 31:36you can use this special command called type. 31:39And then in the parentheses, you put down 31:41what you want to find the type of. 31:44You can write into the shell "type of 5," 31:47and the shell will tell you, that's an integer. 31:52If you happen to want to convert between two different types, 31:56Python allows you to do that. 31:58And to do that, you put the type that you 32:01want to convert to right before the object 32:03that you want to convert to. 32:05So float(3) will convert the integer 3 to the float 3.0. 32:12And similarly, you can convert any float into an integer. 32:16And converting to an integer just truncates. 32:20It just takes away the decimal and whatever's 32:22after it-- it does not round-- and keeps just the integer 32:26part. 32:30For this slide, I'm going to talk about it. 32:31But if you'd like if you have the slides up, 32:35go to go to this exercise. 32:37And after I'm done talking about the slide, 32:41we'll see what people think for that exercise. 32:45One of the most important things that you 32:47can do in basically any programming, 32:51in Python also, is to print things out. 32:55Printing out is how you interact with the user. 33:00To print things out, you use the print command. 33:04If you're in the shell, if you simply type "3 plus 2," 33:07you do see a value here. 33:09Five, right? 33:11But that's not actually printing something out. 33:13And that becomes apparent when you actually 33:18type things into the editor. 33:19If you just do "3 plus 2," and you run the program-- that's 33:23the green button here-- you see on the right-hand side here, 33:26it ran my program. 33:27But it didn't actually print anything. 33:30If you type this into the console, 33:32it does show you this value, but that's 33:33just like peeking into the value for you as a programmer. 33:39It's not actually printing it out to anyone. 33:41If you want to print something out, 33:42you have to use the print statement like that. 33:47In this case, this is actually going to print this number 33:50five to the console. 33:58That's basically what it says. 33:59It just tells you it's an interaction within the shell 34:01only. 34:02It's not interacting with anyone else. 34:04And if you don't have any "Out," that 34:06means it got printed out to the console. 34:09All right. 34:09We talked a little bit about objects. 34:13Once you have objects, you can combine objects and operators 34:16to form these expressions. 34:17And each expression is going to have a value. 34:19So an expression evaluates to a value. 34:22The syntax for an expression is going 34:24to be object, operator, object, like that. 34:30And these are some operators you can do on ints and floats. 34:34There's the typical ones, addition, subtraction, 34:36multiplication, and division. 34:38If, for the first three, the answer 34:43that you get-- the type of the answer that you get-- 34:45is going to depend on the type of your variables. 34:48If both of the variables of the operands are integers, 34:52then the result you're going to get is of type integer. 34:55But if at least one of them is a float, then 34:56the result you're going to get is a float. 34:58Division is a little bit special in that 35:02no matter what the operands are, the result 35:04is always going to be a float. 35:09The other operations you can do, and these are also useful, 35:14are the remainder, so the percent sign. 35:19If you use the percent sign between two operands, 35:22that's going to give you the remainder when you divide i 35:25by j. 35:28And raising something to the power of something else 35:30is using the star star operator. 35:32And i star stars j is going to take i to the power of j. 35:41These operations have the typical precedence 35:43that you might expect in math, for example. 35:47And if you'd like to put precedence 35:49toward some other operations, you 35:50can use parentheses to do that. 36:01All right. 36:03So we have ways of creating expressions. 36:07And we have operations we can do on objects. 36:13But what's going to be useful is to be able to save values 36:19to some name. 36:21And the name is going to be something that you pick. 36:24And it should be a descriptive name. 36:27And when you save the value to a name, 36:32you're going to be able to access that value later 36:36on in your program. 36:37And that's very useful. 36:40To save a value to a variable name, you use the equal sign. 36:49And the equal sign is an assignment. 36:51It assigns the right-hand side, which 36:53is a value, to the left-hand side, which 36:55is going to be a variable name. 36:59In this case, I assigned the float 3.14159 37:03to the variable pi. 37:05And in the second line, I'm going 37:08to take this expression, 22 divided by 7, 37:10I'm going to evaluate it. 37:13It's going to come up with some decimal number. 37:16And I'm going to save it into the variable pi_approx. 37:19values are stored in memory. 37:21And this assignment in Python, we 37:22say the assignment binds the name to the value. 37:26When you use that name later on in your program, 37:30you're going to be referring to the value in memory. 37:35And if you ever want to refer to the value 37:37later on in your code, you just simply type 37:39the name of the variable that you've assigned it to. 37:44So why do we want to give names to expressions? 37:48Well, you want to reuse the names instead of the values. 37:51And it makes your code look a lot nicer. 37:54This is a piece of code that calculates 37:56the area of a circle. 37:59And notice, I've assigned a variable pi to 3.14159. 38:03I've assigned another variable called radius to be 2.2. 38:07And then, later on in my code, I have another line 38:09that says area-- this is another variable-- is 38:12equal to-- this is an assignment-- 38:15to this expression. 38:17And this expression is referring to these variable names, pi 38:23and radius. 38:24And it's going look up their values in memory. 38:26And it's going to replace these variable names 38:29with those values. 38:30And it's going to do the calculation for me. 38:32And in the end, this whole expression 38:34is going to be replaced by one number. 38:36And it's going to be the float. 38:40Here's another exercise, while I'm talking about the slide. 38:45I do want to make a note about programming versus math. 38:49In math, you're often presented with a problem 38:55that says, solve for x. 38:57x plus y is equal to something something. 39:00Solve for x, for example. 39:03That's coming back to the fact that computers don't 39:09know what to do with that. 39:10Computers need to be told what to do. 39:12In programming, if you want to solve for x, 39:14you need to tell the computer exactly how to solve for x. 39:18You need to figure out what formula 39:20you need to give the computer in order to be 39:22able to solve for x. 39:25That means always in programming the right-hand side is 39:29going to be an expression. 39:33It's something that's going to be evaluated to a value. 39:35And the left-hand side is always a variable. 39:39It's going to be an assignment. 39:40The equal sign is not like in math 39:43where you can have a lot of things to the left 39:45and a lot of things to the right of the equal sign. 39:47There's only one thing to the left of the equal sign. 39:49And that's going to be a variable. 39:50An equal sign stands for an assignment. 39:53Once we've created expressions, and we have these assignments, 39:57you can rebind variable names using new assignment 39:59statements. 40:03Let's look at an example for that. 40:05Let's say this is our memory. 40:07Let's type back in the example with finding the radius. 40:13Let's say, pi is equal to 3.14. 40:19In memory, we're going to create this value 3.14. 40:22We're going to bind it to the variable named pi. 40:28Next line, radius is equal to 2.2. 40:31In memory, we're creating this value 2.2. 40:35And we're going to bind it to the variable named radius. 40:40Then we have this expression here. 40:44It's going to substitute the values for pi 40:46from memory and the value for radius from memory. 40:49It's going to calculate the value that this expression 40:54evaluates to. 40:56It's going to pop that into the memory. 40:57And it's going to assign-- because we're 40:59using the equal sign-- it's going 41:01to assign that value to that variable area. 41:08Now, let's say we rebind radius to be something else. 41:14Radius i is bound to the value 2.2. 41:21But when we do this line, radius is equal to radius plus 1, 41:24we're going to take away the binding to 2.2. 41:27We're going to do this calculation. 41:29The new value is 3.2. 41:31And we're going to rebind that value to that same variable. 41:38In memory, notice we're still going 41:40to have this value, 2.2, floating around. 41:43But we've lost the handle for it. 41:46There's no way to get it back. 41:48It's just in memory sitting there. 41:52At some point, it might get collected by what 41:55we call the garbage collector. 41:56In Python, And it'll retrieve these lost values, 42:00and it'll reuse them for new values, and things like that. 42:05But radius now points to the new value. 42:08We can never get back 2.2. 42:13And that's it. 42:16The value of area-- notice, this is very important. 42:18The value of area did not change. 42:23And it did not change because these are all the instructions 42:26we told the computer to do. 42:28We just told it to change radius to be radius plus 1. 42:33We never told it to recalculate the value of area. 42:37If I copied that line down here, then the value of area 42:41would change. 42:42But we never told it to do that. 42:44The computer only does what we tell it to do. 42:46That's the last thing. 42:47Next lecture, we're going to talk about adding control 42:51flow to our programs, so how do you tell the computer 42:53to do one thing or another? 42:55All right. </pre> </div> </div> ===Lecture Notes - lecture 1 py=== Source: https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/920cc911b6eb5747f2ccd431bbc4306b_lec1.py<br> <div class="toccolours mw-collapsible mw-collapsed"> lecture 1 py <div class="mw-collapsible-content"> <pre> pi = 3.14159 radius = 2.2 # area of circle equation <- this is a comment area = pi*(radius**2) print(area) # change values of radius <- another comment # use comments to help others understand what you are doing in code radius = radius + 1 print(area) # area doesn't change area = pi*(radius**2) print(area) ############################# #### COMMENTING LINES ####### ############################# # to comment MANY lines at a time, highlight all of them then CTRL+1 # do CTRL+1 again to uncomment them # try it on the next few lines below! #area = pi*(radius**2) #print(area) #radius = radius + 1 #area = pi*(radius**2) #print(area) ############################# #### AUTOCOMPLETE ####### ############################# # Spyder can autocomplete names for you # start typing a variable name defined in your program and hit tab # before you finish typing -- try it below # define a variable a_very_long_variable_name_dont_name_them_this_long_pls = 0 # below, start typing a_ve then hit tab... cool, right! # use autocomplete to change the value of that variable to 1 # use autocomplete to write a line that prints the value of that long variable # notice that Spyder also automatically adds the closed parentheses for you! </pre> </div> </div> ===pdf-Slides for Lecture 1=== Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/mit6_0001f16_lec1/<br> IPFS:<code>QmemB25bVuN2fuiAq3JaDM4J5MYit6HfCCsU3EFTWL7wpF</code><br> ===Problem Set 1=== Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/mit6_0001f16_ps1/<br> IPFS:<code>QmbxaDU9U4hquK4Dhb365nD5qG5eEFUM6NABqXRaux6tRB</code><br> ===Additional Python Resources === Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/mit6_0001f16_additional/<br> IPFS:<code>QmYWPVdHEbhmdFXNR9R46ey5eykyFPeCZ1joXE6z28L1VB</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Additional Python Resources: <div class="mw-collapsible-content"> If you're having trouble with a particular concept or simply want to have access to more information, try one of the following links. ====DOCUMENTATION==== * [[https://docs.python.org/3/library/index.html Official Python 3 Documentation]] - "official"/technical explanation of what a particular function/operator does, examples of correct syntax, what the various libraries are, etc. ====TEXTBOOKS/TUTORIALS==== * [[https://diveintopython3.net/ Dive Into Python]] - another survey of Python syntax, datatypes, etc. * [[http://greenteapress.com/wp/think-python-2e/ Think Python by Allen Downey]] - a good general overview of the Python language. Includes exercises. * [[https://docs.python.org/3/tutorial/ The Official Python Tutorial]] - self-explanatory * [[https://learnpythonthehardway.org/book/ Learn Python the Hard Way]] - (note: for Python 2) another free online text * [[https://docs.python.org/3.0/reference/lexical_analysis.html#id8 Reserved Keywords in Python]] - don't use these as variable names * [[https://peps.python.org/pep-0008/ PEP 8 - Style Guide for Python Code]] - learn what is good and bad style in Python * [[https://checkio.org/ CheckIO]] - learn Python by exploring a game world * [[https://inventwithpython.com/ Invent with Python]] - develop your Python skills by making games or hacking ciphers * [[https://www.codecademy.com/catalog Codecademy]] - (note: for Python 2) learn Python by building web apps and manipulating data; interactive tutorial sequence * [[https://pythontutor.com Python Tutor]] - interactive tutorial sequence of exercises ====DEBUGGING==== * [[https://pythontutor.com/ Python Tutor]] - an excellent way to actually visualize how the interpreter actually reads and executes your code * [[https://www.diffchecker.com/ DiffChecker]] - compares two sets of text and shows you which lines are different * [[https://pythonconquerstheuniverse.wordpress.com/2009/09/10/debugging-in-python/ Debugging in Python]] - steps you can take to try to debug your program ====OTHER Q&A==== * [[https://stackoverflow.com/questions/tagged/python Stack Overflow]] - a large Q&A forum for programming concepts (not just Python). Try searching here before you post on the edX forum, and you may find that someone has already answered your question. ====MORE PRACTICE PROBLEMS==== * [[http://www.pythonchallenge.com/ Python Challenge]] - a series of puzzles you can try to test your Python abilities * [[https://projecteuler.net/ Project Euler]] - additional programming challenges you can try once your Python knowledge becomes stronger; problems are sorted by increasing difficulty * [[https://codingbat.com/python Coding Bat]] - problems you can solve within an online interpreter * [[https://www.codewars.com/?language=python Codewars]] - improve your skills by training on real code challenges MIT OpenCourseWare https://ocw.mit.edu 6.0001 Introduction to Computer Science and Programming in Python Fall 2016 For information about citing these materials or our Terms of Use, visit: https://ocw.mit.edu/terms. </div> </div> ==2== mit-test-course/2/MIT6_0001F16_Lecture_02_300k.mp4<br> https://ipfs.io/ipfs/QmTFdkMJnzUcwgs1hdoF7qtADE2NqTJVaF9CfgULbzSuA9<br> <code>QmTFdkMJnzUcwgs1hdoF7qtADE2NqTJVaF9CfgULbzSuA9</code> <br> <br> mit-test-course/2/ba2947b25b1580e4a84df0ec5dbe5cdd_MIT6_0001F16_Lec2.pdf<br> https://ipfs.io/ipfs/QmNiZvEh6UmpHLTxw4saN7WdojzBokp2JCbucYzrekoQBK<br> <code>QmNiZvEh6UmpHLTxw4saN7WdojzBokp2JCbucYzrekoQBK</code><br> <br> mit-test-course/2/d6ee838ee4c85ace93a4e170cfd83c03_lec2_branch_loops.py<br> https://ipfs.io/ipfs/QmPjEzEu56mqeE19Vth9AkDbAxz7wAWg9zMVvF9FZ1UBvK<br> <code>QmPjEzEu56mqeE19Vth9AkDbAxz7wAWg9zMVvF9FZ1UBvK</code><br> <br> ==3== MIT6_0001F16_Lecture_03_300k.mp4<br> <code>QmTTCsuhbnjXWuigZLSgKAt4DjFsm78MANo3KUMGcK98s1</code><br> <br> 88de925a1fb925e46a08bc5f34d029bd_lec3_strings_algos.py<br> <code>QmYppDgGMptihHA7ixFw2GHvspN8Bw1HY21HtUpQNxi23i</code><br> <br> b9b9a82a29e8746db1facfbd30c07940_MIT6_0001F16_Lec3.pdf<br> <code>QmP2AZfUx8RTqCGamJtPyodFU8dHG8QrBHYKkP79YepEe9</code><br> ==4== MIT6_0001F16_Lecture_04_300k.mp4<br> <code>QmQuc5zpaJdMfRYxTLyZc5DQuota1FjuJiqgWf8ctGmRsU</code><br> <br> 6ba59859535f1566dd57a7279aeba5d1_MIT6_0001F16_Lec4.pdf<br> <code>QmP1p4h21ogMxWeeX2PiDibQbHqWer7ABCsMrfMxEx7QBW</code><br> <br> 9e8439a27af18817e046ac37333d03f6_lec4_functions.py<br> <code>QmNtPQncXMYNBnX4NoNfx2ifetrfvrATamdrsjx4u9iQ7c</code><br> ==5== MIT6_0001F16_Lecture_05_300k.mp4<br> <code>Qmco5sKKQfnWUNP9ZUxLkDhoV6jfjv8L4AdzES7En41AzP</code><br> <br> 1776670e271578eeb99fc25975f20586_MIT6_0001F16_Lec5.pdf<br> <code>QmSdxg2inPbK1FSynNdPUka6CUZtEGG6sdPZgxaAgb46GE</code><br> <br> cdf5f8e7f109952655f4d253ed955555_lec5_tuples_lists.py<br> <code>QmThDori5ETa3U27DFpndU7RmsLgG7zjpqGVxAncCupSuc</code><br> ==6== <br>MIT6_0001F16_Lecture_06_300k.mp4<br> <code>QmVzK3PVETv69Y27UKDfaQQM5um8ByMdYQS3TzD2EkoR42</code><br> <br>876348c652c5353daccc96e1b7d577bb_MIT6_0001F16_Lec6.pdf<br> <code>QmQAqSGJAeoypUMyUnb7hRrziDyRAwymcTGdcaydT5i73s</code><br> <br>706228e592761d9c7c1c073f8ba7a6cc_lec6_recursion_dictionaries.py<br> <code>QmaGhNYnR5yUMYZf4q7qLsNwEW6B7pbLbgJokJBTNSA2FT</code><br> ==7== <br>MIT6_0001F16_Lecture_07_300k.mp4<br> <code>QmUyiqpAUA91w4Xm2Dz2wPr6kE6wTzA1apwJziTdBysRLw</code><br> <br> 51bdde43dfd773ba20747ce5d89119ac_MIT6_0001F16_Lec7.pdf<br> <code>QmcqZoeVrsfBv4Ri6M8KtiLdy3VpKnyznDFhX8zvfd3Qrs</code><br> <br> abdd1d61892ccce9be2ad84e52004e07_lec7_debug_except.py<br> <code>QmeVKCB6ponYr4f72MuNwegukX9t42NTywNHpDPgyNi9ae</code><br> <br> ==8== <br>MIT6_0001F16_Lecture_08_300k.mp4 <br><code>QmZFSSPndvRfPT2vyehuyEQitfb8CzdYkA7orFAKyvhA4u</code><br> <br>7a6f85d03f132dcd9d7592bc4643be1c_MIT6_0001F16_Lec8.pdf <br><code>QmdccChFuYBCiLmufEmk6oXCHybaUQiPXajD3c3xMupiaC</code><br> <br>0705ac9dcc7e637a0e8e9d97eb258a26_lec8_classes.py <br><code>QmQCaZZA75UQ5pAKy8zhcz6Ci8yY13UVHUvsuXmid86GUH</code><br> <br> ==9== <br>MIT6_0001F16_Lecture_09_300k.mp4 <br><code>QmdENonCipE7TK99i7dFz9paqDUSefR4PFdveEmVi5oXAb</code><br> <br>2dd6c75e7b4bd6bd135078e6f3701201_MIT6_0001F16_Lec9.pdf <br><code>QmbaJFk4mFRmCbtQybK94etyfRA2LcM22Kfvjbvdf6X8Gw</code><br> <br>bf8e8195044d5f6aefc1a455968e2f3e_lec9_inheritance.py <br><code>QmQ7UB4PaGBRHvHfDshrASwynvansFVXrp3RNULwhThUsC</code><br> <br> ==10== <br>MIT6_0001F16_Lecture_10_300k.mp4 <br><code>QmQNooq1g25LFp1Fxj2tfpKKMKi8NbutkhuXNf5Ppo7t5f</code><br> <br>066eba6ea6d56a88e56ae325940d4c4c_MIT6_0001F16_Lec10.pdf <br><code>QmbyP59ttPKGe5ZNADsgqTsgBF3oYGzhZXFfBhszG2nuPm</code><br> <br>bfa32fd241d88ae02cd3157aed232bac_lec10_complexity_part1.py <br><code>QmUtgXQXjj2C3qb2UXFrPmKHkFdEjmehk4ZLQhcZ37rEmw</code><br> <br> ==11== <br>MIT6_0001F16_Lecture_11_300k.mp4 <br><code>QmR7Ned6iZytjpVHVN6W53EZ5Qg4Zd6EkEcXxn8DjYMgrd</code><br> <br>bb953fb81d4afa3bc837c16eba613955_MIT6_0001F16_Lec11.pdf <br><code>QmNPjN3616QdmEWLPokwuTkLL1vrzcLVRSFLWUcukqtxZL</code><br> <br>bdf800867e6762c6758ecd2230178f41_lec11_complexity_part2.py <br><code>QmdpwFTFkwnkqWW3CozBBAfeYHchDeVAV7ArkA1dUqbUZ4</code><br> <br> ==12== <br>MIT6_0001F16_Lecture_12_300k.mp4 <br><code>QmPWidAv5mBrgEcKDVqWe62JaAiwBWs8KZc1S8r3bbJsvY</code><br> <br>6425d0dabb1cea1a076b8c46c0ae2da6_MIT6_0001F16_Lec12.pdf <br><code>QmToP68Knz71euVuntRWtz6UshRoiRssELJNFMeP1f2sR5</code><br> <br>310536cd5f5aa1fc0c11726ce13c565e_lec12_sorting.py <br><code>QmbV8ct8DEQyRGRDSX4PaQBXk8r8ryYLDNwTa2buC7kcP5</code><br> <br> fqusek3hccw7f2a54xh5oxgti0bi7ug 642 449 2025-08-28T16:02:00Z AwesomO 5 /* Lecture 1: What is Computation? */ 642 wikitext text/x-wiki {{:LICENCE_HEADER_CC_BY-NC-SA_4.0}} <!-- This site is non commercial and is a concept development. <br> Note - this is quickly put together to test and demonstrate hosting heavy data content on IPFS. --> <b> NOTE: This page is for demonstration purposes Only, and is not meant to be hosted on CompleteNoobs.com which is not intended to contain CC_BY-NC-SA Licensed Content. <br> This page is CC_BY-NC-SA It is intended for a fork of "CompleteNoobs.com" called "CompleteNoobz.com" <br> CompleteNoobz.com is a noncommercial mirror of CompleteNoobs.com Which can pullin CC_BY-NC-SA Licensed Content <br> This page is quickly put together to test and demonstrate hosting heavy data content on IPFS. <br> It is a first draft (UNFINISHED) and required many more Reiterations, This content is first draft concept demonstration content. </b> ==Course Information== ===Source=== https://ocw.mit.edu/MIT OPEN COURSEWARE - MASSACHUSETTS INSTITUTE OF TECHNOLOGY.<br> Donations to support MIT Open Courseware <code>https://giving.mit.edu/give/to/ocw/</code><br> <br> https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/download/<br> https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/pages/assignments/<br> https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/lecture-videos/<br> ==Syllabus== <div class="toccolours mw-collapsible mw-collapsed"> Syllabus <div class="mw-collapsible-content"> ===Course Meeting Times=== Lectures: 2 sessions / week, 1 hour / session Recitations: 1 sessions / week, 1 hour / session ===Course Information=== 6.0001 Introduction to Computer Science and Programming in Python is intended for students with little or no programming experience. It aims to provide students with an understanding of the role computation can play in solving problems and to help students, regardless of their major, feel justifiably confident of their ability to write small programs that allow them to accomplish useful goals. The class will use the Python 3.5 programming language. This is a half-semester course. Students who successfully complete 6.0001 may continue into 6.0002 Introduction to Computational Thinking and Data Science, which is taught in the second half of the semester. ===Goals=== *Provide an understanding of the role computation can play in solving problems. *Help students, including those who do not plan to major in Computer Science and Electrical Engineering, feel confident of their ability to write small programs that allow them to accomplish useful goals. *Position students so that they can compete for research projects and excel in subjects with programming components. ===Textbook=== The textbook is Buy at MIT Press Guttag, John. Introduction to Computation and Programming Using Python: With Application to Understanding Data Second Edition. MIT Press, 2016. ISBN: 9780262529624. The book and the course lectures parallel each other, though there is more detail in the book about some topics. It is available both in hard copy and as an e-book. ===Lecture and Recitation Attendance=== A significant portion of the material for this course will presented only in lecture, so students are expected to regularly attend lectures. Recitations give students a chance to ask questions about the lecture material or the problem set for the given week. Sometimes, new material may be covered in recitation. Recitation attendance is encouraged but not required. ===Problem Sets and Quizzes=== Each problem set will involve programming in Python. There will be 6 problem sets in the course. There will be two quizzes. All quizzes will be closed-book, though you will be allowed to bring one page of notes to the first quiz and two pages of notes to the second quiz. Pages must be letter-sized, double-sided, either handwritten or typed. ===Grading Policy=== {| class="wikitable" |+ Grades will be roughly computed as follows: |- |ACTIVITIES |PERCENTAGES |- |Problem sets |30% |- |Completion of mandatory finger exercises |10% |- |Midterm Quiz |20% |- |Final Quiz |40% |} Problem sets will be graded out of 10 points. Submissions that do not run will receive at most 20% of the points. Please contact your Teaching Assistant if you have a problem understanding your problem set grade. Note: Quizzes and finger exercises are not available on OpenCourseWare. ===Extension and Dropping Problem Sets Policy=== We do not grant any extensions. Instead, we offer late days and the option of rolling at most 2 problem set grades into the final quiz score. ===Late Days=== At the beginning of the term, students are given two late days that they can use on problem sets. Starting with Problem Set 1, additional late days can be accumulated for each assignment, one late day for each day the assignment is turned in ahead of the deadline. Up to three late days may be accumulated in this fashion in this course, i.e you can only have a maximum of 3 late days at any point in time. Late days are discrete (a student cannot use half a late day). The staff will keep track of late days and feedback for each problem set will include the number of late days the student has remaining. Any additional late work beyond these late days will not be accepted. To avoid surprises, we suggest that after you submit your problem set, you double check to make sure the submission was uploaded correctly. ===Rolling Over Problem Sets=== Before the final quiz, we will send out an announcement in which you can choose at most 2 problem sets that you can drop. If dropped, the percent that the problem sets are worth will be rolled into the final quiz score. We strongly urge you to see the late days and dropping the problem sets as backup in case of an emergency. Your best strategy is to do the problem sets early before work starts to pile up. ===Calendar=== {| class="wikitable" |+ Calendar |- |SES # |TOPICS |ASSIGNMENTS |- |1 |What is computation? |Pset 0 released |- |2 |Branching and Iteration |Pset 1 released |- |3 |String Manipulation, Guess and Check, Approximations, Bisection |Pset 0 due |- |4 |Decomposition, Abstractions, Functions |Pset 2 released |- |5 |Tuples, Lists, Aliasing, Mutability, Cloning |Pset 1 due |- |6 |Recursion, Dictionaries |Pset 3 released |- |7 |Testing, Debugging, Exceptions, Assertions |Pset 2 due; Quiz 1 |- |8 |Object Oriented Programming | |- |9 |Python Classes and Inheritance |Pset 3 due; Pset 4 released |- |10 |Understanding Program Efficiency, Part 1 |Pset 4 due; Pset 5 released |- |11 |Understanding Program Efficiency, Part 2 | |- |12 |Searching and Sorting |Pset 5 due; Final Quiz |} </div> </div> ==Course Materials== ===Downloading Using IPFS=== <code>https://github.com/ipfs/ipfs-desktop/releases</code><br> [[IPFS_Basics|PFS Basics]] ===Software=== This class is using python3 IDE <b>spyder</b> which is in Anaconda3<br> https://www.anaconda.com/<br> How to install is on Problem Set 0<br> ===MIT6_0001F16_Style Guide=== Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/mit6_0001f16_styleguide/<br> IPFS:<code>QmUmtyNpSLr2fXwGY1gL2hNnpwbYe8Y7CP2rPwjSNXasxJ</code><br> ==Problem Set 0== Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/ps0/<br> IPFS:<code>QmRWpBvwUNiFRjSvgLjRoiCNXQBBL2aLg55PVfGWw7S1ns</code><br> ==Lecture 1: What is Computation?== <youtube>4-CmQesbQvw</youtube> <br> Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/lecture-1-what-is-computation/<br> IPFS:<code>QmaTdTMxWdz6ySLbx258zQU5McpJTo4ZEVJ63GSKmVEyeM</code><br> ===Glossary=== <div class="toccolours mw-collapsible mw-collapsed"> Glossary for lecture with timestamps: <div class="mw-collapsible-content"> Time: data<br> 2:10 pset = problem set<br> 12:18 [[Square_root]]<br> </div> </div> ===Video transcript=== <div class="toccolours mw-collapsible mw-collapsed"> Video transcript <div class="mw-collapsible-content"> <pre> The following content is provided under a Creative 0:03Commons license. 0:04Your support will help MIT OpenCourseWare 0:07continue to offer high-quality, educational resources for free. 0:11To make a donation, or view additional materials 0:13from hundreds of MIT courses, visit MIT OpenCourseWare 0:17at ocw.mit.edu. 0:29ANA BELL: All right. 0:30Let's begin. 0:33As I mentioned before, this lecture 0:35will be recorded for OCW. 0:37Again, in future lectures, if you 0:39don't want to have the back of your head show up, 0:41just don't sit in this front area here. 0:44First of all, wow, what a crowd, you guys. 0:46We're finally in 26-100. 0:486.0001 made it big, huh? 0:52Good afternoon and welcome to the very first class of 6.0001, 0:55and also 600, this semester. 0:58My name is Ana Bell. 1:00First name, Ana. 1:01Last name, Bell. 1:03I'm a lecturer in the EECS Department. 1:06And I'll be giving some of the lectures for today, 1:08along with later on in the term, Professor Eric Grimson, who's 1:13sitting right down there, will be giving some of the lectures, 1:15as well. 1:17Today we're going to go over some basic administrivia, 1:21a little bit of course information. 1:23And then, we're going to talk a little bit 1:24about what is computation? 1:26We'll discuss at a very high level 1:27what computers do just to make sure we're all 1:29on the same page. 1:31And then, we're going to dive right into Python basics. 1:34We're going to talk a little bit about mathematical operations 1:36you can do with Python. 1:38And then, we're going to talk about Python variables 1:40and types. 1:42As I mentioned in my introductory email, all 1:43the slides and code that I'll talk about during lectures 1:46will be up before lecture, so I highly 1:48encourage you to download them and to have them open. 1:52We're going to go through some in-class exercises which will 1:56be available on those slides. 1:57And it's fun to do. 1:59And it's also great if could take notes about the code just 2:07for future reference. 2:09It's true. 2:10This is a really fast-paced course, 2:12and we ramp up really quickly. 2:14We do want to position you to succeed in this course. 2:17As I was writing this, I was trying 2:19to think about when I was first starting 2:21to program what helped me get through my very 2:24first programming course. 2:26And this is really a good list. 2:29The first thing was I just read the psets as soon 2:31as they came out, made sure that the terminology just sunk in. 2:37And then, during lectures, if the lecturer 2:39was talking about something that suddenly I remembered, 2:42oh, I saw that word in the pset and I didn't know what it was. 2:45Well, hey, now I know what it is. 2:46Right? 2:47So just give it a read. 2:48You don't need to start it. 2:51If you're new to programming, I think the key word is practice. 2:55It's like math or reading. 2:57The more you practice, the better you get at it. 3:00You're not going to absorb programming 3:01by watching me write programs because I already know how 3:04to program. 3:05You guys need to practice. 3:07Download the code before lecture. 3:09Follow along. 3:10Whatever I type, you guys can type. 3:12And I think, also, one of the big things 3:14is if you're new to programming, you're 3:16kind of afraid that you're going to break your computer. 3:19And you can't really do that just by running Anaconda 3:24and typing in some commands. 3:26So don't be afraid to just type some stuff in 3:28and see what it does. 3:29Worst case, you just restart the computer. 3:35Yeah. 3:36That's probably the big thing right there. 3:38I should have probably highlighted it, 3:39but don't be afraid. 3:40Great. 3:41So this is pretty much a roadmap of all of 6.0001 or 600 3:46as I've just explained it. 3:47There's three big things we want to get out of this course. 3:51The first thing is the knowledge of concepts, 3:54which is pretty much true of any class that you'll take. 3:56The class will teach you something through lectures. 3:59Exams will test how much you know. 4:02This is a class in programming. 4:05The other thing we want you to get out of it 4:08is programming skills. 4:10And the last thing, and I think this 4:12is what makes this class really great, 4:13is we teach you how to solve problems. 4:16And we do that through the psets. 4:18That's really how I feel the roadmap of this course 4:21looks like. 4:22And underlying all of these is just practice. 4:25You have to just type some stuff away and code a lot. 4:29And you'll succeed in this course, I think. 4:33OK. 4:35So what are the things we're going to learn in this class? 4:38I feel like the things we're going learn in this class 4:41can be divided into basically three different sections. 4:44The first one is related to these first two items here. 4:50It's really about learning how to program. 4:53Learning how to program, part of it 4:55is figuring out what objects to create. 4:58You'll learn about these later. 5:00How do you represent knowledge with data structures? 5:02That's sort of the broad term for that. 5:04And then, as you're writing programs, 5:06you need to-- programs aren't just linear. 5:08Sometimes programs jump around. 5:10They make decisions. 5:11There's some control flow to programs. 5:13That's what the second line is going to be about. 5:18The second big part of this course 5:20is a little bit more abstract, and it 5:24deals with how do you write good code, good style, 5:29code that's readable. 5:30When you write code, you want to write it such 5:33that-- you're in big company, other people will read it, 5:35other people will use it, so it has 5:37to be readable and understandable by others. 5:40To that end, you need to write code 5:41that's well organized, modular, easy to understand. 5:48And not only that, not only will your code 5:50be read by other people, but next year, maybe, 5:53you'll take another course, and you'll 5:55want to look back at some of the problems 5:56that you wrote in this class. 5:58You want to be able to reread your code. 6:00If it's a big mess, you might not be able to understand-- 6:03or reunderstand-- what you were doing. 6:06So writing readable code and organizing code 6:08is also a big part. 6:10And the last section is going to deal with-- the first two 6:15are actually part of the programming in Introduction 6:19to Programming and Computer Science in Python. 6:21And the last one deals mostly with the computer science part 6:26in Introduction to Programming and Computer Science in Python. 6:29We're going to talk about, once you have learned 6:31how to write programs in Python, how do 6:33you compare programs in Python? 6:35How do you know that one program is better than the other? 6:38How do you know that one program is 6:39more efficient than the other? 6:41How do you know that one algorithm 6:42is better than the other? 6:45That's what we're going to talk about in the last part 6:47of the course. 6:48OK. 6:50That's all for the administrative part 6:52of the course. 6:54Let's start by talking at a high level what does a computer do. 6:59Fundamentally, it does two things. 7:03One, performs calculations. 7:05It performs a lot of calculations. 7:07Computers these days are really, really fast, 7:09a billion calculations per second is probably not far off. 7:15It performs these calculations and it 7:16has to store them somewhere. 7:18Right? 7:19Stores them in computer memory. 7:21So a computer also has to remember results. 7:24And these days, it's not uncommon to find computers 7:26with hundreds of gigabytes of storage. 7:30The kinds of calculations that computers do, 7:34there are two kinds. 7:35One are calculations that are built into the language. 7:37These are the very low level types 7:39of calculations, things like addition, 7:41subtraction, multiplication, and so on. 7:45And once you have a language that 7:47has these primitive calculation types, you, as a programmer, 7:53can put these types together and then define 7:55your own calculations. 7:57You can create new types of calculations. 8:00And the computer will be able to perform those, as well. 8:04I think, one thing I want to stress-- 8:07and we're going to come back to this 8:09again during this entire lecture, actually-- 8:12is computers only know what you tell them. 8:15Computers only do what you tell them to do. 8:18They're not magical. 8:19They don't have a mind. 8:22They just know how to perform calculations really, 8:24really quickly. 8:26But you have to tell them what calculations to do. 8:32Computers don't know anything. 8:34All right. 8:35We've come to that. 8:40Let's go into the types of knowledge. 8:44The first type of knowledge is declarative knowledge. 8:48And those are things like statements of fact. 8:50And this is where my email came into play. 8:53If you read it all the way to the bottom, 8:55you would have entered a raffle. 8:57So a statement of fact for today's lecture 8:59is, someone will win a prize before class ends. 9:03And the prize was a Google Cardboard. 9:06Google state-of-the-art virtual reality glasses. 9:09And I have them right here. 9:14Yea. 9:15I delivered on my promise. 9:18That's a statement of fact. 9:20So pretend I'm a machine. 9:22OK? 9:23I don't know anything except what you tell me. 9:26I don't know. 9:28I know that you tell me this statement. 9:30I'm like, OK. 9:31But how is someone going to win a Google Cardboard 9:33before class ends, right? 9:35That's where imperative knowledge comes in. 9:37Imperative knowledge is the recipe, or the how-to, 9:39or the sequence of steps. 9:42Sorry. 9:43That's just my funny for that one. 9:47So the sequence of steps is imperative knowledge. 9:53If I'm a machine, you need to tell me 9:57how someone will win a Google Cardboard before class. 10:00If I follow these steps, then technically, 10:02I should reach a conclusion. 10:06Step one, I think we've already done that. 10:08Whoever wanted to sign up has signed up. 10:11Now I'm going to open my IDE. 10:13I'm just basically being a machine 10:14and following the steps that you've told me. 10:17The IDE that we're using in this class is called Anaconda. 10:21I'm just scrolling down to the bottom. 10:25Hopefully, you've installed it in problem set zero. 10:28I've opened my IDE. 10:30I'm going to follow the next set of instructions. 10:34I'm going to choose a random number between the first 10:36and the nth responder. 10:39Now, I'm going to actually use Python to do this . 10:42And this is also an example of how just 10:44a really simple task in your life, 10:46you can use computers or programming to do that. 10:48Because if I chose a random number, 10:50I might be biased because, for example, 10:51I might like the number 8. 10:53To choose a random number, I'm going to go and say, OK, 10:57where's the list of responders? 10:58It starts at 15. 10:59Actually, it starts at 16 because that's me. 11:03We're going to choose a random number between 16 11:05and the end person 266. 11:09Oh, we just got-- oh. 11:11OK. 11:13OK. 11:13I'm going to cut it off right here. 11:15271. 11:15OK. 11:1616 and 271. 11:18Perfect. 11:19OK. 11:20I'm going to choose a random number. 11:21I'm going to go to my IDE. 11:22And you don't need to know how to do this yet, 11:24but by the end of this class, you will. 11:26I'm just going to use Python. 11:29I'm just going to get the random number package that's going 11:31to give me a random number. 11:32I'm going to say random.randint. 11:35And I'm going to choose a random number between 16 and 272, 11:40OK. 11:4175. 11:42OK. 11:43Great. 11:44I chose a random number. 11:45And I'm going to find the number in the responder's sheet. 11:48What was the number again? 11:49Sorry. 11:5175. 11:52OK. 11:54Up we go. 11:56There we go. 11:57Lauren Z-O-V. Yeah. 12:01Nice. 12:02You're here. 12:14Awesome. 12:16All right. 12:17That's an example of me being a machine and also, 12:21at the same time, using Python in my everyday life, 12:23just lecturing, to find a random number. 12:28Try to use Python wherever you can. 12:30And that just gives you practice. 12:34That was fun. 12:35But we're at MIT. 12:37We're MIT students. 12:39And we love numbers here at MIT. 12:41Here's a numerical example that shows 12:44the difference between declarative and imperative 12:46knowledge. 12:50An example of declarative knowledge 12:51is the square root of a number x is y such that y times y 12:54is equal to x. 12:57That's just a statement of fact It's true. 13:02Computers don't know what to do with that. 13:05They don't know what to do with that statement. 13:07But computers do know how to follow a recipe. 13:11Here's a well-known algorithm. 13:13To find the square root of a number x, 13:16let's say x is originally 16, if a computer follows 13:23this algorithm, it's going to start with a guess, g, 13:26let's say, 3. 13:28We're trying to find the square root of 16. 13:30We're going to calculate g times g is 9. 13:34And we're going to ask is if g times g 13:36is close enough to x, then stop and say, g is the answer. 13:39I'm not really happy with 9 being really close to 16. 13:42So I'm going to say, I'm not stopping here. 13:44I'm going to keep going. 13:47If it's not close enough, then I'm 13:48going to make a new guess by averaging g and x over g. 13:52That's x over g here. 13:54And that's the average over there. 13:57And the new average is going to be my new guess. 14:04And that's what it says. 14:05And then, the last step is using the new guess, 14:07repeat the process. 14:08Then we go back to the beginning and repeat the whole process 14:11over and over again. 14:13And that's what the rest of the rows do. 14:15And you keep doing this until you decide 14:16that you're close enough. 14:23What we saw for the imperative knowledge 14:25in the previous numerical example 14:26was the recipe for how to find the square root of x. 14:31What were the three parts of the recipe? 14:33One was a simple sequence of steps. 14:36There were four steps. 14:39The other was a flow of control, so there were 14:42parts where we made decisions. 14:45Are we close enough? 14:46There were parts where we repeated some steps. 14:49At the end, we said, repeat steps 1, 2, 3. 14:52That's the flow of control. 14:55And the last part of the recipe was a way to stop. 14:58You don't want a program that keeps going and going. 15:00Or for a recipe, you don't want to keep baking bread forever. 15:03You want to stop at some point. 15:05Like 10 breads is enough, right? 15:07So you have to have a way of stopping. 15:10In the previous example, the way of stopping 15:12was that we decided we were close enough. 15:15Close enough was maybe being within .01, .001, 15:20whatever you pick. 15:23This recipe is there for an algorithm. 15:26In computer science speak, it's going to be an algorithm. 15:29And that's what we're going to learn about in this class. 15:34We're dealing with computers. 15:35And we actually want to capture a recipe 15:37inside a computer, a computer being a mechanical process. 15:49Historically, there were two different types of computers. 15:55Originally, there were these things 15:57called fixed-program computers. 15:59And I'm old enough to have used something 16:02like this, where there's just numbers and plus, minus, 16:06multiplication, divide, and equal. 16:08But calculators these days are a lot more complicated. 16:11But way back then, an example of a fixed-program computer 16:15is this calculator. 16:16It only knows how to do addition, multiplication, 16:19subtraction, division. 16:20If you want to plot something, you can't. 16:22If you want to go on the internet, send email with it, 16:27you can't. 16:27It can only do this one thing. 16:31And if you wanted to create a machine that did another thing, 16:33then you'd have to create another fixed-program computer 16:37that did a completely separate test. 16:39That's not very great. 16:41That's when stored-program computers came into play. 16:45And these were machines that could store 16:47a sequence of instructions. 16:50And these machines could execute the sequence of instructions. 16:54And you could change the sequence of instructions 16:56and execute this different sequence of instructions. 17:00You could do different tasks in the same machine. 17:03And that's the computer as we know it these days. 17:07The central processing unit is where all of these decisions 17:11get made. 17:11And these are all the peripherals. 17:16The basic machine architecture-- at the heart of every computer 17:20there's just this basic architecture-- 17:25and it contains, I guess, four main parts. 17:28The first is the memory. 17:31Input and output is the other one. 17:34The ALU is where all of the operations are done. 17:39And the operations that the ALU can do 17:41are really primitive operations, addition, subtraction, 17:44and so on. 17:46What the memory contains is a bunch of data 17:52and your sequence of instructions. 18:00Interacting with the Arithmetic Logic Unit is the Control Unit. 18:03And the Control Unit contains one program counter. 18:07When you load a sequence of instructions, 18:09the program counter starts at the first sequence. 18:15It starts at the sequence, at the first instruction. 18:18It gets what the instruction is, and it sends it to the ALU. 18:22The ALU asks, what are we doing operations on here? 18:25What's happening? 18:27It might get some data. 18:29If you're adding two numbers, it might get two numbers 18:31from memory. 18:33It might do some operations. 18:34And it might store data back into memory. 18:37And after it's done, the ALU is going to go back, 18:41and the program counter is going to increase 18:43by 1, which means that we're going 18:45to go to the next sequence in the instruction set. 18:50And it just goes linearly, instruction by instruction. 18:53There might be one particular instruction 18:56that does some sort of test. 18:58It's going to say, is this particular value 19:07greater or equal to or the same as this other particular value? 19:11That's a test, an example of a test. 19:13And the test is going to either return true or false. 19:17And depending on the result of that test, 19:20you might either go to the next instruction, 19:24or you might set the program counter 19:26to go all the way back to the beginning, and so on. 19:29You're not just linearly stepping 19:32through all the instructions. 19:33There might be some control flow involved, 19:35where you might skip an instruction, 19:36or start from the beginning, or so on. 19:39And after you're done, when you finished 19:42executing the last instruction, then you 19:44might output something. 19:47That's really the basic way that a computer works. 19:53Just to recap, you have the stored program computer 19:55that contains these sequences of instructions. 19:59The primitive operations that it can do 20:00are addition, subtraction, logic operations, tests-- 20:06which are something equal to something else, something 20:08less than, and so on-- and moving data, 20:10so storing data, moving data around, and things like that. 20:14And the interpreter goes through every instruction 20:19and decides whether you're going to go to the next instruction, 20:22skip instructions, or repeat instructions, and so on. 20:28So we've talked about primitives. 20:30And in fact, Alan Turing, who was a really great computer 20:35scientist, he showed that you can compute anything 20:37using the six primitives. 20:38And the six primitives are move left, move right, read, write, 20:46scan, and do nothing. 20:49Using those six instructions and the piece of tape, 20:54he showed that you can compute anything. 20:57And using those six instructions, 21:00programming languages came about that 21:03created a more convenient set of primitives. 21:05You don't have to program in only these six commands. 21:11And one interesting thing, or one really important thing, 21:16that came about from these six primitives 21:19is that if you can compute something in Python, 21:22let's say-- if you write a program that computes something 21:25in Python, then, in theory, you can 21:28write a program that computes the exact same thing 21:31in any other language. 21:32And that's a really powerful statement. 21:36Think about that today when you review your slides. 21:39Think about that again. 21:40That's really powerful. 21:45Once you have your set of primitives 21:49for a particular language, you can start creating expressions. 21:53And these expressions are going to be 21:55combinations of the primitives in the programming language. 22:00And the expressions are going to have some value. 22:02And they're going up some meaning in the programming 22:05language. 22:08Let's do a little bit of a parallel with English 22:10just so you see what I mean. 22:14In English, the primitive constructs 22:15are going to be words. 22:17There's a lot of words in the English language. 22:19Programming languages-- in Python, there are primitives, 22:23but there aren't as many of them. 22:25There are floats, Booleans, these 22:28are numbers, strings, and simple operators, 22:31like addition, subtraction, and so on. 22:35So we have primitive constructs. 22:38Using these primitive constructs, 22:39we can start creating, in English, phrases, sentences, 22:48and the same in programming languages. 22:49In English, we can say something like, "cat, dog, boy. 22:54That, we say, is not syntactically valid. 22:58That's bad syntax. 23:00That's noun, noun, noun. 23:01That doesn't make sense. 23:05What does have good syntax in English is noun, verb, noun. 23:08So, "cat, hugs boy" is syntactically valid. 23:12Similarly, in a programming language, 23:14something like this-- in Python, in this case-- a word 23:18and then the number five doesn't really make sense. 23:20It's not syntactically valid. 23:22But something like operator, operand, operator is OK. 23:28So once you've created these phrases, or these expressions, 23:34that are syntactically valid, you 23:37have to think about the static semantics of your phrase, 23:41or of your expression. 23:45For example, in English, "I are hungry" is good syntax. 23:51But it's weird to say. 23:55We have a pronoun, a verb, and an adjective, which 23:58doesn't really make sense. 23:59"I am hungry" is better. 24:03This does not have good static semantics. 24:07Similarly, in programming languages-- 24:09and you'll get the hang of this the more 24:11you do it-- something like this, "3.2 times 5, is OK. 24:15But what does it mean? 24:17What's the meaning to have a word added to a number? 24:22There's no meaning behind that. 24:25Its syntax is OK, because you have 24:28operator, operand, operator. 24:30But it doesn't really make sense to add a number to a word, 24:32for example. 24:36Once you have created these expressions that 24:39are syntactically correct and static, semantically correct, 24:44in English, for example, you think about the semantics. 24:48What's the meaning of the phrase? 24:50In English, you can actually have more than one 24:52meaning to an entire phrase. 24:56In this case, "flying planes can be dangerous" 25:01can have two meanings. 25:02It's the act of flying a plane is dangerous, 25:04or the plane that is in the air is dangerous. 25:08And this might be a cuter example. 25:10"This reading lamp hasn't uttered a word 25:12since I bought it. 25:13What's going on?" 25:15So that has two meanings. 25:16It's playing on the word "reading lamp." 25:21That's in English. 25:21In English, you can have a sentence 25:23that has more than one meaning, that's 25:25syntactically correct and static, semantically correct. 25:28But in programming languages, the program that you write, 25:31the set of instructions that you write, only has one meaning. 25:34Remember, we're coming back to the fact 25:35that the computer only does what you tell it to do. 25:40It's not going to suddenly decide 25:42to add another variable for some reason. 25:46It's just going to execute whatever statements you've 25:49put up. 25:50In programming languages, there's only one meaning. 25:52But the problem that comes into play in programming languages 25:58is it's not the meaning that you might have 25:59intended, as the programmer. 26:03That's where things can go wrong. 26:05And there's going to be a lecture 26:07on debugging a little bit later in the course. 26:10But this is here just to tell you 26:12that if you see an error pop up in your program, 26:16it's just some text that says, error. 26:21For example, if we do something like this, 26:28this is syntactically correct. 26:30Incorrect. 26:31Syntactically incorrect. 26:32See? 26:32There's some angry text right here. 26:36What is going on? 26:37The more you program, the more you'll 26:39get the hang of reading these errors. 26:41But this is basically telling me the line 26:43that I wrote is syntactically incorrect. 26:45And it's pointing to the exact line and says, this is wrong, 26:49so I can go back and fix it as a programmer. 26:55Syntax errors are actually really easily caught by Python. 27:00That was an example of a syntax error. 27:02Static semantic errors can also be 27:04caught by Python as long as, if your program has some decisions 27:09to make, as long as you've gone down the branch where 27:13the static semantic error happens. 27:18And this is probably going to be the most frustrating one, 27:22especially as you're starting out. 27:23The program might do something different than what 27:25you expected it to do. 27:27And that's not because the program suddenly-- for example, 27:32you expected the program to give you an output of 0 27:34for a certain test case, and the output that you got was 10. 27:37Well, the program didn't suddenly 27:39decide to change its answer to 10. 27:42It just executed the program that you wrote. 27:48That's the case where the program gave you 27:50a different answer than expected. 27:53Programs might crash, which means they stop running. 27:55That's OK. 27:57Just go back to your code and figure out what was wrong. 28:00And another example of a different meaning 28:03than what you intended was maybe the program won't stop. 28:06It's also OK. 28:07There are ways to stop it besides restarting 28:10the computer. 28:12So then Python programs are going 28:17to be sequences of definitions and commands. 28:20We're going to have expressions that are going to be evaluated 28:25and commands that tell the interpreter to do something. 28:33If you've done problem set 0, you'll 28:35see that you can type commands directly 28:37in the shell here, which is the part on the right where 28:40I did some really simple things, 2 plus 4. 28:44Or you can type commands up in here, on the left-hand side, 28:49and then run your program. 28:52Notice that, well, we'll talk about this-- I 28:54won't talk about this now. 28:55But these are-- on the right-hand side, typically, 28:59you write very simple commands just if you're 29:01testing something out. 29:03And on the left-hand side here in the editor, 29:04you write more lines and more complicated programs. 29:15Now we're going to start talking about Python. 29:18And in Python, we're going to come back to this, 29:20everything is an object. 29:23And Python programs manipulate these data objects. 29:27All objects in Python are going to have a type. 29:30And the type is going to tell Python the kinds of operations 29:34that you can do on these objects. 29:37If an object is the number five, for example, 29:39you can add the number to another number, 29:42subtract the number, take it to the power of something, 29:45and so on. 29:47As a more general example, for example, I am a human. 29:51So that's my type. 29:52And I can walk, speak English, et cetera. 29:55Chewbacca is going to be a type Wookie. 29:59He can walk, do that sound that I can't do. 30:02He can do that, but I can't. 30:04I'm not even going to try, and so on. 30:09Once you have these Python objects, 30:11everything is an object in Python. 30:14There are actually two types of objects. 30:16One are scalar objects. 30:18That means these are very basic objects in Python from which 30:21everything can be made. 30:24These are scalar objects. 30:26That can't be subdivided. 30:28The other type of object is a non-scalar object. 30:31And these are objects that have some internal structure. 30:33For example, the number five is a scalar 30:36object because it can't be subdivided. 30:39But a list of numbers, for example, 5, 6, 30:417,8, is going to be a non-scalar object 30:45because you can subdivide it. 30:46You can subdivide it into-- you can find parts to it. 30:53It's made up of a sequence of numbers. 30:58Here's the list of all of the scalar objects in Python. 31:01We have integers, for example, all of the whole numbers. 31:05Floats, which are all of the real numbers, anything 31:10with a decimal. 31:11Bools are Booleans. 31:13There's only two values to Booleans. 31:16That's True and False. 31:18Note the capitalization, capital T and capital F. 31:23And this other thing called NoneType. 31:24It's special. 31:26It has only one value called None. 31:28And it represents the absence of a type. 31:30And it sometimes comes in handy for some programs. 31:34If you want to find the type of an object, 31:36you can use this special command called type. 31:39And then in the parentheses, you put down 31:41what you want to find the type of. 31:44You can write into the shell "type of 5," 31:47and the shell will tell you, that's an integer. 31:52If you happen to want to convert between two different types, 31:56Python allows you to do that. 31:58And to do that, you put the type that you 32:01want to convert to right before the object 32:03that you want to convert to. 32:05So float(3) will convert the integer 3 to the float 3.0. 32:12And similarly, you can convert any float into an integer. 32:16And converting to an integer just truncates. 32:20It just takes away the decimal and whatever's 32:22after it-- it does not round-- and keeps just the integer 32:26part. 32:30For this slide, I'm going to talk about it. 32:31But if you'd like if you have the slides up, 32:35go to go to this exercise. 32:37And after I'm done talking about the slide, 32:41we'll see what people think for that exercise. 32:45One of the most important things that you 32:47can do in basically any programming, 32:51in Python also, is to print things out. 32:55Printing out is how you interact with the user. 33:00To print things out, you use the print command. 33:04If you're in the shell, if you simply type "3 plus 2," 33:07you do see a value here. 33:09Five, right? 33:11But that's not actually printing something out. 33:13And that becomes apparent when you actually 33:18type things into the editor. 33:19If you just do "3 plus 2," and you run the program-- that's 33:23the green button here-- you see on the right-hand side here, 33:26it ran my program. 33:27But it didn't actually print anything. 33:30If you type this into the console, 33:32it does show you this value, but that's 33:33just like peeking into the value for you as a programmer. 33:39It's not actually printing it out to anyone. 33:41If you want to print something out, 33:42you have to use the print statement like that. 33:47In this case, this is actually going to print this number 33:50five to the console. 33:58That's basically what it says. 33:59It just tells you it's an interaction within the shell 34:01only. 34:02It's not interacting with anyone else. 34:04And if you don't have any "Out," that 34:06means it got printed out to the console. 34:09All right. 34:09We talked a little bit about objects. 34:13Once you have objects, you can combine objects and operators 34:16to form these expressions. 34:17And each expression is going to have a value. 34:19So an expression evaluates to a value. 34:22The syntax for an expression is going 34:24to be object, operator, object, like that. 34:30And these are some operators you can do on ints and floats. 34:34There's the typical ones, addition, subtraction, 34:36multiplication, and division. 34:38If, for the first three, the answer 34:43that you get-- the type of the answer that you get-- 34:45is going to depend on the type of your variables. 34:48If both of the variables of the operands are integers, 34:52then the result you're going to get is of type integer. 34:55But if at least one of them is a float, then 34:56the result you're going to get is a float. 34:58Division is a little bit special in that 35:02no matter what the operands are, the result 35:04is always going to be a float. 35:09The other operations you can do, and these are also useful, 35:14are the remainder, so the percent sign. 35:19If you use the percent sign between two operands, 35:22that's going to give you the remainder when you divide i 35:25by j. 35:28And raising something to the power of something else 35:30is using the star star operator. 35:32And i star stars j is going to take i to the power of j. 35:41These operations have the typical precedence 35:43that you might expect in math, for example. 35:47And if you'd like to put precedence 35:49toward some other operations, you 35:50can use parentheses to do that. 36:01All right. 36:03So we have ways of creating expressions. 36:07And we have operations we can do on objects. 36:13But what's going to be useful is to be able to save values 36:19to some name. 36:21And the name is going to be something that you pick. 36:24And it should be a descriptive name. 36:27And when you save the value to a name, 36:32you're going to be able to access that value later 36:36on in your program. 36:37And that's very useful. 36:40To save a value to a variable name, you use the equal sign. 36:49And the equal sign is an assignment. 36:51It assigns the right-hand side, which 36:53is a value, to the left-hand side, which 36:55is going to be a variable name. 36:59In this case, I assigned the float 3.14159 37:03to the variable pi. 37:05And in the second line, I'm going 37:08to take this expression, 22 divided by 7, 37:10I'm going to evaluate it. 37:13It's going to come up with some decimal number. 37:16And I'm going to save it into the variable pi_approx. 37:19values are stored in memory. 37:21And this assignment in Python, we 37:22say the assignment binds the name to the value. 37:26When you use that name later on in your program, 37:30you're going to be referring to the value in memory. 37:35And if you ever want to refer to the value 37:37later on in your code, you just simply type 37:39the name of the variable that you've assigned it to. 37:44So why do we want to give names to expressions? 37:48Well, you want to reuse the names instead of the values. 37:51And it makes your code look a lot nicer. 37:54This is a piece of code that calculates 37:56the area of a circle. 37:59And notice, I've assigned a variable pi to 3.14159. 38:03I've assigned another variable called radius to be 2.2. 38:07And then, later on in my code, I have another line 38:09that says area-- this is another variable-- is 38:12equal to-- this is an assignment-- 38:15to this expression. 38:17And this expression is referring to these variable names, pi 38:23and radius. 38:24And it's going look up their values in memory. 38:26And it's going to replace these variable names 38:29with those values. 38:30And it's going to do the calculation for me. 38:32And in the end, this whole expression 38:34is going to be replaced by one number. 38:36And it's going to be the float. 38:40Here's another exercise, while I'm talking about the slide. 38:45I do want to make a note about programming versus math. 38:49In math, you're often presented with a problem 38:55that says, solve for x. 38:57x plus y is equal to something something. 39:00Solve for x, for example. 39:03That's coming back to the fact that computers don't 39:09know what to do with that. 39:10Computers need to be told what to do. 39:12In programming, if you want to solve for x, 39:14you need to tell the computer exactly how to solve for x. 39:18You need to figure out what formula 39:20you need to give the computer in order to be 39:22able to solve for x. 39:25That means always in programming the right-hand side is 39:29going to be an expression. 39:33It's something that's going to be evaluated to a value. 39:35And the left-hand side is always a variable. 39:39It's going to be an assignment. 39:40The equal sign is not like in math 39:43where you can have a lot of things to the left 39:45and a lot of things to the right of the equal sign. 39:47There's only one thing to the left of the equal sign. 39:49And that's going to be a variable. 39:50An equal sign stands for an assignment. 39:53Once we've created expressions, and we have these assignments, 39:57you can rebind variable names using new assignment 39:59statements. 40:03Let's look at an example for that. 40:05Let's say this is our memory. 40:07Let's type back in the example with finding the radius. 40:13Let's say, pi is equal to 3.14. 40:19In memory, we're going to create this value 3.14. 40:22We're going to bind it to the variable named pi. 40:28Next line, radius is equal to 2.2. 40:31In memory, we're creating this value 2.2. 40:35And we're going to bind it to the variable named radius. 40:40Then we have this expression here. 40:44It's going to substitute the values for pi 40:46from memory and the value for radius from memory. 40:49It's going to calculate the value that this expression 40:54evaluates to. 40:56It's going to pop that into the memory. 40:57And it's going to assign-- because we're 40:59using the equal sign-- it's going 41:01to assign that value to that variable area. 41:08Now, let's say we rebind radius to be something else. 41:14Radius i is bound to the value 2.2. 41:21But when we do this line, radius is equal to radius plus 1, 41:24we're going to take away the binding to 2.2. 41:27We're going to do this calculation. 41:29The new value is 3.2. 41:31And we're going to rebind that value to that same variable. 41:38In memory, notice we're still going 41:40to have this value, 2.2, floating around. 41:43But we've lost the handle for it. 41:46There's no way to get it back. 41:48It's just in memory sitting there. 41:52At some point, it might get collected by what 41:55we call the garbage collector. 41:56In Python, And it'll retrieve these lost values, 42:00and it'll reuse them for new values, and things like that. 42:05But radius now points to the new value. 42:08We can never get back 2.2. 42:13And that's it. 42:16The value of area-- notice, this is very important. 42:18The value of area did not change. 42:23And it did not change because these are all the instructions 42:26we told the computer to do. 42:28We just told it to change radius to be radius plus 1. 42:33We never told it to recalculate the value of area. 42:37If I copied that line down here, then the value of area 42:41would change. 42:42But we never told it to do that. 42:44The computer only does what we tell it to do. 42:46That's the last thing. 42:47Next lecture, we're going to talk about adding control 42:51flow to our programs, so how do you tell the computer 42:53to do one thing or another? 42:55All right. </pre> </div> </div> ===Lecture Notes - lecture 1 py=== Source: https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/920cc911b6eb5747f2ccd431bbc4306b_lec1.py<br> <div class="toccolours mw-collapsible mw-collapsed"> lecture 1 py <div class="mw-collapsible-content"> <pre> pi = 3.14159 radius = 2.2 # area of circle equation <- this is a comment area = pi*(radius**2) print(area) # change values of radius <- another comment # use comments to help others understand what you are doing in code radius = radius + 1 print(area) # area doesn't change area = pi*(radius**2) print(area) ############################# #### COMMENTING LINES ####### ############################# # to comment MANY lines at a time, highlight all of them then CTRL+1 # do CTRL+1 again to uncomment them # try it on the next few lines below! #area = pi*(radius**2) #print(area) #radius = radius + 1 #area = pi*(radius**2) #print(area) ############################# #### AUTOCOMPLETE ####### ############################# # Spyder can autocomplete names for you # start typing a variable name defined in your program and hit tab # before you finish typing -- try it below # define a variable a_very_long_variable_name_dont_name_them_this_long_pls = 0 # below, start typing a_ve then hit tab... cool, right! # use autocomplete to change the value of that variable to 1 # use autocomplete to write a line that prints the value of that long variable # notice that Spyder also automatically adds the closed parentheses for you! </pre> </div> </div> ===pdf-Slides for Lecture 1=== Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/mit6_0001f16_lec1/<br> IPFS:<code>QmemB25bVuN2fuiAq3JaDM4J5MYit6HfCCsU3EFTWL7wpF</code><br> ===Problem Set 1=== Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/mit6_0001f16_ps1/<br> IPFS:<code>QmbxaDU9U4hquK4Dhb365nD5qG5eEFUM6NABqXRaux6tRB</code><br> ===Additional Python Resources === Source:https://ocw.mit.edu/courses/6-0001-introduction-to-computer-science-and-programming-in-python-fall-2016/resources/mit6_0001f16_additional/<br> IPFS:<code>QmYWPVdHEbhmdFXNR9R46ey5eykyFPeCZ1joXE6z28L1VB</code><br> <div class="toccolours mw-collapsible mw-collapsed"> Additional Python Resources: <div class="mw-collapsible-content"> If you're having trouble with a particular concept or simply want to have access to more information, try one of the following links. ====DOCUMENTATION==== * [[https://docs.python.org/3/library/index.html Official Python 3 Documentation]] - "official"/technical explanation of what a particular function/operator does, examples of correct syntax, what the various libraries are, etc. ====TEXTBOOKS/TUTORIALS==== * [[https://diveintopython3.net/ Dive Into Python]] - another survey of Python syntax, datatypes, etc. * [[http://greenteapress.com/wp/think-python-2e/ Think Python by Allen Downey]] - a good general overview of the Python language. Includes exercises. * [[https://docs.python.org/3/tutorial/ The Official Python Tutorial]] - self-explanatory * [[https://learnpythonthehardway.org/book/ Learn Python the Hard Way]] - (note: for Python 2) another free online text * [[https://docs.python.org/3.0/reference/lexical_analysis.html#id8 Reserved Keywords in Python]] - don't use these as variable names * [[https://peps.python.org/pep-0008/ PEP 8 - Style Guide for Python Code]] - learn what is good and bad style in Python * [[https://checkio.org/ CheckIO]] - learn Python by exploring a game world * [[https://inventwithpython.com/ Invent with Python]] - develop your Python skills by making games or hacking ciphers * [[https://www.codecademy.com/catalog Codecademy]] - (note: for Python 2) learn Python by building web apps and manipulating data; interactive tutorial sequence * [[https://pythontutor.com Python Tutor]] - interactive tutorial sequence of exercises ====DEBUGGING==== * [[https://pythontutor.com/ Python Tutor]] - an excellent way to actually visualize how the interpreter actually reads and executes your code * [[https://www.diffchecker.com/ DiffChecker]] - compares two sets of text and shows you which lines are different * [[https://pythonconquerstheuniverse.wordpress.com/2009/09/10/debugging-in-python/ Debugging in Python]] - steps you can take to try to debug your program ====OTHER Q&A==== * [[https://stackoverflow.com/questions/tagged/python Stack Overflow]] - a large Q&A forum for programming concepts (not just Python). Try searching here before you post on the edX forum, and you may find that someone has already answered your question. ====MORE PRACTICE PROBLEMS==== * [[http://www.pythonchallenge.com/ Python Challenge]] - a series of puzzles you can try to test your Python abilities * [[https://projecteuler.net/ Project Euler]] - additional programming challenges you can try once your Python knowledge becomes stronger; problems are sorted by increasing difficulty * [[https://codingbat.com/python Coding Bat]] - problems you can solve within an online interpreter * [[https://www.codewars.com/?language=python Codewars]] - improve your skills by training on real code challenges MIT OpenCourseWare https://ocw.mit.edu 6.0001 Introduction to Computer Science and Programming in Python Fall 2016 For information about citing these materials or our Terms of Use, visit: https://ocw.mit.edu/terms. </div> </div> ==2== mit-test-course/2/MIT6_0001F16_Lecture_02_300k.mp4<br> https://ipfs.io/ipfs/QmTFdkMJnzUcwgs1hdoF7qtADE2NqTJVaF9CfgULbzSuA9<br> <code>QmTFdkMJnzUcwgs1hdoF7qtADE2NqTJVaF9CfgULbzSuA9</code> <br> <br> mit-test-course/2/ba2947b25b1580e4a84df0ec5dbe5cdd_MIT6_0001F16_Lec2.pdf<br> https://ipfs.io/ipfs/QmNiZvEh6UmpHLTxw4saN7WdojzBokp2JCbucYzrekoQBK<br> <code>QmNiZvEh6UmpHLTxw4saN7WdojzBokp2JCbucYzrekoQBK</code><br> <br> mit-test-course/2/d6ee838ee4c85ace93a4e170cfd83c03_lec2_branch_loops.py<br> https://ipfs.io/ipfs/QmPjEzEu56mqeE19Vth9AkDbAxz7wAWg9zMVvF9FZ1UBvK<br> <code>QmPjEzEu56mqeE19Vth9AkDbAxz7wAWg9zMVvF9FZ1UBvK</code><br> <br> ==3== MIT6_0001F16_Lecture_03_300k.mp4<br> <code>QmTTCsuhbnjXWuigZLSgKAt4DjFsm78MANo3KUMGcK98s1</code><br> <br> 88de925a1fb925e46a08bc5f34d029bd_lec3_strings_algos.py<br> <code>QmYppDgGMptihHA7ixFw2GHvspN8Bw1HY21HtUpQNxi23i</code><br> <br> b9b9a82a29e8746db1facfbd30c07940_MIT6_0001F16_Lec3.pdf<br> <code>QmP2AZfUx8RTqCGamJtPyodFU8dHG8QrBHYKkP79YepEe9</code><br> ==4== MIT6_0001F16_Lecture_04_300k.mp4<br> <code>QmQuc5zpaJdMfRYxTLyZc5DQuota1FjuJiqgWf8ctGmRsU</code><br> <br> 6ba59859535f1566dd57a7279aeba5d1_MIT6_0001F16_Lec4.pdf<br> <code>QmP1p4h21ogMxWeeX2PiDibQbHqWer7ABCsMrfMxEx7QBW</code><br> <br> 9e8439a27af18817e046ac37333d03f6_lec4_functions.py<br> <code>QmNtPQncXMYNBnX4NoNfx2ifetrfvrATamdrsjx4u9iQ7c</code><br> ==5== MIT6_0001F16_Lecture_05_300k.mp4<br> <code>Qmco5sKKQfnWUNP9ZUxLkDhoV6jfjv8L4AdzES7En41AzP</code><br> <br> 1776670e271578eeb99fc25975f20586_MIT6_0001F16_Lec5.pdf<br> <code>QmSdxg2inPbK1FSynNdPUka6CUZtEGG6sdPZgxaAgb46GE</code><br> <br> cdf5f8e7f109952655f4d253ed955555_lec5_tuples_lists.py<br> <code>QmThDori5ETa3U27DFpndU7RmsLgG7zjpqGVxAncCupSuc</code><br> ==6== <br>MIT6_0001F16_Lecture_06_300k.mp4<br> <code>QmVzK3PVETv69Y27UKDfaQQM5um8ByMdYQS3TzD2EkoR42</code><br> <br>876348c652c5353daccc96e1b7d577bb_MIT6_0001F16_Lec6.pdf<br> <code>QmQAqSGJAeoypUMyUnb7hRrziDyRAwymcTGdcaydT5i73s</code><br> <br>706228e592761d9c7c1c073f8ba7a6cc_lec6_recursion_dictionaries.py<br> <code>QmaGhNYnR5yUMYZf4q7qLsNwEW6B7pbLbgJokJBTNSA2FT</code><br> ==7== <br>MIT6_0001F16_Lecture_07_300k.mp4<br> <code>QmUyiqpAUA91w4Xm2Dz2wPr6kE6wTzA1apwJziTdBysRLw</code><br> <br> 51bdde43dfd773ba20747ce5d89119ac_MIT6_0001F16_Lec7.pdf<br> <code>QmcqZoeVrsfBv4Ri6M8KtiLdy3VpKnyznDFhX8zvfd3Qrs</code><br> <br> abdd1d61892ccce9be2ad84e52004e07_lec7_debug_except.py<br> <code>QmeVKCB6ponYr4f72MuNwegukX9t42NTywNHpDPgyNi9ae</code><br> <br> ==8== <br>MIT6_0001F16_Lecture_08_300k.mp4 <br><code>QmZFSSPndvRfPT2vyehuyEQitfb8CzdYkA7orFAKyvhA4u</code><br> <br>7a6f85d03f132dcd9d7592bc4643be1c_MIT6_0001F16_Lec8.pdf <br><code>QmdccChFuYBCiLmufEmk6oXCHybaUQiPXajD3c3xMupiaC</code><br> <br>0705ac9dcc7e637a0e8e9d97eb258a26_lec8_classes.py <br><code>QmQCaZZA75UQ5pAKy8zhcz6Ci8yY13UVHUvsuXmid86GUH</code><br> <br> ==9== <br>MIT6_0001F16_Lecture_09_300k.mp4 <br><code>QmdENonCipE7TK99i7dFz9paqDUSefR4PFdveEmVi5oXAb</code><br> <br>2dd6c75e7b4bd6bd135078e6f3701201_MIT6_0001F16_Lec9.pdf <br><code>QmbaJFk4mFRmCbtQybK94etyfRA2LcM22Kfvjbvdf6X8Gw</code><br> <br>bf8e8195044d5f6aefc1a455968e2f3e_lec9_inheritance.py <br><code>QmQ7UB4PaGBRHvHfDshrASwynvansFVXrp3RNULwhThUsC</code><br> <br> ==10== <br>MIT6_0001F16_Lecture_10_300k.mp4 <br><code>QmQNooq1g25LFp1Fxj2tfpKKMKi8NbutkhuXNf5Ppo7t5f</code><br> <br>066eba6ea6d56a88e56ae325940d4c4c_MIT6_0001F16_Lec10.pdf <br><code>QmbyP59ttPKGe5ZNADsgqTsgBF3oYGzhZXFfBhszG2nuPm</code><br> <br>bfa32fd241d88ae02cd3157aed232bac_lec10_complexity_part1.py <br><code>QmUtgXQXjj2C3qb2UXFrPmKHkFdEjmehk4ZLQhcZ37rEmw</code><br> <br> ==11== <br>MIT6_0001F16_Lecture_11_300k.mp4 <br><code>QmR7Ned6iZytjpVHVN6W53EZ5Qg4Zd6EkEcXxn8DjYMgrd</code><br> <br>bb953fb81d4afa3bc837c16eba613955_MIT6_0001F16_Lec11.pdf <br><code>QmNPjN3616QdmEWLPokwuTkLL1vrzcLVRSFLWUcukqtxZL</code><br> <br>bdf800867e6762c6758ecd2230178f41_lec11_complexity_part2.py <br><code>QmdpwFTFkwnkqWW3CozBBAfeYHchDeVAV7ArkA1dUqbUZ4</code><br> <br> ==12== <br>MIT6_0001F16_Lecture_12_300k.mp4 <br><code>QmPWidAv5mBrgEcKDVqWe62JaAiwBWs8KZc1S8r3bbJsvY</code><br> <br>6425d0dabb1cea1a076b8c46c0ae2da6_MIT6_0001F16_Lec12.pdf <br><code>QmToP68Knz71euVuntRWtz6UshRoiRssELJNFMeP1f2sR5</code><br> <br>310536cd5f5aa1fc0c11726ce13c565e_lec12_sorting.py <br><code>QmbV8ct8DEQyRGRDSX4PaQBXk8r8ryYLDNwTa2buC7kcP5</code><br> <br> rfp34qypvif1hdpcibiko63h1h1g53i 2 131 450 2024-04-25T08:42:38Z Noob 1 Creating user page for new user. 450 wikitext text/x-wiki I am not a bot please let me in rrvad6gb2yovanxbs1klie52smhochg 3 132 451 2024-04-25T08:42:38Z Noob 1 Welcome! 451 wikitext text/x-wiki '''Welcome to ''CompleteNoobs''!''' We hope you will contribute much and well. You will probably want to read the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents help pages]. Again, welcome and have fun! [[User:Noob|Noob]] ([[User talk:Noob|talk]]) 08:42, 25 April 2024 (UTC) bv08k3lzgkf53n4mtxznqyj70q2dr3r 0 133 454 2024-04-25T10:03:41Z Test1 7 Created page with "Greetings Fellow Noobs I been about a year since signups where disabled due to bots. Just re-enabled and somethings seem to have changed and have small bug i have to solve. Currently signups can be done using '''''request account''''', in bios section just say something like 'hey there i am not a bot fellow noob' and i will approve your sign up. when you receive an email to verify email it will come with bug i have not had time to fix/solve (at current time) <pre>..." 454 wikitext text/x-wiki Greetings Fellow Noobs I been about a year since signups where disabled due to bots. Just re-enabled and somethings seem to have changed and have small bug i have to solve. Currently signups can be done using '''''request account''''', in bios section just say something like 'hey there i am not a bot fellow noob' and i will approve your sign up. when you receive an email to verify email it will come with bug i have not had time to fix/solve (at current time) <pre> http:///noobs/index.php?title=Special:RequestAccount&action=confirmemail&wpEmailToken=3867840feafj04357255f21d5f8a7fa1 </pre> append <code>completenoobs.com</code> and click link <pre> http://completenoobs.com/noobs/index.php?title=Special:RequestAccount&action=confirmemail&wpEmailToken=3867840feafj04357255f21d5f8a7fa1 </pre> igmylll7dtxcuaz8sq6yu3ni5154wit 563 454 2025-06-03T22:38:20Z NobleMage 17 563 wikitext text/x-wiki Greetings Fellow Noobs I been about a year since signups where disabled due to bots. Just re-enabled and somethings seem to have changed and have small bug i have to solve. Currently signups can be done using '''''request account''''', in bios section just say something like 'hey there i am not a bot fellow noob' and i will approve your sign up. * NOTE: use username in realname section as well, '''ContributionScores extension''' is now showing real name as username? idk why. lets just move forward for now, its still in dev Concept mode. <!-- old now when you receive an email to verify email it will come with bug i have not had time to fix/solve (at current time) <pre> http:///noobs/index.php?title=Special:RequestAccount&action=confirmemail&wpEmailToken=3867840feafj04357255f21d5f8a7fa1 </pre> append <code>completenoobs.com</code> and click link <pre> http://completenoobs.com/noobs/index.php?title=Special:RequestAccount&action=confirmemail&wpEmailToken=3867840feafj04357255f21d5f8a7fa1 </pre> --> k6e3mw5ffig1fzsow38gxttg5u59ogo 0 134 455 2024-04-28T14:13:04Z Noob 1 Created page with "==Prerequisites== Going to Install NixOS with ZFS on root on a ThinkPad T470 with 24gb Ram and a 1TB nvme ssd. * Live NixOS installer USB - nixos-plasma5-23.11.4761.5bf1cadb72ab-x86_64-linux.iso * Computer to install NixOS - will be wiping hard disk ==Bootable Media - NixOS== Create a thumb drive with a live NixOS installer and boot up In this tut using <code>https://channels.nixos.org/nixos-23.11/latest-nixos-plasma5-x86_64-linux.iso</code> Once booted into Live..." 455 wikitext text/x-wiki ==Prerequisites== Going to Install NixOS with ZFS on root on a ThinkPad T470 with 24gb Ram and a 1TB nvme ssd. * Live NixOS installer USB - nixos-plasma5-23.11.4761.5bf1cadb72ab-x86_64-linux.iso * Computer to install NixOS - will be wiping hard disk ==Bootable Media - NixOS== Create a thumb drive with a live NixOS installer and boot up In this tut using <code>https://channels.nixos.org/nixos-23.11/latest-nixos-plasma5-x86_64-linux.iso</code> Once booted into Live NixOS, close the default installer window that opens and connect laptop to power and internet. <div class="toccolours mw-collapsible mw-collapsed"> If you want to SSH into Live NixOS so you can follow notes and copy and paste commands<div class="mw-collapsible-content"> : ''''' Remove Default 15 Sleep mode on Live Installer''''' By default the NixOS live installer will go to sleep after 15 minutes of inactively.<br> We are going to login to are live NixOS box with ssh so that would be bad. : '''''KDE Plasma Desktop Live Installer''''' ** click the '''Application Launcher''' in the '''Favorites''' section which should come up by default, click '''System Settings''' > '''Power Management''' > '''Energy Saving''' and untick '''Suspend session''' and click '''Apply''', now we can close the window and get ready to ssh into are laptop running a live install of nixos. : '''''Allow SSH Login to Live NixOS Installer''''' The NixOS installer as two user accounts. * User: '''nixos''' * User: '''root''' You only need to set a password for '''nixos''' as the user is on the sudoers, you can just use <code>sudo -s</code> to upgrade to user '''root'''. Open the '''Konsole''' terminal, you should see '''ICON''' on Desktop. To ssh in as user '''nixos''' the user will require a password. * After running this command you will be prompted to enter a password for the user '''nixos''', you will use this to login. <code>passwd nixos</code> : '''''Find the IP address NixOS as been assigned''''' <code>ip addr</code><br> Which show my LAN IP address address the router as issued for the nix os box as 192.168.0.161 Return Output from command '''ip addr''': <pre> [nixos@nixos:~]$ ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp0s31f6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether e8:6a:64:8f:ea:ae brd ff:ff:ff:ff:ff:ff 3: wlp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 38:ba:f8:8b:d7:b0 brd ff:ff:ff:ff:ff:ff inet 192.168.0.161/24 brd 192.168.0.255 scope global dynamic noprefixroute wlp4s0 valid_lft 86345sec preferred_lft 86345sec inet6 fe80::bc45:cc59:3e71:d08/64 scope link noprefixroute valid_lft forever preferred_lft forever </pre> <div class="toccolours mw-collapsible mw-collapsed"> The '''ip addr''' command and output: <div class="mw-collapsible-content"> '''''What is 'ip addr'?''''' The '''ip addr''' command is a tool that allows you to manage and display the IP addresses assigned to your computer's network interfaces. In simpler terms, it's a command that helps you see what 'internet addresses' your computer is using to connect to the internet or other networks. When you run '''ip addr''', your computer returns a list of all the network connections it has, like Wi-Fi and Ethernet, and the details about each one. '''''Understanding the Output''''' Let's break down what you'll typically see when you run this command: #* '''''Loopback Interface (lo) ''''' <pre> 1: lo: &lt;LOOPBACK,UP,LOWER_UP&gt; mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 inet 127.0.0.1/8 scope host lo </pre> * '''lo''' is a special network interface that your computer uses to communicate with itself. * '''inet 127.0.0.1/8''' is its IP address. '''127.0.0.1''' is like your computer's own 'home' address. #* '''''Ethernet Interface (enp0s31f6) ''''' <pre> 2: enp0s31f6: &lt;NO-CARRIER,BROADCAST,MULTICAST,UP&gt; mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 </pre> * '''enp0s31f6''' is an Ethernet interface, which means it's what your computer uses when it's connected to the internet with a cable. * '''state DOWN''' means that this interface is not currently active (maybe the cable is unplugged). #*'''''Wi-Fi Interface (wlp4s0)''''' <pre> 3: wlp4s0: &lt;BROADCAST,MULTICAST,UP,LOWER_UP&gt; mtu 1500 qdisc noqueue state UP group default qlen 1000 inet 192.168.0.161/24 brd 192.168.0.255 scope global dynamic noprefixroute wlp4s0 </pre> * '''wlp4s0''' is a Wi-Fi interface, which means this is what your computer uses when it's connected to Wi-Fi. * '''inet 192.168.0.161/24''' is the IP address given to your computer by your Wi-Fi router. </div> </div> '''''SSH into NixOS Laptop''''' Now we can ssh into are NixOS Laptop and get started. From the Macbook going to open a '''Terminal''' and login: <code>ssh nixos@192.168.0.161</code> Will be prompted to enter password for user '''nixos''' </div> </div> === find hard drive=== <code>lsblk</code> * '''lsblk''' stands for '''list block devices''' and more info can be found in the manual page by typing '''''man lsblk''''' in terminal <pre> [nixos@nixos:~]$ lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS loop0 7:0 0 2.5G 1 loop /nix/.ro-store sda 8:0 1 7.3G 0 disk ├─sda1 8:1 1 2.5G 0 part /iso └─sda2 8:2 1 3M 0 part sdb 8:16 1 0B 0 disk nvme0n1 259:0 0 931.5G 0 disk </pre> '''sda''' is the Live Boot Media (NixOS USB) '''nvme0n1''' is the laptops hard drive NOTE: swap should be equal to ram at least or double.<br> === nuke hard drive === This will wipe the hard drive <code>sudo sgdisk --zap-all /dev/nvme0n1</code> Return Output: <pre> [nixos@nixos:~]$ sudo sgdisk --zap-all /dev/nvme0n1 GPT data structures destroyed! You may now partition the disk using fdisk or other utilities. </pre> === create partitions === Gonna duel boot with FreeBSD Later - so not using all of hard drive * EFI 2GB * NixOS Main 500GB * NixOS Swap 16GB <code>sudo fdisk /dev/nvme0n1</code> Return Output: <pre> Welcome to fdisk (util-linux 2.38.1). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Device does not contain a recognized partition table. Created a new DOS disklabel with disk identifier 0x244b4973. Command (m for help): </pre> ==== GPT disklabel==== Create GPT disklabel by pressing '''g'''<br> <code>g</code><br> Return Output: <pre> Created a new GPT disklabel (GUID: 617C1730-CC18-A44D-8C70-3E3939D1BCC8). Command (m for help): </pre> When you press <code>g</code> after running this command, you will be initiating the creation of a new empty GPT (GUID Partition Table) partition table on the disk /dev/nvme0n1. <br> GPT is a modern partitioning scheme that is part of the UEFI standard, replacing the older MBR (Master Boot Record) scheme used by BIOS systems. It supports larger disk sizes and more partitions than MBR. ==== EFI partition==== Crete EFI partition by first creating a new partition using '''n'''<br> <code>n</code><br> Return Output: <pre> Partition number (1-128, default 1): </pre> The default should be partition 1, which can be selected by just pressing '''Enter''' or entering '''1''' and pressing '''Enter''' '''First section''' <div class="toccolours mw-collapsible mw-collapsed"> First sector (2048-1953525134, default 2048): MORE INFO <div class="mw-collapsible-content"> First Sector: This is the starting sector for the new partition you're creating. In disk partitioning, a "sector" is the smallest unit that can be accessed on the disk. Historically, a sector holds 512 bytes, but newer disks might use larger sector sizes. Range (2048-1953525134): This is the range of sectors you can choose from for the starting point of the new partition. The numbers are sector indices on the disk. The lower bound 2048 is often the default starting point for the first partition in modern systems using GPT (GUID Partition Table). This offset is used to align partitions correctly for performance reasons and to provide some space for the bootloader and partition table. The upper bound 1953525134 represents the last sector on the disk that can be used as a starting point for the new partition. Default (2048): This indicates the default choice that fdisk will use if you simply press Enter without typing a number. It's recommending you start the partition at sector 2048. Choosing the default is usually safe and aligns with most modern storage devices' requirements for optimal performance and alignment. Why Start at Sector 2048?: Starting at sector 2048 leaves enough room for the primary GPT header and the partition entries. This is part of the standard layout for GPT disks. It's a best practice to follow these defaults unless you have a specific reason to deviate, such as specific alignment needs or following a custom partitioning scheme. </div> </div> <pre>First sector (2048-1953525134, default 2048):</pre> We want the default first sector of 2048, so just press ENTER '''Create a 2 GB partition for EFI''' The Return Output from the last command: <pre> Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-1953525134, default 1953523711): </pre> <code>+2GB</code> <div class="toccolours mw-collapsible mw-collapsed"> <code>+2GB</code> Explained: <div class="mw-collapsible-content"> The line '''+2GB''' is a simple directive used in the '''fdisk''' utility to specify the size of the new partition you are creating. Here's what it means: "+" Symbol: This indicates that the size specified is to be added to the starting sector of the partition. It's a way of specifying how much space to allocate for the partition, starting from the beginning sector you selected (or the default starting sector). "2GB": This specifies the size of the partition. In this case, it's 2 gigabytes. This is the amount of disk space that will be allocated to the new partition. So, when you input +2GB in fdisk after choosing to create a new partition (n command), you are instructing fdisk to create a new partition that is 2 gigabytes in size. This is a common size for an EFI (Extensible Firmware Interface) system partition, which is used as a boot partition in modern computers with UEFI firmware. </div> </div> '''Select type of partiton'''<br> the '''t''' command is used for changing the type of a partition.<br> <code>t</code><br> Return OutPut: <pre> Command (m for help): t Selected partition 1 Partition type or alias (type L to list all): </pre> <div class="toccolours mw-collapsible mw-collapsed"> Command '''t''' More info<div class="mw-collapsible-content"> Command 't': When you enter the t command in fdisk, it prompts you to change the type of an existing partition. This is important because the type of a partition can determine how the operating system and firmware interact with it. Selecting a Partition: If you have more than one partition on your disk, fdisk will first ask you to specify which partition you want to change the type of. You do this by entering the partition number (e.g., 1, 2, etc.). Partition Types: Each partition type is represented by a unique code or identifier. These types correspond to different uses, such as Linux filesystems, EFI system partitions, swap areas, etc. The partition type tells the system how to treat that partition – for example, whether it's a bootable system partition, a data storage area, or something else. Input for EFI System Partition: When you enter 1 after the t command in the context of setting up an EFI partition, it sets the selected partition's type to 'EFI System'. This type is used for EFI boot partitions, which are necessary for systems with UEFI firmware. The EFI partition holds the boot loaders and other data needed for starting the operating system. </div> </div> '''Set Type as "EFI system" '''<br> 1 = EFI system, just type 1 and hit Enter<br> <code>1</code> <br> Return Output: <pre> Partition type or alias (type L to list all): 1 Changed type of partition 'Linux filesystem' to 'EFI System'. </pre> <div class="toccolours mw-collapsible mw-collapsed"> Output from pressing '''L'''<div class="mw-collapsible-content"> <pre> Partition type or alias (type L to list all): L 1 EFI System C12A7328-F81F-11D2-BA4B-00A0C93EC93B 2 MBR partition scheme 024DEE41-33E7-11D3-9D69-0008C781F39F 3 Intel Fast Flash D3BFE2DE-3DAF-11DF-BA40-E3A556D89593 4 BIOS boot 21686148-6449-6E6F-744E-656564454649 5 Sony boot partition F4019732-066E-4E12-8273-346C5641494F 6 Lenovo boot partition BFBFAFE7-A34F-448A-9A5B-6213EB736C22 7 PowerPC PReP boot 9E1A2D38-C612-4316-AA26-8B49521E5A8B 8 ONIE boot 7412F7D5-A156-4B13-81DC-867174929325 9 ONIE config D4E6E2CD-4469-46F3-B5CB-1BFF57AFC149 10 Microsoft reserved E3C9E316-0B5C-4DB8-817D-F92DF00215AE 11 Microsoft basic data EBD0A0A2-B9E5-4433-87C0-68B6B72699C7 12 Microsoft LDM metadata 5808C8AA-7E8F-42E0-85D2-E1E90434CFB3 13 Microsoft LDM data AF9B60A0-1431-4F62-BC68-3311714A69AD 14 Windows recovery environment DE94BBA4-06D1-4D40-A16A-BFD50179D6AC 15 IBM General Parallel Fs 37AFFC90-EF7D-4E96-91C3-2D7AE055B174 16 Microsoft Storage Spaces E75CAF8F-F680-4CEE-AFA3-B001E56EFC2D 17 HP-UX data 75894C1E-3AEB-11D3-B7C1-7B03A0000000 18 HP-UX service E2A1E728-32E3-11D6-A682-7B03A0000000 19 Linux swap 0657FD6D-A4AB-43C4-84E5-0933C84B4F4F 20 Linux filesystem 0FC63DAF-8483-4772-8E79-3D69D8477DE4 21 Linux server data 3B8F8425-20E0-4F3B-907F-1A25A76F98E8 22 Linux root (x86) 44479540-F297-41B2-9AF7-D131D5F0458A 23 Linux root (x86-64) 4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709 24 Linux root (Alpha) 6523F8AE-3EB1-4E2A-A05A-18B695AE656F 25 Linux root (ARC) D27F46ED-2919-4CB8-BD25-9531F3C16534 26 Linux root (ARM) 69DAD710-2CE4-4E3C-B16C-21A1D49ABED3 27 Linux root (ARM-64) B921B045-1DF0-41C3-AF44-4C6F280D3FAE 28 Linux root (IA-64) 993D8D3D-F80E-4225-855A-9DAF8ED7EA97 29 Linux root (LoongArch-64) 77055800-792C-4F94-B39A-98C91B762BB6 30 Linux root (MIPS-32 LE) 37C58C8A-D913-4156-A25F-48B1B64E07F0 31 Linux root (MIPS-64 LE) 700BDA43-7A34-4507-B179-EEB93D7A7CA3 32 Linux root (PPC) 1DE3F1EF-FA98-47B5-8DCD-4A860A654D78 33 Linux root (PPC64) 912ADE1D-A839-4913-8964-A10EEE08FBD2 34 Linux root (PPC64LE) C31C45E6-3F39-412E-80FB-4809C4980599 35 Linux root (RISC-V-32) 60D5A7FE-8E7D-435C-B714-3DD8162144E1 36 Linux root (RISC-V-64) 72EC70A6-CF74-40E6-BD49-4BDA08E8F224 37 Linux root (S390) 08A7ACEA-624C-4A20-91E8-6E0FA67D23F9 38 Linux root (S390X) 5EEAD9A9-FE09-4A1E-A1D7-520D00531306 39 Linux root (TILE-Gx) C50CDD70-3862-4CC3-90E1-809A8C93EE2C 40 Linux reserved 8DA63339-0007-60C0-C436-083AC8230908 41 Linux home 933AC7E1-2EB4-4F13-B844-0E14E2AEF915 42 Linux RAID A19D880F-05FC-4D3B-A006-743F0F84911E 43 Linux LVM E6D6D379-F507-44C2-A23C-238F2A3DF928 44 Linux variable data 4D21B016-B534-45C2-A9FB-5C16E091FD2D 45 Linux temporary data 7EC6F557-3BC5-4ACA-B293-16EF5DF639D1 46 Linux /usr (x86) 75250D76-8CC6-458E-BD66-BD47CC81A812 47 Linux /usr (x86-64) 8484680C-9521-48C6-9C11-B0720656F69E 48 Linux /usr (Alpha) E18CF08C-33EC-4C0D-8246-C6C6FB3DA024 49 Linux /usr (ARC) 7978A683-6316-4922-BBEE-38BFF5A2FECC 50 Linux /usr (ARM) 7D0359A3-02B3-4F0A-865C-654403E70625 51 Linux /usr (ARM-64) B0E01050-EE5F-4390-949A-9101B17104E9 52 Linux /usr (IA-64) 4301D2A6-4E3B-4B2A-BB94-9E0B2C4225EA 53 Linux /usr (LoongArch-64) E611C702-575C-4CBE-9A46-434FA0BF7E3F 54 Linux /usr (MIPS-32 LE) 0F4868E9-9952-4706-979F-3ED3A473E947 55 Linux /usr (MIPS-64 LE) C97C1F32-BA06-40B4-9F22-236061B08AA8 56 Linux /usr (PPC) 7D14FEC5-CC71-415D-9D6C-06BF0B3C3EAF 57 Linux /usr (PPC64) 2C9739E2-F068-46B3-9FD0-01C5A9AFBCCA 58 Linux /usr (PPC64LE) 15BB03AF-77E7-4D4A-B12B-C0D084F7491C 59 Linux /usr (RISC-V-32) B933FB22-5C3F-4F91-AF90-E2BB0FA50702 60 Linux /usr (RISC-V-64) BEAEC34B-8442-439B-A40B-984381ED097D 61 Linux /usr (S390) CD0F869B-D0FB-4CA0-B141-9EA87CC78D66 62 Linux /usr (S390X) 8A4F5770-50AA-4ED3-874A-99B710DB6FEA 63 Linux /usr (TILE-Gx) 55497029-C7C1-44CC-AA39-815ED1558630 64 Linux root verity (x86) D13C5D3B-B5D1-422A-B29F-9454FDC89D76 65 Linux root verity (x86-64) 2C7357ED-EBD2-46D9-AEC1-23D437EC2BF5 66 Linux root verity (Alpha) FC56D9E9-E6E5-4C06-BE32-E74407CE09A5 67 Linux root verity (ARC) 24B2D975-0F97-4521-AFA1-CD531E421B8D 68 Linux root verity (ARM) 7386CDF2-203C-47A9-A498-F2ECCE45A2D6 69 Linux root verity (ARM-64) DF3300CE-D69F-4C92-978C-9BFB0F38D820 70 Linux root verity (IA-64) 86ED10D5-B607-45BB-8957-D350F23D0571 71 Linux root verity (LoongArch-64) F3393B22-E9AF-4613-A948-9D3BFBD0C535 72 Linux root verity (MIPS-32 LE) D7D150D2-2A04-4A33-8F12-16651205FF7B 73 Linux root verity (MIPS-64 LE) 16B417F8-3E06-4F57-8DD2-9B5232F41AA6 74 Linux root verity (PPC) 98CFE649-1588-46DC-B2F0-ADD147424925 75 Linux root verity (PPC64) 9225A9A3-3C19-4D89-B4F6-EEFF88F17631 76 Linux root verity (PPC64LE) 906BD944-4589-4AAE-A4E4-DD983917446A 77 Linux root verity (RISC-V-32) AE0253BE-1167-4007-AC68-43926C14C5DE 78 Linux root verity (RISC-V-64) B6ED5582-440B-4209-B8DA-5FF7C419EA3D 79 Linux root verity (S390) 7AC63B47-B25C-463B-8DF8-B4A94E6C90E1 80 Linux root verity (S390X) B325BFBE-C7BE-4AB8-8357-139E652D2F6B 81 Linux root verity (TILE-Gx) 966061EC-28E4-4B2E-B4A5-1F0A825A1D84 82 Linux /usr verity (x86) 8F461B0D-14EE-4E81-9AA9-049B6FB97ABD 83 Linux /usr verity (x86-64) 77FF5F63-E7B6-4633-ACF4-1565B864C0E6 84 Linux /usr verity (Alpha) 8CCE0D25-C0D0-4A44-BD87-46331BF1DF67 85 Linux /usr verity (ARC) FCA0598C-D880-4591-8C16-4EDA05C7347C 86 Linux /usr verity (ARM) C215D751-7BCD-4649-BE90-6627490A4C05 87 Linux /usr verity (ARM-64) 6E11A4E7-FBCA-4DED-B9E9-E1A512BB664E 88 Linux /usr verity (IA-64) 6A491E03-3BE7-4545-8E38-83320E0EA880 89 Linux /usr verity (LoongArch-64) F46B2C26-59AE-48F0-9106-C50ED47F673D 90 Linux /usr verity (MIPS-32 LE) 46B98D8D-B55C-4E8F-AAB3-37FCA7F80752 91 Linux /usr verity (MIPS-64 LE) 3C3D61FE-B5F3-414D-BB71-8739A694A4EF 92 Linux /usr verity (PPC) DF765D00-270E-49E5-BC75-F47BB2118B09 93 Linux /usr verity (PPC64) BDB528A5-A259-475F-A87D-DA53FA736A07 94 Linux /usr verity (PPC64LE) EE2B9983-21E8-4153-86D9-B6901A54D1CE 95 Linux /usr verity (RISC-V-32) CB1EE4E3-8CD0-4136-A0A4-AA61A32E8730 96 Linux /usr verity (RISC-V-64) 8F1056BE-9B05-47C4-81D6-BE53128E5B54 97 Linux /usr verity (S390) B663C618-E7BC-4D6D-90AA-11B756BB1797 98 Linux /usr verity (S390X) 31741CC4-1A2A-4111-A581-E00B447D2D06 99 Linux /usr verity (TILE-Gx) 2FB4BF56-07FA-42DA-8132-6B139F2026AE 100 Linux root verity sign. (x86) 5996FC05-109C-48DE-808B-23FA0830B676 101 Linux root verity sign. (x86-64) 41092B05-9FC8-4523-994F-2DEF0408B176 102 Linux root verity sign. (Alpha) D46495B7-A053-414F-80F7-700C99921EF8 103 Linux root verity sign. (ARC) 143A70BA-CBD3-4F06-919F-6C05683A78BC 104 Linux root verity sign. (ARM) 42B0455F-EB11-491D-98D3-56145BA9D037 105 Linux root verity sign. (ARM-64) 6DB69DE6-29F4-4758-A7A5-962190F00CE3 106 Linux root verity sign. (IA-64) E98B36EE-32BA-4882-9B12-0CE14655F46A 107 Linux root verity sign. (LoongArch-64) 5AFB67EB-ECC8-4F85-AE8E-AC1E7C50E7D0 108 Linux root verity sign. (MIPS-32 LE) C919CC1F-4456-4EFF-918C-F75E94525CA5 109 Linux root verity sign. (MIPS-64 LE) 904E58EF-5C65-4A31-9C57-6AF5FC7C5DE7 110 Linux root verity sign. (PPC) 1B31B5AA-ADD9-463A-B2ED-BD467FC857E7 111 Linux root verity sign. (PPC64) F5E2C20C-45B2-4FFA-BCE9-2A60737E1AAF 112 Linux root verity sign. (PPC64LE) D4A236E7-E873-4C07-BF1D-BF6CF7F1C3C6 113 Linux root verity sign. (RISC-V-32) 3A112A75-8729-4380-B4CF-764D79934448 114 Linux root verity sign. (RISC-V-64) EFE0F087-EA8D-4469-821A-4C2A96A8386A 115 Linux root verity sign. (S390) 3482388E-4254-435A-A241-766A065F9960 116 Linux root verity sign. (S390X) C80187A5-73A3-491A-901A-017C3FA953E9 117 Linux root verity sign. (TILE-Gx) B3671439-97B0-4A53-90F7-2D5A8F3AD47B 118 Linux /usr verity sign. (x86) 974A71C0-DE41-43C3-BE5D-5C5CCD1AD2C0 119 Linux /usr verity sign. (x86-64) E7BB33FB-06CF-4E81-8273-E543B413E2E2 120 Linux /usr verity sign. (Alpha) 5C6E1C76-076A-457A-A0FE-F3B4CD21CE6E 121 Linux /usr verity sign. (ARC) 94F9A9A1-9971-427A-A400-50CB297F0F35 122 Linux /usr verity sign. (ARM) D7FF812F-37D1-4902-A810-D76BA57B975A 123 Linux /usr verity sign. (ARM-64) C23CE4FF-44BD-4B00-B2D4-B41B3419E02A 124 Linux /usr verity sign. (IA-64) 8DE58BC2-2A43-460D-B14E-A76E4A17B47F 125 Linux /usr verity sign. (LoongArch-64) B024F315-D330-444C-8461-44BBDE524E99 126 Linux /usr verity sign. (MIPS-32 LE) 3E23CA0B-A4BC-4B4E-8087-5AB6A26AA8A9 127 Linux /usr verity sign. (MIPS-64 LE) F2C2C7EE-ADCC-4351-B5C6-EE9816B66E16 128 Linux /usr verity sign. (PPC) 7007891D-D371-4A80-86A4-5CB875B9302E 129 Linux /usr verity sign. (PPC64) 0B888863-D7F8-4D9E-9766-239FCE4D58AF 130 Linux /usr verity sign. (PPC64LE) C8BFBD1E-268E-4521-8BBA-BF314C399557 131 Linux /usr verity sign. (RISC-V-32) C3836A13-3137-45BA-B583-B16C50FE5EB4 132 Linux /usr verity sign. (RISC-V-64) D2F9000A-7A18-453F-B5CD-4D32F77A7B32 133 Linux /usr verity sign. (S390) 17440E4F-A8D0-467F-A46E-3912AE6EF2C5 134 Linux /usr verity sign. (S390X) 3F324816-667B-46AE-86EE-9B0C0C6C11B4 135 Linux /usr verity sign. (TILE-Gx) 4EDE75E2-6CCC-4CC8-B9C7-70334B087510 136 Linux extended boot BC13C2FF-59E6-4262-A352-B275FD6F7172 137 Linux user's home 773f91ef-66d4-49b5-bd83-d683bf40ad16 138 FreeBSD data 516E7CB4-6ECF-11D6-8FF8-00022D09712B 139 FreeBSD boot 83BD6B9D-7F41-11DC-BE0B-001560B84F0F 140 FreeBSD swap 516E7CB5-6ECF-11D6-8FF8-00022D09712B 141 FreeBSD UFS 516E7CB6-6ECF-11D6-8FF8-00022D09712B 142 FreeBSD ZFS 516E7CBA-6ECF-11D6-8FF8-00022D09712B 143 FreeBSD Vinum 516E7CB8-6ECF-11D6-8FF8-00022D09712B 144 Apple HFS/HFS+ 48465300-0000-11AA-AA11-00306543ECAC 145 Apple APFS 7C3457EF-0000-11AA-AA11-00306543ECAC 146 Apple UFS 55465300-0000-11AA-AA11-00306543ECAC 147 Apple RAID 52414944-0000-11AA-AA11-00306543ECAC 148 Apple RAID offline 52414944-5F4F-11AA-AA11-00306543ECAC 149 Apple boot 426F6F74-0000-11AA-AA11-00306543ECAC 150 Apple label 4C616265-6C00-11AA-AA11-00306543ECAC 151 Apple TV recovery 5265636F-7665-11AA-AA11-00306543ECAC 152 Apple Core storage 53746F72-6167-11AA-AA11-00306543ECAC 153 Apple Silicon boot 69646961-6700-11AA-AA11-00306543ECAC 154 Apple Silicon recovery 52637672-7900-11AA-AA11-00306543ECAC 155 Solaris boot 6A82CB45-1DD2-11B2-99A6-080020736631 156 Solaris root 6A85CF4D-1DD2-11B2-99A6-080020736631 157 Solaris /usr & Apple ZFS 6A898CC3-1DD2-11B2-99A6-080020736631 158 Solaris swap 6A87C46F-1DD2-11B2-99A6-080020736631 159 Solaris backup 6A8B642B-1DD2-11B2-99A6-080020736631 160 Solaris /var 6A8EF2E9-1DD2-11B2-99A6-080020736631 161 Solaris /home 6A90BA39-1DD2-11B2-99A6-080020736631 162 Solaris alternate sector 6A9283A5-1DD2-11B2-99A6-080020736631 163 Solaris reserved 1 6A945A3B-1DD2-11B2-99A6-080020736631 164 Solaris reserved 2 6A9630D1-1DD2-11B2-99A6-080020736631 165 Solaris reserved 3 6A980767-1DD2-11B2-99A6-080020736631 166 Solaris reserved 4 6A96237F-1DD2-11B2-99A6-080020736631 167 Solaris reserved 5 6A8D2AC7-1DD2-11B2-99A6-080020736631 168 NetBSD swap 49F48D32-B10E-11DC-B99B-0019D1879648 169 NetBSD FFS 49F48D5A-B10E-11DC-B99B-0019D1879648 170 NetBSD LFS 49F48D82-B10E-11DC-B99B-0019D1879648 171 NetBSD concatenated 2DB519C4-B10F-11DC-B99B-0019D1879648 172 NetBSD encrypted 2DB519EC-B10F-11DC-B99B-0019D1879648 173 NetBSD RAID 49F48DAA-B10E-11DC-B99B-0019D1879648 174 ChromeOS kernel FE3A2A5D-4F32-41A7-B725-ACCC3285A309 175 ChromeOS root fs 3CB8E202-3B7E-47DD-8A3C-7FF2A13CFCEC 176 ChromeOS reserved 2E0A753D-9E48-43B0-8337-B15192CB1B5E 177 MidnightBSD data 85D5E45A-237C-11E1-B4B3-E89A8F7FC3A7 178 MidnightBSD boot 85D5E45E-237C-11E1-B4B3-E89A8F7FC3A7 179 MidnightBSD swap 85D5E45B-237C-11E1-B4B3-E89A8F7FC3A7 180 MidnightBSD UFS 0394EF8B-237E-11E1-B4B3-E89A8F7FC3A7 181 MidnightBSD ZFS 85D5E45D-237C-11E1-B4B3-E89A8F7FC3A7 182 MidnightBSD Vinum 85D5E45C-237C-11E1-B4B3-E89A8F7FC3A7 183 Ceph Journal 45B0969E-9B03-4F30-B4C6-B4B80CEFF106 184 Ceph Encrypted Journal 45B0969E-9B03-4F30-B4C6-5EC00CEFF106 185 Ceph OSD 4FBD7E29-9D25-41B8-AFD0-062C0CEFF05D 186 Ceph crypt OSD 4FBD7E29-9D25-41B8-AFD0-5EC00CEFF05D 187 Ceph disk in creation 89C57F98-2FE5-4DC0-89C1-F3AD0CEFF2BE 188 Ceph crypt disk in creation 89C57F98-2FE5-4DC0-89C1-5EC00CEFF2BE 189 VMware VMFS AA31E02A-400F-11DB-9590-000C2911D1B8 190 VMware Diagnostic 9D275380-40AD-11DB-BF97-000C2911D1B8 191 VMware Virtual SAN 381CFCCC-7288-11E0-92EE-000C2911D0B2 192 VMware Virsto 77719A0C-A4A0-11E3-A47E-000C29745A24 193 VMware Reserved 9198EFFC-31C0-11DB-8F78-000C2911D1B8 194 OpenBSD data 824CC7A0-36A8-11E3-890A-952519AD3F61 195 QNX6 file system CEF5A9AD-73BC-4601-89F3-CDEEEEE321A1 196 Plan 9 partition C91818F9-8025-47AF-89D2-F030D7000C2C 197 HiFive FSBL 5B193300-FC78-40CD-8002-E86C45580B47 198 HiFive BBL 2E54B353-1271-4842-806F-E436D6AF6985 199 Haiku BFS 42465331-3BA3-10F1-802A-4861696B7521 200 Marvell Armada 3700 Boot partition 6828311A-BA55-42A4-BCDE-A89BB5EDECAE Aliases: linux - 0FC63DAF-8483-4772-8E79-3D69D8477DE4 swap - 0657FD6D-A4AB-43C4-84E5-0933C84B4F4F home - 933AC7E1-2EB4-4F13-B844-0E14E2AEF915 uefi - C12A7328-F81F-11D2-BA4B-00A0C93EC93B raid - A19D880F-05FC-4D3B-A006-743F0F84911E lvm - E6D6D379-F507-44C2-A23C-238F2A3DF928 </pre> </div> </div> ====Create second partition NixOS Install==== Create a Second Partition by pressing <code>n</code> <br> Return Output: <pre>Partition number (2-128, default 2): </pre> Press ENTER for to set the default (2)<br> Return Output: <pre>First sector (4196352-1953525134, default 4196352): </pre> Again default, just press enter<br> Return Output: <pre>Last sector, +/-sectors or +/-size{K,M,G,T,P} (3907584-1953525134, default 1953523711): </pre> <code>+500GB</code> <pre> Created a new partition 2 of type 'Linux filesystem' and of size 465.7 GiB. </pre> ====Create Third Partition for NixOS SWAP==== <code>n</code> <pre> Command (m for help): n Partition number (3-128, default 3): First sector (980469760-1953525134, default 980469760): Last sector, +/-sectors or +/-size{K,M,G,T,P} (980469760-1953525134, default 1953523711): +16GB </pre> <div class="toccolours mw-collapsible mw-collapsed"> NixOS Swap Note<div class="mw-collapsible-content"> Nix Config file will take care of the rest of swap <pre> swapDevices = [ { device = "/dev/nvme0n1p2"; randomEncryption.enable = true; } ]; </pre> </div> </div> ====Complete process terminal output==== <div class="toccolours mw-collapsible mw-collapsed"> The Complete process for creating the three partitions<div class="mw-collapsible-content"> <pre> [nixos@nixos:~]$ sudo fdisk /dev/nvme0n1 Welcome to fdisk (util-linux 2.39.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Device does not contain a recognized partition table. Created a new DOS (MBR) disklabel with disk identifier 0xf4e4cac7. Command (m for help): g Created a new GPT disklabel (GUID: DB407773-03D4-499B-A96A-3A61798E4523). Command (m for help): n Partition number (1-128, default 1): First sector (2048-1953525134, default 2048): Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-1953525134, default 1953523711): +2GB Created a new partition 1 of type 'Linux filesystem' and of size 1.9 GiB. Command (m for help): t Selected partition 1 Partition type or alias (type L to list all): 1 Changed type of partition 'Linux filesystem' to 'EFI System'. Command (m for help): n Partition number (2-128, default 2): First sector (3907584-1953525134, default 3907584): Last sector, +/-sectors or +/-size{K,M,G,T,P} (3907584-1953525134, default 1953523711): +500GB Created a new partition 2 of type 'Linux filesystem' and of size 465.7 GiB. Partition #2 contains a zfs_member signature. Do you want to remove the signature? [Y]es/[N]o: y The signature will be removed by a write command. Command (m for help): n Partition number (3-128, default 3): First sector (980469760-1953525134, default 980469760): Last sector, +/-sectors or +/-size{K,M,G,T,P} (980469760-1953525134, default 1953523711): +16GB Created a new partition 3 of type 'Linux filesystem' and of size 14.9 GiB. Command (m for help): w The partition table has been altered. Calling ioctl() to re-read partition table. Syncing disks. </pre> </div> </div> Can now check partitions with <code>lsblk</code> <pre> [nixos@nixos:~]$ lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS loop0 7:0 0 2.5G 1 loop /nix/.ro-store sda 8:0 1 7.3G 0 disk ├─sda1 8:1 1 2.5G 0 part /iso └─sda2 8:2 1 3M 0 part sdb 8:16 1 0B 0 disk nvme0n1 259:0 0 931.5G 0 disk ├─nvme0n1p1 259:1 0 1.9G 0 part ├─nvme0n1p2 259:2 0 465.7G 0 part └─nvme0n1p3 259:3 0 14.9G 0 part </pre> ===format drives/partitions=== We have now created 3 partions on are hard drive '''nvme0n1''' * '''nvme0n1p1''' the EFI partition * '''nvme0n1p2''' the NixOS Main partition * '''nvme0n1p3''' the NixOS Swap partition ====first partion is for EFI and will be formatted in fat32==== <code>sudo mkfs.fat -F 32 /dev/nvme0n1p1</code> ====adding a label==== <code>sudo fatlabel /dev/nvme0n1p1 EFIP</code> ===Create Zpools for Root and Home=== Encryption on root or unencrypted, select one option * NOTE: '''nvme0n1p2''' is the Main partition, will be installing NixOS on. And '''nvme0n1p3''' is the SWAP ====Creating zpools for root and home NO ENCRYPTION==== <pre> sudo zpool create -f \ -o altroot="/mnt" \ -o ashift=12 \ -o autotrim=on \ -O compression=lz4 \ -O acltype=posixacl \ -O xattr=sa \ -O relatime=on \ -O normalization=formD \ -O dnodesize=auto \ -O sync=disabled \ -O mountpoint=none \ NIXROOT \ /dev/nvme0n1p2 </pre> <div class="toccolours mw-collapsible mw-collapsed"> BreakDown of above command:<div class="mw-collapsible-content"> * '''-o vs -O''': ** The lowercase "''-o''" sets pool-level properties affecting the entire pool. ** The uppercase "''-O''" sets dataset-level properties affecting datasets within the pool. * '''Pool-Level Properties (Lowercase 'o')''': ** <code>-o altroot="/mnt"</code>: Temporarily sets an alternate root directory for mounting the pool. ** <code>-o ashift=12</code>: Specifies alignment shift for performance, with a value of 12 for 4K (2^12) disk sector size. ** <code>-o autotrim=on</code>: Enables automatic trimming of unused space for better SSD performance and longevity. * '''Dataset-Level Properties (Uppercase 'O')''': ** <code>-O compression=lz4</code>: Enables LZ4 compression, which is effective and lightweight. ** <code>-O acltype=posixacl</code>: Enables POSIX ACLs for granular permission control. ** <code>-O xattr=sa</code>: Enables extended attributes stored as system attributes. ** <code>-O relatime=on</code>: Updates access times relative to modification time for efficiency. ** <code>-O normalization=formD</code>: Sets Unicode normalization form for system compatibility. ** <code>-O dnodesize=auto</code>: Allows automatic adjustment of dnode sizes for performance. ** <code>-O sync=disabled</code>: Disables synchronous writes for performance but may compromise data integrity. ** <code>-O mountpoint=none</code>: Disables automatic mounting of the new pool. * '''Other Parameters''': ** ''NIXROOT'': Name of the ZFS pool being created. ** ''/dev/nvme0n1p2'': Disk partition for creating the ZFS pool. * '''Additional Note''': ** <code>-f</code>: Forces pool creation, overriding safety checks. Use with caution. </div> </div> ====Creating zpools for root and home WITH ENCRYPTION on root==== * You will be prompted to enter a passphase after running the below commands <pre> sudo zpool create -f \ -o altroot="/mnt" \ -o ashift=12 \ -o autotrim=on \ -O compression=lz4 \ -O acltype=posixacl \ -O xattr=sa \ -O relatime=on \ -O normalization=formD \ -O dnodesize=auto \ -O sync=disabled \ -O encryption=aes-256-gcm \ -O keylocation=prompt \ -O keyformat=passphrase \ -O mountpoint=none \ NIXROOT \ /dev/nvme0n1p2 </pre> <div class="toccolours mw-collapsible mw-collapsed"> BreakDown of above command:<div class="mw-collapsible-content"> * '''-o vs -O''': ** The lowercase "''-o''" sets pool-level properties affecting the entire pool. ** The uppercase "''-O''" sets dataset-level properties affecting datasets within the pool. * '''Pool-Level Properties (Lowercase 'o')''': ** <code>-o altroot="/mnt"</code>: Temporarily sets an alternate root directory for mounting the pool. ** <code>-o ashift=12</code>: Specifies alignment shift for performance, with a value of 12 for 4K (2^12) disk sector size. ** <code>-o autotrim=on</code>: Enables automatic trimming of unused space for better SSD performance and longevity. * '''Dataset-Level Properties (Uppercase 'O')''': ** <code>-O compression=lz4</code>: Enables LZ4 compression, which is effective and lightweight. ** <code>-O acltype=posixacl</code>: Enables POSIX ACLs for granular permission control. ** <code>-O xattr=sa</code>: Enables extended attributes stored as system attributes. ** <code>-O relatime=on</code>: Updates access times relative to modification time for efficiency. ** <code>-O normalization=formD</code>: Sets Unicode normalization form for system compatibility. ** <code>-O dnodesize=auto</code>: Allows automatic adjustment of dnode sizes for performance. ** <code>-O sync=disabled</code>: Disables synchronous writes for performance but may compromise data integrity. ** <code>-O encryption=aes-256-gcm</code>: Specifies AES-256-GCM as the encryption algorithm. ** <code>-O keylocation=prompt</code>: Prompts for the encryption key when needed. ** <code>-O keyformat=passphrase</code>: Uses a passphrase for the encryption key. ** <code>-O mountpoint=none</code>: Disables automatic mounting of the new pool. * '''Other Parameters''': ** ''NIXROOT'': Name of the ZFS pool being created. ** ''/dev/nvme0n1p2'': Disk partition for creating the ZFS pool. * '''Additional Note''': ** <code>-f</code>: Forces pool creation, overriding safety checks. Use with caution. </div> </div> =====create root volume===== <code> sudo zfs create -o mountpoint=legacy NIXROOT/root </code> ===== create home partition===== <code> sudo zfs create -o mountpoint=legacy NIXROOT/home </code> mountpoint=legacy allow us to use normal mount commands to mount zfs volume <code> sudo mount -t zfs NIXROOT/root /mnt </code> <code> sudo mkdir /mnt/boot /mnt/home </code> * mount boot <code> sudo mount /dev/nvme0n1p1 /mnt/boot </code> * mount zfs home <code> sudo mount -t zfs NIXROOT/home /mnt/home </code> ==nixos - config and install== ===Generate a Config File=== <code> sudo nixos-generate-config --root /mnt </code> * This command will generate file for the nixos system - which files and what they do i do not yet know, learning as i go * to see hardware configuration file <code> cat /mnt/etc/nixos/hardware-configuration.nix </code> ====Network HostID==== Using the command '''head -c 8 /etc/machine-id''' to generate a value for '''networking.hostId''' in NixOS for ZFS setup is a practical method to obtain a unique and consistent identifier for your system. <code> head -c 8 /etc/machine-id </code> * should return 8 charaters, something like the below: <pre> 3333abcd </pre> we will use this in the ZFS section of the '''nixos/configuration.nix''' file ==== edit nixos config file ==== <div class="toccolours mw-collapsible mw-collapsed"> <code>/mnt/etc/nixos/configuration.nix</code> Before any changes <div class="mw-collapsible-content"> <pre> # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). { config, pkgs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; # networking.hostName = "nixos"; # Define your hostname. # Pick only one of the below networking options. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. # Set your time zone. # time.timeZone = "Europe/Amsterdam"; # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Select internationalisation properties. # i18n.defaultLocale = "en_US.UTF-8"; # console = { # font = "Lat2-Terminus16"; # keyMap = "us"; # useXkbConfig = true; # use xkbOptions in tty. # }; # Enable the X11 windowing system. services.xserver.enable = true; # Enable the Plasma 5 Desktop Environment. services.xserver.displayManager.sddm.enable = true; services.xserver.desktopManager.plasma5.enable = true; # Configure keymap in X11 # services.xserver.layout = "us"; # services.xserver.xkbOptions = "eurosign:e,caps:escape"; # Enable CUPS to print documents. # services.printing.enable = true; # Enable sound. # sound.enable = true; # hardware.pulseaudio.enable = true; # Enable touchpad support (enabled default in most desktopManager). # services.xserver.libinput.enable = true; # Define a user account. Don't forget to set a password with ‘passwd’. # users.users.alice = { # isNormalUser = true; # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. # packages = with pkgs; [ # firefox # tree # ]; # }; # List packages installed in system profile. To search, run: # $ nix search wget # environment.systemPackages = with pkgs; [ # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # wget # ]; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; # }; # List services that you want to enable: # Enable the OpenSSH daemon. # services.openssh.enable = true; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # networking.firewall.enable = false; # Copy the NixOS configuration file and link it from the resulting system # (/run/current-system/configuration.nix). This is useful in case you # accidentally delete configuration.nix. # system.copySystemConfiguration = true; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It's perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.11"; # Did you read the comment? } </pre> </div> </div> <code> sudo $EDITOR /mnt/etc/nixos/configuration.nix </code> =====Boot Loader ===== By default will use systemd as boot loader which will not allow us to duel boot with freebsd (i think) '''comment out''' the lines by placing a # in front <pre> boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; </pre> And Insert <pre> # use grub please boot.loader.grub.enable = true; boot.loader.grub.devices = [ "nodev" ]; boot.loader.grub.efiInstallAsRemovable = true ; boot.loader.grub.efiSupport = true; boot.loader.grub.useOSProber = true; </pre> =====ZFS===== <pre> # zfs boot.supportedFilesystems = [ "zfs" ]; boot.zfs.requestEncryptionCredentials = true; ## insert return from 'head -c 8 /etc/machine-id' networking.hostId = "3333abcd"; services.zfs.autoScrub.enable = true; </pre> =====HostName and Network Manager===== * In the same config file we are going to change a few other details ** networking.hostName ** can just uncomment if you are happy with the name 'nixos' ** uncomment and change name to what you like <code> networking.hostName = "t470nix"; </code> ** pick on e of the networking options by uncommenting <code> networking.networkmanager.enable = true; </code> ===== Set your time zone - need to find a list of options===== <code> time.timeZone = "Europe/London"; </code> ===== keyboard layout ===== <pre> # Configure keymap in X11 services.xserver = { layout = "gb"; xkbVariant = ""; }; # Configure console keymap console.keyMap = "uk"; </pre> =====Select internationalisation properties===== <pre> # Select internationalisation properties. i18n.defaultLocale = "en_GB.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_GB.UTF-8"; LC_IDENTIFICATION = "en_GB.UTF-8"; LC_MEASUREMENT = "en_GB.UTF-8"; LC_MONETARY = "en_GB.UTF-8"; LC_NAME = "en_GB.UTF-8"; LC_NUMERIC = "en_GB.UTF-8"; LC_PAPER = "en_GB.UTF-8"; LC_TELEPHONE = "en_GB.UTF-8"; LC_TIME = "en_GB.UTF-8"; }; </pre> ===== Desktop - Pantheon ===== NOTE: because i am using latest-nixos-plasma5-x86_64-linux.iso by default the desktop will be plasma5, so going to comment out and replace with Pantheno Desktop Default entry: <pre> # Enable the X11 windowing system. services.xserver.enable = true; # Enable the Plasma 5 Desktop Environment. services.xserver.displayManager.sddm.enable = true; services.xserver.desktopManager.plasma5.enable = true; </pre> Changed to: NOTE: '''Pantheon''' as bug, does not open from sleep if you shut laptop lid, but its easy to change desktop on NixOS, as will show later. <pre> # Enable the X11 windowing system. services.xserver.enable = true; # Enable the Pantheon Desktop Environment. services.xserver.displayManager.lightdm.enable = true; services.xserver.desktopManager.pantheon.enable = true; # Enable the Plasma 5 Desktop Environment. # services.xserver.displayManager.sddm.enable = true; # services.xserver.desktopManager.plasma5.enable = true; </pre> ===== Set init user ===== ** Config a user account - we are using name '''noob''' feel free to change ** Note: change initial password after with <code>passwd noob</code>. SYNTAX <code>passwd USERNAME</code> <pre> users.users.noob = { isNormalUser = true; initialPassword = "CompleteNoob"; extraGroups = [ "wheel" ]; packages = with pkgs; [ mc ]; }; </pre> ======Enable auto login====== <pre> # Enable automatic login for the user. services.xserver.displayManager.autoLogin.enable = true; services.xserver.displayManager.autoLogin.user = "noob"; </pre> =====Enable Sound===== <pre> # Enable sound with pipewire. sound.enable = true; hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; # If you want to use JACK applications, uncomment this #jack.enable = true; # use the example session manager (no others are packaged yet so this is enabled by default, # no need to redefine it in your config for now) #media-session.enable = true; }; </pre> ===== Add an terminal text editor ===== note: 'vi' on its own does not work, needs to be 'vim', 'nano' is preinstalled by default with nixos <pre> environment.systemPackages = with pkgs; [ wget vim ]; </pre> ======Optional if you want to ssh in after reboot====== * enable sshd <code> services.openssh.enable = true; </code> * disable firewall <code> networking.firewall.enable = false; </code> <div class="toccolours mw-collapsible mw-collapsed"> <code>/mnt/etc/nixos/configuration.nix</code> After Changes - '''TIDY VERSION''' <div class="mw-collapsible-content"> <pre> [noob@t470nix:~]$ cat /etc/nixos/configuration.nix # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). { config, pkgs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; # allow ssh no firewall services.openssh.enable = true; networking.firewall.enable = false; # use grub please boot.loader.grub.enable = true; boot.loader.grub.devices = [ "nodev" ]; boot.loader.grub.efiInstallAsRemovable = true ; boot.loader.grub.efiSupport = true; boot.loader.grub.useOSProber = true; # zfs boot.supportedFilesystems = [ "zfs" ]; boot.zfs.requestEncryptionCredentials = true; ## insert return from 'head -c 8 /etc/machine-id' networking.hostId = "3333abcd"; services.zfs.autoScrub.enable = true; networking.hostName = "t470nix"; networking.networkmanager.enable = true; time.timeZone = "Europe/London"; # Configure keymap in X11 services.xserver = { layout = "gb"; xkbVariant = ""; }; # Configure console keymap console.keyMap = "uk"; # Select internationalisation properties. i18n.defaultLocale = "en_GB.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_GB.UTF-8"; LC_IDENTIFICATION = "en_GB.UTF-8"; LC_MEASUREMENT = "en_GB.UTF-8"; LC_MONETARY = "en_GB.UTF-8"; LC_NAME = "en_GB.UTF-8"; LC_NUMERIC = "en_GB.UTF-8"; LC_PAPER = "en_GB.UTF-8"; LC_TELEPHONE = "en_GB.UTF-8"; LC_TIME = "en_GB.UTF-8"; }; # Enable the X11 windowing system. services.xserver.enable = true; # Enable the Pantheon Desktop Environment. services.xserver.displayManager.lightdm.enable = true; services.xserver.desktopManager.pantheon.enable = true; # Enable the Plasma 5 Desktop Environment. # services.xserver.displayManager.sddm.enable = true; # services.xserver.desktopManager.plasma5.enable = true; # This creates a user called 'noob' with the password 'CompleteNoob' users.users.noob = { isNormalUser = true; initialPassword = "CompleteNoob"; extraGroups = [ "wheel" ]; packages = with pkgs; [ mc ]; }; # Enable automatic login for the user. services.xserver.displayManager.autoLogin.enable = true; services.xserver.displayManager.autoLogin.user = "noob"; # Enable sound with pipewire. sound.enable = true; hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; # If you want to use JACK applications, uncomment this #jack.enable = true; # use the example session manager (no others are packaged yet so this is enabled by default, # no need to redefine it in your config for now) #media-session.enable = true; }; environment.systemPackages = with pkgs; [ wget vim ]; system.stateVersion = "23.11"; # Did you read the comment? swapDevices = [ { device = "/dev/nvme0n1p3"; randomEncryption.enable = true; } ]; } </pre> </div> </div> == install nixos == To Install NixOS use '''nixos-install''' <code> sudo nixos-install </code> * will be prompted for root password after install Once Installed, <code>reboot</code> and login ===Installing packages on NixOS=== still new on NixOS <br><code>nix-env -i firefox</code> installs firefox. But its best to use '''configuration.nix''' for software installs, this way if you keep a copy of your config file and nuke and pave, you can have all your apps from the get go with out having to reinstall them all one by one again. ===Reconfigure /etc/nixos/configuration.nix=== To apply changes made to <code>/etc/nixos/configuration.nix</code> you need to '''rebuild''' * Give example on how to change back desktop to KDE * Add package FireFox and rebuild * After reboot (after desktop change) new passwd for noob account still changed - did not restore to CompleteNoob Change DESKTOP <pre> # Enable the Pantheon Desktop Environment. # services.xserver.displayManager.lightdm.enable = true; # services.xserver.desktopManager.pantheon.enable = true; # Enable the Plasma 5 Desktop Environment. services.xserver.displayManager.sddm.enable = true; services.xserver.desktopManager.plasma5.enable = true; </pre> ====after update==== <div class="toccolours mw-collapsible mw-collapsed"> AFTER UPDATE CONFIG<div class="mw-collapsible-content"> <pre> # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). { config, pkgs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; # allow ssh no firewall services.openssh.enable = true; networking.firewall.enable = false; # use grub please boot.loader.grub.enable = true; boot.loader.grub.devices = [ "nodev" ]; boot.loader.grub.efiInstallAsRemovable = true ; boot.loader.grub.efiSupport = true; boot.loader.grub.useOSProber = true; # zfs boot.supportedFilesystems = [ "zfs" ]; boot.zfs.requestEncryptionCredentials = true; ## insert return from 'head -c 8 /etc/machine-id' networking.hostId = "3333abcd"; services.zfs.autoScrub.enable = true; networking.hostName = "t470nix"; networking.networkmanager.enable = true; time.timeZone = "Europe/London"; # Configure keymap in X11 services.xserver = { layout = "gb"; xkbVariant = ""; }; # Configure console keymap console.keyMap = "uk"; # Select internationalisation properties. i18n.defaultLocale = "en_GB.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_GB.UTF-8"; LC_IDENTIFICATION = "en_GB.UTF-8"; LC_MEASUREMENT = "en_GB.UTF-8"; LC_MONETARY = "en_GB.UTF-8"; LC_NAME = "en_GB.UTF-8"; LC_NUMERIC = "en_GB.UTF-8"; LC_PAPER = "en_GB.UTF-8"; LC_TELEPHONE = "en_GB.UTF-8"; LC_TIME = "en_GB.UTF-8"; }; # Enable the X11 windowing system. services.xserver.enable = true; # Enable the Pantheon Desktop Environment. # services.xserver.displayManager.lightdm.enable = true; # services.xserver.desktopManager.pantheon.enable = true; # Enable the Plasma 5 Desktop Environment. services.xserver.displayManager.sddm.enable = true; services.xserver.desktopManager.plasma5.enable = true; # This creates a user called 'noob' with the password 'CompleteNoob' users.users.noob = { isNormalUser = true; initialPassword = "CompleteNoob"; extraGroups = [ "wheel" ]; packages = with pkgs; [ mc ]; }; # Enable automatic login for the user. services.xserver.displayManager.autoLogin.enable = true; services.xserver.displayManager.autoLogin.user = "noob"; # Enable sound with pipewire. sound.enable = true; hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; # If you want to use JACK applications, uncomment this #jack.enable = true; # use the example session manager (no others are packaged yet so this is enabled by default, # no need to redefine it in your config for now) #media-session.enable = true; }; environment.systemPackages = with pkgs; [ wget vim firefox ]; system.stateVersion = "23.11"; # Did you read the comment? #Swap Device setup swapDevices = [ { device = "/dev/nvme0n1p3"; randomEncryption.enable = true; } ]; } </pre> </div> </div> after config can rebuild <code> sudo nixos-rebuild </code> or <code> sudo nixos-rebuild switch </code> or <code> sudo nixos-rebuild boot </code> And thats a basic install of NixOS on OpenZFS, still learning. ====Adding brave browser==== <div class="toccolours mw-collapsible mw-collapsed"> Adding brave browser <div class="mw-collapsible-content"> <pre> # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). { config, pkgs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; # allow ssh no firewall services.openssh.enable = true; networking.firewall.enable = false; # use grub please boot.loader.grub.enable = true; boot.loader.grub.devices = [ "nodev" ]; boot.loader.grub.efiInstallAsRemovable = true ; boot.loader.grub.efiSupport = true; boot.loader.grub.useOSProber = true; # zfs boot.supportedFilesystems = [ "zfs" ]; boot.zfs.requestEncryptionCredentials = true; ## insert return from 'head -c 8 /etc/machine-id' networking.hostId = "3333abcd"; services.zfs.autoScrub.enable = true; networking.hostName = "t470nix"; networking.networkmanager.enable = true; time.timeZone = "Europe/London"; # Configure keymap in X11 services.xserver = { layout = "gb"; xkbVariant = ""; }; # Configure console keymap console.keyMap = "uk"; # Select internationalisation properties. i18n.defaultLocale = "en_GB.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_GB.UTF-8"; LC_IDENTIFICATION = "en_GB.UTF-8"; LC_MEASUREMENT = "en_GB.UTF-8"; LC_MONETARY = "en_GB.UTF-8"; LC_NAME = "en_GB.UTF-8"; LC_NUMERIC = "en_GB.UTF-8"; LC_PAPER = "en_GB.UTF-8"; LC_TELEPHONE = "en_GB.UTF-8"; LC_TIME = "en_GB.UTF-8"; }; # Enable the X11 windowing system. services.xserver.enable = true; # Enable the Pantheon Desktop Environment. # services.xserver.displayManager.lightdm.enable = true; # services.xserver.desktopManager.pantheon.enable = true; # Enable the Plasma 5 Desktop Environment. services.xserver.displayManager.sddm.enable = true; services.xserver.desktopManager.plasma5.enable = true; # This creates a user called 'noob' with the password 'CompleteNoob' users.users.noob = { isNormalUser = true; initialPassword = "CompleteNoob"; extraGroups = [ "wheel" ]; packages = with pkgs; [ mc ]; }; # Enable automatic login for the user. services.xserver.displayManager.autoLogin.enable = true; services.xserver.displayManager.autoLogin.user = "noob"; # Enable sound with pipewire. sound.enable = true; hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; # If you want to use JACK applications, uncomment this #jack.enable = true; # use the example session manager (no others are packaged yet so this is enabled by default, # no need to redefine it in your config for now) #media-session.enable = true; }; environment.systemPackages = with pkgs; [ wget vim firefox brave ]; # use this to prevent brave from opening kwallet all the time nixpkgs.config.overlays = [ (self: super: { brave = super.brave.override { commandLineArgs = "--password-store=basic"; }; }) ]; system.stateVersion = "23.11"; # Did you read the comment? #Swap Device setup swapDevices = [ { device = "/dev/nvme0n1p3"; randomEncryption.enable = true; } ]; } </pre> <code>sudo nixos-rebuild switch</code> </div> </div> ==HatTips== * Chris McDonough - https://www.youtube.com/watch?v=CboOUrkIZ2k&t=5s n9yza5cokxd7lzh1j5yntu9myhjgce9 0 135 457 2025-01-27T10:00:15Z Noob 1 Created page with " == Using the ebook-convert tool from Calibre == To convert an EPUB file to MOBI format on Ubuntu, you can use the '''ebook-convert''' tool from '''Calibre'''. Here’s how you can do it: * Install Calibre If you haven’t already, you can install Calibre using the following command: <code>sudo apt-get install calibre</code> === Convert EPUB to MOBI === Use the ebook-convert command to convert your EPUB file to MOBI. <br> For example, to convert a file named book.e..." 457 wikitext text/x-wiki == Using the ebook-convert tool from Calibre == To convert an EPUB file to MOBI format on Ubuntu, you can use the '''ebook-convert''' tool from '''Calibre'''. Here’s how you can do it: * Install Calibre If you haven’t already, you can install Calibre using the following command: <code>sudo apt-get install calibre</code> === Convert EPUB to MOBI === Use the ebook-convert command to convert your EPUB file to MOBI. <br> For example, to convert a file named book.epub to book.mobi, you would use: <br><code>ebook-convert book.epub book.mobi</code> ==== Other file formats are also supported with ebook-convert ==== <code>ebook-convert "book.azw3" "book.mobi"</code> === Convert in bulk === * This assumes you have a '''Directory''' with books.epub you want converted to books.mobi in bulk. * This script should be saved and run in said directory. <code>$EDITOR convert_epub_to_mobi.sh</code> <pre> #!/bin/bash # Check if ebook-convert is installed if ! command -v ebook-convert &> /dev/null then echo "ebook-convert could not be found. Please install calibre." exit 1 fi # Loop through all .epub files in the current directory for file in *.epub; do # Check if the file exists (to avoid processing '.*.epub' which would be all files) if [ -f "$file" ]; then # Get the filename without the extension filename="${file%.epub}" # Convert the file ebook-convert "$file" "${filename}.mobi" echo "Converted $file to ${filename}.mobi" fi done </pre> Now you can run with bash or make excultable * With bash <code>bash convert_epub_to_mobi.sh</code> * Make excultable <code>chmod +x convert_epub_to_mobi.sh</code> <code>./convert_epub_to_mobi.sh</code> ==== system wide script ==== If you are gonna be using a lot, can make script which you install in /usr/bin/ so you can just use:<code>convert_epub_to_mobi /path/to/epub/files /path/to/output/mobi</code> <code>$EDITOR convert_epub_to_mobi</code> <pre> #!/bin/bash # Check if ebook-convert is installed if ! command -v ebook-convert &> /dev/null then echo "ebook-convert could not be found. Please install calibre." exit 1 fi # Check if correct number of arguments are provided if [ "$#" -ne 2 ]; then echo "Usage: $0 <source_directory> <output_directory>" exit 1 fi SOURCE_DIR="$1" OUTPUT_DIR="$2" # Check if source directory exists if [ ! -d "$SOURCE_DIR" ]; then echo "Source directory does not exist: $SOURCE_DIR" exit 1 fi # Create output directory if it doesn't exist mkdir -p "$OUTPUT_DIR" # Loop through all .epub files in the source directory for file in "$SOURCE_DIR"/*.epub; do # Check if the file exists (to avoid processing '*.epub' if no files match) if [ -f "$file" ]; then # Get the filename without the path and extension filename=$(basename "$file" .epub) # Convert the file, placing the output in the specified directory ebook-convert "$file" "$OUTPUT_DIR/${filename}.mobi" echo "Converted $file to ${filename}.mobi in $OUTPUT_DIR" fi done </pre> Make it Executable and Move to /usr/bin/: <code>sudo cp convert_epub_to_mobi /usr/bin/</code> <code>sudo chmod +x /usr/bin/convert_epub_to_mobi</code> Now you can run the script from anywhere by specifying source and output directories: <code>convert_epub_to_mobi /path/to/epub/files /path/to/output/mobi</code> * Example: will convert all epubs in Downloads to newly created Kindlebooks directory <code>convert_epub_to_mobi Downloads/ Kindlebooks</code> Notes: * This script will create the output directory if it does not exist. * It checks for the existence of the source directory before proceeding. * The usage message helps remind users of the correct command structure if they forget. * As before, ensure ebook-convert (part of Calibre) is installed on the system. * Error handling for ebook-convert isn't included; you might want to add that for production use or for better user feedback on conversion failures. n4n5qpi7fec8jiz025zrnxt2hvsmrtp 459 457 2025-02-07T14:26:26Z AwesomO 5 459 wikitext text/x-wiki == Using the ebook-convert tool from Calibre == To convert an EPUB file to MOBI format on Ubuntu, you can use the '''ebook-convert''' tool from '''Calibre'''. Here’s how you can do it: * Install Calibre If you haven’t already, you can install Calibre using the following command: <code>sudo apt-get install calibre</code> === Convert EPUB to MOBI === Use the ebook-convert command to convert your EPUB file to MOBI. <br> For example, to convert a file named book.epub to book.mobi, you would use: <br><code>ebook-convert book.epub book.mobi</code> ==== Other file formats are also supported with ebook-convert ==== <code>ebook-convert "book.azw3" "book.mobi"</code> === Convert in bulk === * This assumes you have a '''Directory''' with books.epub you want converted to books.mobi in bulk. * This script should be saved and run in said directory. <code>$EDITOR convert_epub_to_mobi.sh</code> <pre> #!/bin/bash # Check if ebook-convert is installed if ! command -v ebook-convert &> /dev/null then echo "ebook-convert could not be found. Please install calibre." exit 1 fi # Loop through all .epub files in the current directory for file in *.epub; do # Check if the file exists (to avoid processing '.*.epub' which would be all files) if [ -f "$file" ]; then # Get the filename without the extension filename="${file%.epub}" # Convert the file ebook-convert "$file" "${filename}.mobi" echo "Converted $file to ${filename}.mobi" fi done </pre> Now you can run with bash or make excultable * With bash <code>bash convert_epub_to_mobi.sh</code> * Make excultable <code>chmod +x convert_epub_to_mobi.sh</code> <code>./convert_epub_to_mobi.sh</code> ==== system wide script ==== If you are gonna be using a lot, can make script which you install in /usr/bin/ so you can just use:<code>convert_epub_to_mobi /path/to/epub/files /path/to/output/mobi</code> <code>$EDITOR convert_epub_to_mobi</code> <pre> #!/bin/bash # Check if ebook-convert is installed if ! command -v ebook-convert &> /dev/null then echo "ebook-convert could not be found. Please install calibre." exit 1 fi # Check if correct number of arguments are provided if [ "$#" -ne 2 ]; then echo "Usage: $0 <source_directory> <output_directory>" exit 1 fi SOURCE_DIR="$1" OUTPUT_DIR="$2" # Check if source directory exists if [ ! -d "$SOURCE_DIR" ]; then echo "Source directory does not exist: $SOURCE_DIR" exit 1 fi # Create output directory if it doesn't exist mkdir -p "$OUTPUT_DIR" # Loop through all .epub files in the source directory for file in "$SOURCE_DIR"/*.epub; do # Check if the file exists (to avoid processing '*.epub' if no files match) if [ -f "$file" ]; then # Get the filename without the path and extension filename=$(basename "$file" .epub) # Convert the file, placing the output in the specified directory ebook-convert "$file" "$OUTPUT_DIR/${filename}.mobi" echo "Converted $file to ${filename}.mobi in $OUTPUT_DIR" fi done </pre> Make it Executable and Move to /usr/bin/: <code>sudo cp convert_epub_to_mobi /usr/bin/</code> <code>sudo chmod +x /usr/bin/convert_epub_to_mobi</code> Now you can run the script from anywhere by specifying source and output directories: <code>convert_epub_to_mobi /path/to/epub/files /path/to/output/mobi</code> * Example: will convert all epubs in Downloads to newly created Kindlebooks directory <code>convert_epub_to_mobi Downloads/ Kindlebooks</code> Notes: * This script will create the output directory if it does not exist. * It checks for the existence of the source directory before proceeding. * The usage message helps remind users of the correct command structure if they forget. * As before, ensure ebook-convert (part of Calibre) is installed on the system. * Error handling for ebook-convert isn't included; you might want to add that for production use or for better user feedback on conversion failures. == SEO keywords== * Kindle * EPUB to MOBI * Calibre Ubuntu * ebook-convert Ubuntu * Convert EPUB files * Bulk ebook conversion * Bash script for ebook conversion * Calibre command line 1cue4yu6xhzoiucwyazuaw76imcqduu 0 136 458 2025-02-07T14:23:28Z AwesomO 5 Created page with "==Installing Guake== <code>sudo apt install guake</code> drop down menu default is F12 key, open and right click background of terminal and select preferences for more details ==Start at Start up== ===using kde=== <pre> To make Guake start automatically at login, you can add it to the startup applications. In Kubuntu, you can do this by: Opening the System Settings Navigating to "Startup and Shutdown" Selecting "Autostart" Clicking "Add Program" or "Add Script" Sear..." 458 wikitext text/x-wiki ==Installing Guake== <code>sudo apt install guake</code> drop down menu default is F12 key, open and right click background of terminal and select preferences for more details ==Start at Start up== ===using kde=== <pre> To make Guake start automatically at login, you can add it to the startup applications. In Kubuntu, you can do this by: Opening the System Settings Navigating to "Startup and Shutdown" Selecting "Autostart" Clicking "Add Program" or "Add Script" Searching for "Guake" or entering the command "guake" </pre> ===Guake.desktop=== If the above method doesn't work, you can try creating a .desktop file in the autostart directory. Create a file named '''guake.desktop''' in <code>~/.config/autostart/</code> Directory with the following content: * If directory '''~/config/autostart''' does not exist create one <code>mkdir ~/.config/autostart</code> <code>$EDITOR ~/.config/autostart/guake.desktop</code> <pre> [Desktop Entry] Type=Application Exec=guake Hidden=false NoDisplay=false X-GNOME-Autostart-enabled=true Name=Guake Comment=Start Guake Terminal </pre> ====Guake.desktop file disappering after reboot problem==== The issue you're experiencing with the guake.desktop file disappearing from the '''~/.config/autostart''' directory after reboot is a known behavior in some Ubuntu MATE versions, including 24.04. This happens because certain applications, including Guake, manage their own autostart entries. To resolve this issue and ensure Guake starts automatically, you can try the following workaround: Create the guake.desktop file in ~/.config/autostart as you've been doing. After creating the file, rename it to something like "start_guake.desktop" This prevents Guake from recognizing it as its own file and removing it. ===systemd=== 31gbajdmt1ndkmnfw1qx89q5al46na9 0 137 460 2025-02-07T15:03:32Z AwesomO 5 Created page with " == EDIT /etc/bluetooth/main.conf == File: <code>/etc/bluetooth/main.conf</code> <code>sudo $EDITOR /etc/bluetooth/main.conf</code> * Line: 322 <pre> # AutoEnable defines option to enable all controllers when they are found. # This includes adapters present on start as well as adapters that are plugged # in later on. Defaults to 'true'. AutoEnable=true </pre> * Change '''AutoEnable''' to false <code>AutoEnable=false</code> * save and exit '''Done''' from now on, blue..." 460 wikitext text/x-wiki == EDIT /etc/bluetooth/main.conf == File: <code>/etc/bluetooth/main.conf</code> <code>sudo $EDITOR /etc/bluetooth/main.conf</code> * Line: 322 <pre> # AutoEnable defines option to enable all controllers when they are found. # This includes adapters present on start as well as adapters that are plugged # in later on. Defaults to 'true'. AutoEnable=true </pre> * Change '''AutoEnable''' to false <code>AutoEnable=false</code> * save and exit '''Done''' from now on, bluetooth will not be enabled by default at startup. <div class="toccolours mw-collapsible mw-collapsed"> Default before edits <code>cat /etc/bluetooth/main.conf</code> <div class="mw-collapsible-content"> <pre> [General] # Defaults to 'BlueZ X.YZ', if Name is not set here and plugin 'hostname' is not loaded. # The plugin 'hostname' is loaded by default and overides the Name set here so # consider modifying /etc/machine-info with variable PRETTY_HOSTNAME=<NewName> instead. #Name = BlueZ # Default device class. Only the major and minor device class bits are # considered. Defaults to '0x000000'. #Class = 0x000100 # How long to stay in discoverable mode before going back to non-discoverable # The value is in seconds. Default is 180, i.e. 3 minutes. # 0 = disable timer, i.e. stay discoverable forever #DiscoverableTimeout = 0 # Always allow pairing even if there are no agent registered # Possible values: true, false # Default: false #AlwaysPairable = false # How long to stay in pairable mode before going back to non-discoverable # The value is in seconds. Default is 0. # 0 = disable timer, i.e. stay pairable forever #PairableTimeout = 0 # Use vendor id source (assigner), vendor, product and version information for # DID profile support. The values are separated by ":" and assigner, VID, PID # and version. # Possible vendor id source values: bluetooth, usb (default) or false (disabled) #DeviceID = bluetooth:1234:5678:abcd # Do reverse service discovery for previously unknown devices that connect to # us. For BR/EDR this option is really only needed for qualification since the # BITE tester doesn't like us doing reverse SDP for some test cases, for LE # this disables the GATT client functionally so it can be used in system which # can only operate as peripheral. # Defaults to 'true'. #ReverseServiceDiscovery = true # Enable name resolving after inquiry. Set it to 'false' if you don't need # remote devices name and want shorter discovery cycle. Defaults to 'true'. #NameResolving = true # Enable runtime persistency of debug link keys. Default is false which # makes debug link keys valid only for the duration of the connection # that they were created for. #DebugKeys = false # Restricts all controllers to the specified transport. Default value # is "dual", i.e. both BR/EDR and LE enabled (when supported by the HW). # Possible values: "dual", "bredr", "le" #ControllerMode = dual # Maximum number of controllers allowed to be exposed to the system. # Default=0 (unlimited) #MaxControllers=0 # Enables Multi Profile Specification support. This allows to specify if # system supports only Multiple Profiles Single Device (MPSD) configuration # or both Multiple Profiles Single Device (MPSD) and Multiple Profiles Multiple # Devices (MPMD) configurations. # Possible values: "off", "single", "multiple" #MultiProfile = off # Permanently enables the Fast Connectable setting for adapters that # support it. When enabled other devices can connect faster to us, # however the tradeoff is increased power consumptions. This feature # will fully work only on kernel version 4.1 and newer. Defaults to # 'false'. #FastConnectable = false # Default privacy setting. # Enables use of private address. # Possible values for LE mode: "off", "network/on", "device" # Possible values for Dual mode: "off", "network/on", "device", # "limited-network", "limited-device" # # - off: Local privacy disabled. # # - network/on: A device will only accept advertising packets from peer # devices that contain private addresses. It may not be compatible with some # legacy devices since it requires the use of RPA(s) all the time. # # - device: A device in device privacy mode is only concerned about the # privacy of the device and will accept advertising packets from peer devices # that contain their Identity Address as well as ones that contain a private # address, even if the peer device has distributed its IRK in the past. # - limited-network: Apply Limited Discoverable Mode to advertising, which # follows the same policy as to BR/EDR that publishes the identity address when # discoverable, and Network Privacy Mode for scanning. # # - limited-device: Apply Limited Discoverable Mode to advertising, which # follows the same policy as to BR/EDR that publishes the identity address when # discoverable, and Device Privacy Mode for scanning. # # Defaults to "off" #Privacy = off # Specify the policy to the JUST-WORKS repairing initiated by peer # Possible values: "never", "confirm", "always" # Defaults to "never" #JustWorksRepairing = never # How long to keep temporary devices around # The value is in seconds. Default is 30. # 0 = disable timer, i.e. never keep temporary devices #TemporaryTimeout = 30 # Enables the device to issue an SDP request to update known services when # profile is connected. Defaults to true. #RefreshDiscovery = true # Default Secure Connections setting. # Enables the Secure Connections setting for adapters that support it. It # provides better crypto algorithms for BT links and also enables CTKD (cross # transport key derivation) during pairing on any link. # Possible values: "off", "on", "only" # - "off": Secure Connections are disabled # - "on": Secure Connections are enabled when peer device supports them # - "only": we allow only Secure Connections # Defaults to "on" #SecureConnections = on # Enables D-Bus experimental interfaces # Possible values: true or false #Experimental = false # Enables kernel experimental features, alternatively a list of UUIDs # can be given. # Possible values: true,false,<UUID List> # Possible UUIDS: # d4992530-b9ec-469f-ab01-6c481c47da1c (BlueZ Experimental Debug) # 671b10b5-42c0-4696-9227-eb28d1b049d6 (BlueZ Experimental Simultaneous Central and Peripheral) # 15c0a148-c273-11ea-b3de-0242ac130004 (BlueZ Experimental LL privacy) # 330859bc-7506-492d-9370-9a6f0614037f (BlueZ Experimental Bluetooth Quality Report) # a6695ace-ee7f-4fb9-881a-5fac66c629af (BlueZ Experimental Offload Codecs) # 6fbaf188-05e0-496a-9885-d6ddfdb4e03e (BlueZ Experimental ISO socket) # Defaults to false. #KernelExperimental = false # The duration to avoid retrying to resolve a peer's name, if the previous # try failed. # The value is in seconds. Default is 300, i.e. 5 minutes. #RemoteNameRequestRetryDelay = 300 [BR] # The following values are used to load default adapter parameters for BR/EDR. # BlueZ loads the values into the kernel before the adapter is powered if the # kernel supports the MGMT_LOAD_DEFAULT_PARAMETERS command. If a value isn't # provided, the kernel will be initialized to it's default value. The actual # value will vary based on the kernel version and thus aren't provided here. # The Bluetooth Core Specification should be consulted for the meaning and valid # domain of each of these values. # BR/EDR Page scan activity configuration #PageScanType= #PageScanInterval= #PageScanWindow= # BR/EDR Inquiry scan activity configuration #InquiryScanType= #InquiryScanInterval= #InquiryScanWindow= # BR/EDR Link supervision timeout #LinkSupervisionTimeout= # BR/EDR Page Timeout #PageTimeout= # BR/EDR Sniff Intervals #MinSniffInterval= #MaxSniffInterval= [LE] # The following values are used to load default adapter parameters for LE. # BlueZ loads the values into the kernel before the adapter is powered if the # kernel supports the MGMT_LOAD_DEFAULT_PARAMETERS command. If a value isn't # provided, the kernel will be initialized to it's default value. The actual # value will vary based on the kernel version and thus aren't provided here. # The Bluetooth Core Specification should be consulted for the meaning and valid # domain of each of these values. # LE advertisement interval (used for legacy advertisement interface only) #MinAdvertisementInterval= #MaxAdvertisementInterval= #MultiAdvertisementRotationInterval= # LE scanning parameters used for passive scanning supporting auto connect # scenarios #ScanIntervalAutoConnect= #ScanWindowAutoConnect= # LE scanning parameters used for passive scanning supporting wake from suspend # scenarios #ScanIntervalSuspend= #ScanWindowSuspend= # LE scanning parameters used for active scanning supporting discovery # proceedure #ScanIntervalDiscovery= #ScanWindowDiscovery= # LE scanning parameters used for passive scanning supporting the advertisement # monitor Apis #ScanIntervalAdvMonitor= #ScanWindowAdvMonitor= # LE scanning parameters used for connection establishment. #ScanIntervalConnect= #ScanWindowConnect= # LE default connection parameters. These values are superceeded by any # specific values provided via the Load Connection Parameters interface #MinConnectionInterval= #MaxConnectionInterval= #ConnectionLatency= #ConnectionSupervisionTimeout= #Autoconnecttimeout= # Scan duration during interleaving scan. Only used when scanning for ADV # monitors. The units are msec. # Default: 300 #AdvMonAllowlistScanDuration= # Default: 500 #AdvMonNoFilterScanDuration= # Enable/Disable Advertisement Monitor interleave scan for power saving. # 0: disable # 1: enable # Defaults to 1 #EnableAdvMonInterleaveScan= [GATT] # GATT attribute cache. # Possible values: # always: Always cache attributes even for devices not paired, this is # recommended as it is best for interoperability, with more consistent # reconnection times and enables proper tracking of notifications for all # devices. # yes: Only cache attributes of paired devices. # no: Never cache attributes # Default: always #Cache = always # Minimum required Encryption Key Size for accessing secured characteristics. # Possible values: 0 and 7-16. 0 means don't care. # Defaults to 0 #KeySize = 0 # Exchange MTU size. # Possible values: 23-517 # Defaults to 517 #ExchangeMTU = 517 # Number of ATT channels # Possible values: 1-5 (1 disables EATT) # Default to 1 #Channels = 1 [CSIS] # SIRK - Set Identification Resolution Key which is common for all the # sets. They SIRK key is used to identify its sets. This can be any # 128 bit value or a string value (e.g. product name) which is then hashed. # Possible Values: # 16 byte hexadecimal value: 861FAE703ED681F0C50B34155B6434FB # String value: "My Product Name" # Defaults to none #SIRK = # SIRK Encryption # Possible values: # true: Encrypt SIRK when read # false: Do not encrypt SIRK when read. (plaintext) # Defaults to true #Encryption = true # Total no of sets belongs to this Profile # Defaults to 0 #Size = 0 # Rank for the device # Defaults to 0 #Rank = 0 [AVDTP] # AVDTP L2CAP Signalling Channel Mode. # Possible values: # basic: Use L2CAP Basic Mode # ertm: Use L2CAP Enhanced Retransmission Mode #SessionMode = basic # AVDTP L2CAP Transport Channel Mode. # Possible values: # basic: Use L2CAP Basic Mode # streaming: Use L2CAP Streaming Mode #StreamMode = basic [Policy] # # The ReconnectUUIDs defines the set of remote services that should try # to be reconnected to in case of a link loss (link supervision # timeout). The policy plugin should contain a sane set of values by # default, but this list can be overridden here. By setting the list to # empty the reconnection feature gets disabled. #ReconnectUUIDs=00001112-0000-1000-8000-00805f9b34fb,0000111f-0000-1000-8000-00805f9b34fb,0000110a-0000-1000-8000-00805f9b34fb,0000110b-0000-1000-8000-00805f9b34fb # ReconnectAttempts define the number of attempts to reconnect after a link # lost. Setting the value to 0 disables reconnecting feature. #ReconnectAttempts=7 # ReconnectIntervals define the set of intervals in seconds to use in between # attempts. # If the number of attempts defined in ReconnectAttempts is bigger than the # set of intervals the last interval is repeated until the last attempt. #ReconnectIntervals=1,2,4,8,16,32,64 # AutoEnable defines option to enable all controllers when they are found. # This includes adapters present on start as well as adapters that are plugged # in later on. Defaults to 'true'. AutoEnable=true # Audio devices that were disconnected due to suspend will be reconnected on # resume. ResumeDelay determines the delay between when the controller # resumes from suspend and a connection attempt is made. A longer delay is # better for better co-existence with Wi-Fi. # The value is in seconds. # Default: 2 #ResumeDelay = 2 [AdvMon] # Default RSSI Sampling Period. This is used when a client registers an # advertisement monitor and leaves the RSSISamplingPeriod unset. # Possible values: # 0x00 Report all advertisements # N = 0xXX Report advertisements every N x 100 msec (range: 0x01 to 0xFE) # 0xFF Report only one advertisement per device during monitoring period # Default: 0xFF #RSSISamplingPeriod=0xFF </pre> </div> </div> == If editing /etc/bluetooth/main.conf did not work == Computers can be strange, for some reason, same hardware and OS (before reformat) editing /etc/bluetooth/main.conf did not work?! <br>This should work in theory, but sometimes the configuration might not be applied due to other settings or overrides (or the computer just went nuts). Found a kind of work around. <code>sudo $EDITOR /usr/local/bin/disable-bluetooth-on-startup.sh</code> * Add the following content to the script: <pre> #!/bin/bash # Turn off Bluetooth at startup rfkill block bluetooth </pre> * Make the script executable: <code>sudo chmod +x /usr/local/bin/disable-bluetooth-on-startup.sh</code> * have the script run after start up <code>$EDITOR ~/.config/autostart/bt_off.desktop</code> <pre> [Desktop Entry] Type=Application Name=BT off Exec=/usr/local/bin/disable-bluetooth-on-startup.sh Hidden=false NoDisplay=false X-GNOME-Autostart-enabled=true </pre> d2eli82o9yddkynzlairzvvl0m94vrf 461 460 2025-02-10T10:30:05Z AwesomO 5 /* If editing /etc/bluetooth/main.conf did not work */ 461 wikitext text/x-wiki == EDIT /etc/bluetooth/main.conf == File: <code>/etc/bluetooth/main.conf</code> <code>sudo $EDITOR /etc/bluetooth/main.conf</code> * Line: 322 <pre> # AutoEnable defines option to enable all controllers when they are found. # This includes adapters present on start as well as adapters that are plugged # in later on. Defaults to 'true'. AutoEnable=true </pre> * Change '''AutoEnable''' to false <code>AutoEnable=false</code> * save and exit '''Done''' from now on, bluetooth will not be enabled by default at startup. <div class="toccolours mw-collapsible mw-collapsed"> Default before edits <code>cat /etc/bluetooth/main.conf</code> <div class="mw-collapsible-content"> <pre> [General] # Defaults to 'BlueZ X.YZ', if Name is not set here and plugin 'hostname' is not loaded. # The plugin 'hostname' is loaded by default and overides the Name set here so # consider modifying /etc/machine-info with variable PRETTY_HOSTNAME=<NewName> instead. #Name = BlueZ # Default device class. Only the major and minor device class bits are # considered. Defaults to '0x000000'. #Class = 0x000100 # How long to stay in discoverable mode before going back to non-discoverable # The value is in seconds. Default is 180, i.e. 3 minutes. # 0 = disable timer, i.e. stay discoverable forever #DiscoverableTimeout = 0 # Always allow pairing even if there are no agent registered # Possible values: true, false # Default: false #AlwaysPairable = false # How long to stay in pairable mode before going back to non-discoverable # The value is in seconds. Default is 0. # 0 = disable timer, i.e. stay pairable forever #PairableTimeout = 0 # Use vendor id source (assigner), vendor, product and version information for # DID profile support. The values are separated by ":" and assigner, VID, PID # and version. # Possible vendor id source values: bluetooth, usb (default) or false (disabled) #DeviceID = bluetooth:1234:5678:abcd # Do reverse service discovery for previously unknown devices that connect to # us. For BR/EDR this option is really only needed for qualification since the # BITE tester doesn't like us doing reverse SDP for some test cases, for LE # this disables the GATT client functionally so it can be used in system which # can only operate as peripheral. # Defaults to 'true'. #ReverseServiceDiscovery = true # Enable name resolving after inquiry. Set it to 'false' if you don't need # remote devices name and want shorter discovery cycle. Defaults to 'true'. #NameResolving = true # Enable runtime persistency of debug link keys. Default is false which # makes debug link keys valid only for the duration of the connection # that they were created for. #DebugKeys = false # Restricts all controllers to the specified transport. Default value # is "dual", i.e. both BR/EDR and LE enabled (when supported by the HW). # Possible values: "dual", "bredr", "le" #ControllerMode = dual # Maximum number of controllers allowed to be exposed to the system. # Default=0 (unlimited) #MaxControllers=0 # Enables Multi Profile Specification support. This allows to specify if # system supports only Multiple Profiles Single Device (MPSD) configuration # or both Multiple Profiles Single Device (MPSD) and Multiple Profiles Multiple # Devices (MPMD) configurations. # Possible values: "off", "single", "multiple" #MultiProfile = off # Permanently enables the Fast Connectable setting for adapters that # support it. When enabled other devices can connect faster to us, # however the tradeoff is increased power consumptions. This feature # will fully work only on kernel version 4.1 and newer. Defaults to # 'false'. #FastConnectable = false # Default privacy setting. # Enables use of private address. # Possible values for LE mode: "off", "network/on", "device" # Possible values for Dual mode: "off", "network/on", "device", # "limited-network", "limited-device" # # - off: Local privacy disabled. # # - network/on: A device will only accept advertising packets from peer # devices that contain private addresses. It may not be compatible with some # legacy devices since it requires the use of RPA(s) all the time. # # - device: A device in device privacy mode is only concerned about the # privacy of the device and will accept advertising packets from peer devices # that contain their Identity Address as well as ones that contain a private # address, even if the peer device has distributed its IRK in the past. # - limited-network: Apply Limited Discoverable Mode to advertising, which # follows the same policy as to BR/EDR that publishes the identity address when # discoverable, and Network Privacy Mode for scanning. # # - limited-device: Apply Limited Discoverable Mode to advertising, which # follows the same policy as to BR/EDR that publishes the identity address when # discoverable, and Device Privacy Mode for scanning. # # Defaults to "off" #Privacy = off # Specify the policy to the JUST-WORKS repairing initiated by peer # Possible values: "never", "confirm", "always" # Defaults to "never" #JustWorksRepairing = never # How long to keep temporary devices around # The value is in seconds. Default is 30. # 0 = disable timer, i.e. never keep temporary devices #TemporaryTimeout = 30 # Enables the device to issue an SDP request to update known services when # profile is connected. Defaults to true. #RefreshDiscovery = true # Default Secure Connections setting. # Enables the Secure Connections setting for adapters that support it. It # provides better crypto algorithms for BT links and also enables CTKD (cross # transport key derivation) during pairing on any link. # Possible values: "off", "on", "only" # - "off": Secure Connections are disabled # - "on": Secure Connections are enabled when peer device supports them # - "only": we allow only Secure Connections # Defaults to "on" #SecureConnections = on # Enables D-Bus experimental interfaces # Possible values: true or false #Experimental = false # Enables kernel experimental features, alternatively a list of UUIDs # can be given. # Possible values: true,false,<UUID List> # Possible UUIDS: # d4992530-b9ec-469f-ab01-6c481c47da1c (BlueZ Experimental Debug) # 671b10b5-42c0-4696-9227-eb28d1b049d6 (BlueZ Experimental Simultaneous Central and Peripheral) # 15c0a148-c273-11ea-b3de-0242ac130004 (BlueZ Experimental LL privacy) # 330859bc-7506-492d-9370-9a6f0614037f (BlueZ Experimental Bluetooth Quality Report) # a6695ace-ee7f-4fb9-881a-5fac66c629af (BlueZ Experimental Offload Codecs) # 6fbaf188-05e0-496a-9885-d6ddfdb4e03e (BlueZ Experimental ISO socket) # Defaults to false. #KernelExperimental = false # The duration to avoid retrying to resolve a peer's name, if the previous # try failed. # The value is in seconds. Default is 300, i.e. 5 minutes. #RemoteNameRequestRetryDelay = 300 [BR] # The following values are used to load default adapter parameters for BR/EDR. # BlueZ loads the values into the kernel before the adapter is powered if the # kernel supports the MGMT_LOAD_DEFAULT_PARAMETERS command. If a value isn't # provided, the kernel will be initialized to it's default value. The actual # value will vary based on the kernel version and thus aren't provided here. # The Bluetooth Core Specification should be consulted for the meaning and valid # domain of each of these values. # BR/EDR Page scan activity configuration #PageScanType= #PageScanInterval= #PageScanWindow= # BR/EDR Inquiry scan activity configuration #InquiryScanType= #InquiryScanInterval= #InquiryScanWindow= # BR/EDR Link supervision timeout #LinkSupervisionTimeout= # BR/EDR Page Timeout #PageTimeout= # BR/EDR Sniff Intervals #MinSniffInterval= #MaxSniffInterval= [LE] # The following values are used to load default adapter parameters for LE. # BlueZ loads the values into the kernel before the adapter is powered if the # kernel supports the MGMT_LOAD_DEFAULT_PARAMETERS command. If a value isn't # provided, the kernel will be initialized to it's default value. The actual # value will vary based on the kernel version and thus aren't provided here. # The Bluetooth Core Specification should be consulted for the meaning and valid # domain of each of these values. # LE advertisement interval (used for legacy advertisement interface only) #MinAdvertisementInterval= #MaxAdvertisementInterval= #MultiAdvertisementRotationInterval= # LE scanning parameters used for passive scanning supporting auto connect # scenarios #ScanIntervalAutoConnect= #ScanWindowAutoConnect= # LE scanning parameters used for passive scanning supporting wake from suspend # scenarios #ScanIntervalSuspend= #ScanWindowSuspend= # LE scanning parameters used for active scanning supporting discovery # proceedure #ScanIntervalDiscovery= #ScanWindowDiscovery= # LE scanning parameters used for passive scanning supporting the advertisement # monitor Apis #ScanIntervalAdvMonitor= #ScanWindowAdvMonitor= # LE scanning parameters used for connection establishment. #ScanIntervalConnect= #ScanWindowConnect= # LE default connection parameters. These values are superceeded by any # specific values provided via the Load Connection Parameters interface #MinConnectionInterval= #MaxConnectionInterval= #ConnectionLatency= #ConnectionSupervisionTimeout= #Autoconnecttimeout= # Scan duration during interleaving scan. Only used when scanning for ADV # monitors. The units are msec. # Default: 300 #AdvMonAllowlistScanDuration= # Default: 500 #AdvMonNoFilterScanDuration= # Enable/Disable Advertisement Monitor interleave scan for power saving. # 0: disable # 1: enable # Defaults to 1 #EnableAdvMonInterleaveScan= [GATT] # GATT attribute cache. # Possible values: # always: Always cache attributes even for devices not paired, this is # recommended as it is best for interoperability, with more consistent # reconnection times and enables proper tracking of notifications for all # devices. # yes: Only cache attributes of paired devices. # no: Never cache attributes # Default: always #Cache = always # Minimum required Encryption Key Size for accessing secured characteristics. # Possible values: 0 and 7-16. 0 means don't care. # Defaults to 0 #KeySize = 0 # Exchange MTU size. # Possible values: 23-517 # Defaults to 517 #ExchangeMTU = 517 # Number of ATT channels # Possible values: 1-5 (1 disables EATT) # Default to 1 #Channels = 1 [CSIS] # SIRK - Set Identification Resolution Key which is common for all the # sets. They SIRK key is used to identify its sets. This can be any # 128 bit value or a string value (e.g. product name) which is then hashed. # Possible Values: # 16 byte hexadecimal value: 861FAE703ED681F0C50B34155B6434FB # String value: "My Product Name" # Defaults to none #SIRK = # SIRK Encryption # Possible values: # true: Encrypt SIRK when read # false: Do not encrypt SIRK when read. (plaintext) # Defaults to true #Encryption = true # Total no of sets belongs to this Profile # Defaults to 0 #Size = 0 # Rank for the device # Defaults to 0 #Rank = 0 [AVDTP] # AVDTP L2CAP Signalling Channel Mode. # Possible values: # basic: Use L2CAP Basic Mode # ertm: Use L2CAP Enhanced Retransmission Mode #SessionMode = basic # AVDTP L2CAP Transport Channel Mode. # Possible values: # basic: Use L2CAP Basic Mode # streaming: Use L2CAP Streaming Mode #StreamMode = basic [Policy] # # The ReconnectUUIDs defines the set of remote services that should try # to be reconnected to in case of a link loss (link supervision # timeout). The policy plugin should contain a sane set of values by # default, but this list can be overridden here. By setting the list to # empty the reconnection feature gets disabled. #ReconnectUUIDs=00001112-0000-1000-8000-00805f9b34fb,0000111f-0000-1000-8000-00805f9b34fb,0000110a-0000-1000-8000-00805f9b34fb,0000110b-0000-1000-8000-00805f9b34fb # ReconnectAttempts define the number of attempts to reconnect after a link # lost. Setting the value to 0 disables reconnecting feature. #ReconnectAttempts=7 # ReconnectIntervals define the set of intervals in seconds to use in between # attempts. # If the number of attempts defined in ReconnectAttempts is bigger than the # set of intervals the last interval is repeated until the last attempt. #ReconnectIntervals=1,2,4,8,16,32,64 # AutoEnable defines option to enable all controllers when they are found. # This includes adapters present on start as well as adapters that are plugged # in later on. Defaults to 'true'. AutoEnable=true # Audio devices that were disconnected due to suspend will be reconnected on # resume. ResumeDelay determines the delay between when the controller # resumes from suspend and a connection attempt is made. A longer delay is # better for better co-existence with Wi-Fi. # The value is in seconds. # Default: 2 #ResumeDelay = 2 [AdvMon] # Default RSSI Sampling Period. This is used when a client registers an # advertisement monitor and leaves the RSSISamplingPeriod unset. # Possible values: # 0x00 Report all advertisements # N = 0xXX Report advertisements every N x 100 msec (range: 0x01 to 0xFE) # 0xFF Report only one advertisement per device during monitoring period # Default: 0xFF #RSSISamplingPeriod=0xFF </pre> </div> </div> == If editing /etc/bluetooth/main.conf did not work == Computers can be strange, for some reason, same hardware and OS (before reformat) editing /etc/bluetooth/main.conf did not work?! <br>This should work in theory, but sometimes the configuration might not be applied due to other settings or overrides (or the computer just went nuts). Found a kind of work around. <code>sudo $EDITOR /usr/local/bin/disable-bluetooth-on-startup.sh</code> * Add the following content to the script: <pre> #!/bin/bash # Turn off Bluetooth at startup rfkill block bluetooth </pre> * Make the script executable: <code>sudo chmod +x /usr/local/bin/disable-bluetooth-on-startup.sh</code> * have the script run after start up <code>$EDITOR ~/.config/autostart/bt_off.desktop</code> <pre> [Desktop Entry] Type=Application Name=BT off Exec=/usr/local/bin/disable-bluetooth-on-startup.sh Hidden=false NoDisplay=false X-GNOME-Autostart-enabled=true </pre> ==systemd== And once both main.conf and running a script with autostart did not work, don't know why. so used systemd to not load bluetooth at startup. ===stop bluetooth from loading at start up=== Run the following command in the terminal to disable the Bluetooth service from starting at boot: <code>sudo systemctl disable bluetooth.service</code> THIS REMOVES BLUETOOTH from menu on the top right on mate desktop - ==== start and use bluetooth if needed later ==== <code>sudo systemctl enable bluetooth</code> And from the Gui start menu click 'Bluetooth adapters' and 'Bluetooth manager' from there you can toogle on blue tooth. notuzbzxi9fjf4ia7zw0afjitzx3zgs 0 138 462 2025-02-13T16:29:26Z AwesomO 5 Created page with "==Set $EDITOR== In Linux and other Unix-like operating systems, the EDITOR environment variable is used to specify the default text editor that should be used when opening and editing files from the command line. The set EDITOR=nano command is used to set the EDITOR environment variable to the nano text editor. This means that any command or program that requires a text editor to be opened, such as git commit, will now use nano as the default editor instead of the prev..." 462 wikitext text/x-wiki ==Set $EDITOR== In Linux and other Unix-like operating systems, the EDITOR environment variable is used to specify the default text editor that should be used when opening and editing files from the command line. The set EDITOR=nano command is used to set the EDITOR environment variable to the nano text editor. This means that any command or program that requires a text editor to be opened, such as git commit, will now use nano as the default editor instead of the previously set default. The nano editor is a simple, easy-to-use text editor that is designed to be user-friendly and intuitive, making it a good choice for beginners who are new to Linux. Setting the EDITOR environment variable to nano can be useful for users who prefer to use nano as their default text editor, or for users who are not familiar with other text editors like vi or emacs. To make the EDITOR environment variable persist across terminal sessions, you can add the set EDITOR=nano command to your shell startup file, such as .bashrc or .zshrc, depending on which shell you are using. To see if <b>EDITOR</b> as already be assigned:<br> <code>echo $EDITOR</code><br> <br> To set environment variable:<br> <code>set EDITOR=nano</code><br> <br> To unset use:<br> <code>unset EDITOR</code><br> ep0xqkm27qxazi972fw5z2ebeto9azz 463 462 2025-02-13T16:30:38Z AwesomO 5 /* Set $EDITOR */ 463 wikitext text/x-wiki ==Set $EDITOR== In Linux and other Unix-like operating systems, the EDITOR environment variable is used to specify the default text editor that should be used when opening and editing files from the command line. The set EDITOR=nano command is used to set the EDITOR environment variable to the nano text editor. This means that any command or program that requires a text editor to be opened, such as git commit, will now use nano as the default editor instead of the previously set default. The nano editor is a simple, easy-to-use text editor that is designed to be user-friendly and intuitive, making it a good choice for beginners who are new to Linux. Setting the EDITOR environment variable to nano can be useful for users who prefer to use nano as their default text editor, or for users who are not familiar with other text editors like vi or emacs. To make the EDITOR environment variable persist across terminal sessions, you can add the set EDITOR=nano command to your shell startup file, such as .bashrc or .zshrc, depending on which shell you are using. To see if <b>EDITOR</b> as already be assigned:<br> <code>echo $EDITOR</code><br> <br> To set environment variable:<br> <code>set EDITOR=nano</code><br> <br> To unset use:<br> <code>unset EDITOR</code><br> Now you can use <code>$EDITOR /home/$USER/somefile.txt</code> and it will open using nano or any other editor you set. sszcw5ji9ktke02hdoyant8auqx9zsm 466 463 2025-02-13T16:33:47Z AwesomO 5 /* Set $EDITOR */ 466 wikitext text/x-wiki ==Set $EDITOR== In Linux and other Unix-like operating systems, the '''EDITOR''' environment variable specifies the default text editor for command-line operations. To set '''EDITOR''' to the '''nano''' text editor, use: <code>set EDITOR=nano</code> This ensures that commands or programs needing a text editor, like '''git commit''', will use nano by default. '''Nano''' is appreciated for its simplicity and user-friendly interface, making it ideal for beginners. Setting '''EDITOR''' to nano can be beneficial for: * Users preferring nano over other editors like vi or emacs. * Those new to Linux. To make this setting persistent across sessions, add the command to your shell startup file: * For Bash: '''~/.bashrc''' * For Zsh: '''~/.zshrc''' === Checking, Setting, and Unsetting $EDITOR === - Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> - Set the environment variable: <code>set EDITOR=nano</code> - Unset the variable: <code>unset EDITOR</code> Once set, you can use: <code>$EDITOR /home/$USER/somefile.txt</code> to open files with your chosen editor, in this case, nano. s95eef1r788tioldbeiuxeonr42yw82 467 466 2025-02-16T22:08:45Z AwesomO 5 forgot about bash 467 wikitext text/x-wiki ==Set $EDITOR== In FreeBSD and other Unix-like operating systems, the '''EDITOR''' environment variable specifies the default text editor for command-line operations. To set '''EDITOR''' to the '''nano''' text editor, use: <code>set EDITOR=nano</code> This ensures that commands or programs needing a text editor, like '''git commit''', will use nano by default. '''Nano''' is appreciated for its simplicity and user-friendly interface, making it ideal for beginners. Setting '''EDITOR''' to nano can be beneficial for: * Users preferring nano over other editors like vi or emacs. * Those new to Linux. To make this setting persistent across sessions, add the command to your shell startup file: * For Bash: '''~/.bashrc''' * For Zsh: '''~/.zshrc''' === '''SH SHELL''' Checking, Setting, and Unsetting $EDITOR === - Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> - Set the environment variable: <code>set EDITOR=nano</code> - Unset the variable: <code>unset EDITOR</code> Once set, you can use: <code>$EDITOR /home/$USER/somefile.txt</code> to open files with your chosen editor, in this case, nano. === '''BASH SHELL''' Checking, Setting, and Unsetting $EDITOR === - Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> - Set the environment variable: <code>export EDITOR=nano</code> - Unset the variable: <code>export EDITOR=</code> * will export/set EDITOR to empty string Once set, you can use: <code>$EDITOR /home/$USER/somefile.txt</code> to open files with your chosen editor, in this case, nano. gkp68yffa0hmmenm3d89w0f59ekiidz 581 467 2025-06-22T11:19:58Z AwesomO 5 /* SH SHELL Checking, Setting, and Unsetting $EDITOR */ 581 wikitext text/x-wiki ==Set $EDITOR== In FreeBSD and other Unix-like operating systems, the '''EDITOR''' environment variable specifies the default text editor for command-line operations. To set '''EDITOR''' to the '''nano''' text editor, use: <code>set EDITOR=nano</code> This ensures that commands or programs needing a text editor, like '''git commit''', will use nano by default. '''Nano''' is appreciated for its simplicity and user-friendly interface, making it ideal for beginners. Setting '''EDITOR''' to nano can be beneficial for: * Users preferring nano over other editors like vi or emacs. * Those new to Linux. To make this setting persistent across sessions, add the command to your shell startup file: * For Bash: '''~/.bashrc''' * For Zsh: '''~/.zshrc''' === '''SH SHELL''' Checking, Setting, and Unsetting $EDITOR === * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>set EDITOR=nano</code> * Unset the variable: <code>unset EDITOR</code> Once set, you can use:<br> <code>$EDITOR /home/$USER/somefile.txt</code><br> to open files with your chosen editor, in this case, nano. === '''BASH SHELL''' Checking, Setting, and Unsetting $EDITOR === - Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> - Set the environment variable: <code>export EDITOR=nano</code> - Unset the variable: <code>export EDITOR=</code> * will export/set EDITOR to empty string Once set, you can use: <code>$EDITOR /home/$USER/somefile.txt</code> to open files with your chosen editor, in this case, nano. dbtveb7hyt28ljo32h8pcf1dha4t02o 582 581 2025-06-22T11:22:33Z AwesomO 5 /* BASH SHELL Checking, Setting, and Unsetting $EDITOR */ 582 wikitext text/x-wiki ==Set $EDITOR== In FreeBSD and other Unix-like operating systems, the '''EDITOR''' environment variable specifies the default text editor for command-line operations. To set '''EDITOR''' to the '''nano''' text editor, use: <code>set EDITOR=nano</code> This ensures that commands or programs needing a text editor, like '''git commit''', will use nano by default. '''Nano''' is appreciated for its simplicity and user-friendly interface, making it ideal for beginners. Setting '''EDITOR''' to nano can be beneficial for: * Users preferring nano over other editors like vi or emacs. * Those new to Linux. To make this setting persistent across sessions, add the command to your shell startup file: * For Bash: '''~/.bashrc''' * For Zsh: '''~/.zshrc''' === '''SH SHELL''' Checking, Setting, and Unsetting $EDITOR === * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>set EDITOR=nano</code> * Unset the variable: <code>unset EDITOR</code> Once set, you can use:<br> <code>$EDITOR /home/$USER/somefile.txt</code><br> to open files with your chosen editor, in this case, nano. === '''BASH SHELL''' Checking, Setting, and Unsetting $EDITOR === * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set (export) the environment variable: <code>export EDITOR=nano</code> * Unset the variable: <code>export EDITOR=</code> * will export/set EDITOR to empty string Once set, you can use:<br> <code>$EDITOR /home/$USER/somefile.txt</code><br> to open files with your chosen editor, in this case, nano. lxo0bjodm12z90zy331sdpjiu82ab9s 583 582 2025-06-22T11:28:41Z AwesomO 5 /* Set $EDITOR */ 583 wikitext text/x-wiki ==Drop Down Info Box For Setting $EDITOR== <div class="toccolours mw-collapsible mw-collapsed"> Set <code>$EDITOR</code> - Quick Guide <div class="mw-collapsible-content"> <b>FIND WHICH SHELL YOU ARE USING</b><br> * This command will tell you your current shell. <code>echo $SHELL</code> <br> <b>SH SHELL</b> * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>set EDITOR=nano</code> * Unset the variable: <code>unset EDITOR</code> <br> <b>BASH SHELL</b> * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>export EDITOR=nano</code> * Unset the variable: ** will export/set EDITOR to empty string <code>export EDITOR=</code> </div> </div> ==Find your current shell== * Will return your current shell <code>echo $SHELL</code> ==Set $EDITOR== In FreeBSD and other Unix-like operating systems, the '''EDITOR''' environment variable specifies the default text editor for command-line operations. To set '''EDITOR''' to the '''nano''' text editor, use: <code>set EDITOR=nano</code> This ensures that commands or programs needing a text editor, like '''git commit''', will use nano by default. '''Nano''' is appreciated for its simplicity and user-friendly interface, making it ideal for beginners. Setting '''EDITOR''' to nano can be beneficial for: * Users preferring nano over other editors like vi or emacs. * Those new to Linux. To make this setting persistent across sessions, add the command to your shell startup file: * For Bash: '''~/.bashrc''' * For Zsh: '''~/.zshrc''' === '''SH SHELL''' Checking, Setting, and Unsetting $EDITOR === * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>set EDITOR=nano</code> * Unset the variable: <code>unset EDITOR</code> Once set, you can use:<br> <code>$EDITOR /home/$USER/somefile.txt</code><br> to open files with your chosen editor, in this case, nano. === '''BASH SHELL''' Checking, Setting, and Unsetting $EDITOR === * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set (export) the environment variable: <code>export EDITOR=nano</code> * Unset the variable: <code>export EDITOR=</code> * will export/set EDITOR to empty string Once set, you can use:<br> <code>$EDITOR /home/$USER/somefile.txt</code><br> to open files with your chosen editor, in this case, nano. 0jm4r1lkmqe8oj1a3x4cywe2apmffp7 584 583 2025-06-22T11:30:09Z AwesomO 5 /* Drop Down Info Box For Setting $EDITOR */ 584 wikitext text/x-wiki ==Drop Down Info Box For Setting $EDITOR== <div class="toccolours mw-collapsible mw-collapsed"> Set CLi Text <code>$EDITOR</code> - Quick Guide <div class="mw-collapsible-content"> <b>FIND WHICH SHELL YOU ARE USING</b><br> * This command will tell you your current shell. <code>echo $SHELL</code> <br> <b>SH SHELL</b> * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>set EDITOR=nano</code> * Unset the variable: <code>unset EDITOR</code> <br> <b>BASH SHELL</b> * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>export EDITOR=nano</code> * Unset the variable: ** will export/set EDITOR to empty string <code>export EDITOR=</code> </div> </div> ==Find your current shell== * Will return your current shell <code>echo $SHELL</code> ==Set $EDITOR== In FreeBSD and other Unix-like operating systems, the '''EDITOR''' environment variable specifies the default text editor for command-line operations. To set '''EDITOR''' to the '''nano''' text editor, use: <code>set EDITOR=nano</code> This ensures that commands or programs needing a text editor, like '''git commit''', will use nano by default. '''Nano''' is appreciated for its simplicity and user-friendly interface, making it ideal for beginners. Setting '''EDITOR''' to nano can be beneficial for: * Users preferring nano over other editors like vi or emacs. * Those new to Linux. To make this setting persistent across sessions, add the command to your shell startup file: * For Bash: '''~/.bashrc''' * For Zsh: '''~/.zshrc''' === '''SH SHELL''' Checking, Setting, and Unsetting $EDITOR === * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>set EDITOR=nano</code> * Unset the variable: <code>unset EDITOR</code> Once set, you can use:<br> <code>$EDITOR /home/$USER/somefile.txt</code><br> to open files with your chosen editor, in this case, nano. === '''BASH SHELL''' Checking, Setting, and Unsetting $EDITOR === * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set (export) the environment variable: <code>export EDITOR=nano</code> * Unset the variable: <code>export EDITOR=</code> * will export/set EDITOR to empty string Once set, you can use:<br> <code>$EDITOR /home/$USER/somefile.txt</code><br> to open files with your chosen editor, in this case, nano. 7j3hho0gwxof8w5vhgk7p2dpcvqccc1 586 584 2025-06-23T12:44:48Z AwesomO 5 /* Drop Down Info Box For Setting $EDITOR */ 586 wikitext text/x-wiki ==Drop Down Info Box For Setting $EDITOR== <div class="toccolours mw-collapsible mw-collapsed"> Set CLi Text <code>$EDITOR</code> - Quick Guide <div class="mw-collapsible-content"> <b>FIND WHICH SHELL YOU ARE USING</b><br> * This command will tell you your current shell. <code>echo $SHELL</code> <br> <b>SH SHELL</b> * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>set EDITOR=nano</code> * Unset the variable: <code>unset EDITOR</code> <br> <b>BASH SHELL</b> * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>export EDITOR=nano</code> * Unset the variable: ** will export/set EDITOR to empty string <code>export EDITOR=</code> </div> </div> ==SET EDITOR - link to drop down== * Appending the following to your wiki page , will include the drop down <b>How to Set $EDITOR</b> guide. <nowiki>{{:SET_EDITOR}}</nowiki> * Example Below: {{:SET_EDITOR}} ==Find your current shell== * Will return your current shell <code>echo $SHELL</code> ==Set $EDITOR== In FreeBSD and other Unix-like operating systems, the '''EDITOR''' environment variable specifies the default text editor for command-line operations. To set '''EDITOR''' to the '''nano''' text editor, use: <code>set EDITOR=nano</code> This ensures that commands or programs needing a text editor, like '''git commit''', will use nano by default. '''Nano''' is appreciated for its simplicity and user-friendly interface, making it ideal for beginners. Setting '''EDITOR''' to nano can be beneficial for: * Users preferring nano over other editors like vi or emacs. * Those new to Linux. To make this setting persistent across sessions, add the command to your shell startup file: * For Bash: '''~/.bashrc''' * For Zsh: '''~/.zshrc''' === '''SH SHELL''' Checking, Setting, and Unsetting $EDITOR === * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>set EDITOR=nano</code> * Unset the variable: <code>unset EDITOR</code> Once set, you can use:<br> <code>$EDITOR /home/$USER/somefile.txt</code><br> to open files with your chosen editor, in this case, nano. === '''BASH SHELL''' Checking, Setting, and Unsetting $EDITOR === * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set (export) the environment variable: <code>export EDITOR=nano</code> * Unset the variable: <code>export EDITOR=</code> * will export/set EDITOR to empty string Once set, you can use:<br> <code>$EDITOR /home/$USER/somefile.txt</code><br> to open files with your chosen editor, in this case, nano. 6eyctdd6u8r10x8lcxrri0nr9qgrfme 0 139 468 2025-02-16T22:59:11Z AwesomO 5 Created page with " ==Starting Environment== * '''Hardware''': HP EliteDesk 800 G1 * '''Operating System''': Ubuntu-Mate 24.04 * '''Installation Type''': Fresh Install * '''Initial Setup Post-Install''': Package Update: <code>sudo apt update && sudo apt upgrade -y</code> * '''Additional Software''': Installed just to record screen for this tut and not needed <code>sudo apt install simplescreenrecorder</code> == Docker Installation Guide == === Preparation === Before we begin, make sure..." 468 wikitext text/x-wiki ==Starting Environment== * '''Hardware''': HP EliteDesk 800 G1 * '''Operating System''': Ubuntu-Mate 24.04 * '''Installation Type''': Fresh Install * '''Initial Setup Post-Install''': Package Update: <code>sudo apt update && sudo apt upgrade -y</code> * '''Additional Software''': Installed just to record screen for this tut and not needed <code>sudo apt install simplescreenrecorder</code> == Docker Installation Guide == === Preparation === Before we begin, make sure you're logged in with a user account that has sudo privileges. === Update System Packages === Update your package list to ensure you have the latest versions of packages: <source lang="bash"> sudo apt update </source> === Install Docker Prerequisites === Install the necessary packages for Docker setup: <source lang="bash"> sudo apt install -y apt-transport-https ca-certificates curl software-properties-common </source> === Setup Docker Repository === * '''Add Docker's Official GPG Key''': <source lang="bash"> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg </source> * '''Add the Docker Repository''': <source lang="bash"> echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null </source> === Install Docker and Docker Compose === * '''Update Package List Again''': <source lang="bash"> sudo apt update </source> * '''Install Docker Engine, CLI, Containerd, and Additional Tools''': <source lang="bash"> sudo apt install -y docker-ce docker-ce-cli containerd.io python3-bs4 python3-requests docker-compose </source> * '''Install Docker Compose''': Here we're downloading the latest version of Docker Compose: <source lang="bash"> sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose </source> Make the Docker Compose binary executable: <source lang="bash"> sudo chmod +x /usr/local/bin/docker-compose </source> === Verify Installation === Check if Docker and Docker Compose are installed correctly: <source lang="bash"> docker --version docker-compose --version </source> === Configure User Permissions === To run Docker commands without <code>sudo</code>, add your user to the <code>docker</code> group: <source lang="bash"> sudo usermod -aG docker $USER </source> '''Note''': After adding your user to the docker group, you'll need to '''log out and log back in''' for the changes to take effect. If you do not log out and back in, Or you do not add your $USER to the docker group, you will be required to use sudo in some cases. such as .. = Creating a Wiki and Importing an XML Dump = == Setup the Wiki Environment == === Create Directory for the Wiki === <source lang="bash"> mkdir noobwiki cd noobwiki </source> === Create Docker Compose File === Edit your <code>docker-compose.yml</code> file: * [[SET$EDITOR|set editor]] <source lang="bash"> $EDITOR docker-compose.yml </source> '''Contents of <code>docker-compose.yml</code>''': <source lang="yaml"> services: database: image: mysql:5.7 environment: MYSQL_DATABASE: my_wiki MYSQL_USER: wikiuser MYSQL_PASSWORD: wikipass MYSQL_RANDOM_ROOT_PASSWORD: 'yes' volumes: - ./mysql_data:/var/lib/mysql mediawiki: image: mediawiki ports: - 8080:80 links: - database volumes: - ./mediawiki_data:/var/www/html/images # - ./LocalSettings.php:/var/www/html/LocalSettings.php # This line is commented out initially </source> '''Note:''' The <code>LocalSettings.php</code> volume mapping is commented out to prevent automatic creation during initial setup. == Python Script for Setup and XML Import == === Script Details === Create a Python script to automate the setup and import process: <source lang="bash"> $EDITOR setup_and_import.py </source> '''Contents of <code>setup_and_import.py</code>''': <source lang="python"> import os import time import requests from bs4 import BeautifulSoup import re import subprocess import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def get_available_dumps(): response = requests.get(BASE_URL) soup = BeautifulSoup(response.text, 'html.parser') dumps = [] for link in soup.find_all('a'): href = link.get('href') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', href): dumps.append(href.rstrip('/')) return sorted(dumps, reverse=True) def get_dump_files(dump): response = requests.get(BASE_URL + dump) soup = BeautifulSoup(response.text, 'html.parser') files = {} for link in soup.find_all('a'): href = link.get('href') if href.endswith('.xml'): files[href] = link.next_sibling.strip() return files def download_file(url, filename): response = requests.get(url) with open(filename, 'wb') as f: f.write(response.content) def run_command(command): process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) output, error = process.communicate() return output.decode(), error.decode(), process.returncode def setup_mediawiki(): print("Setting up MediaWiki...") os.system("docker-compose up -d") time.sleep(10) # Wait for services to start print("Please complete the MediaWiki installation by visiting http://localhost:8080") print("Use the following database settings:") print("Database host: database") print("Database name: my_wiki") print("Database username: wikiuser") print("Database password: wikipass") input("Press Enter when you have completed the installation and downloaded LocalSettings.php...") if not os.path.exists('LocalSettings.php'): print("LocalSettings.php not found. Please place it in the current directory.") sys.exit(1) os.system("docker-compose restart mediawiki") print("MediaWiki setup completed.") def import_xml_to_mediawiki(xml_file): command = f"docker-compose exec -T mediawiki php maintenance/importDump.php < {xml_file}" output, error, return_code = run_command(command) if return_code != 0: print(f"Error importing XML: {error}") sys.exit(1) print(output) def main(): if not os.path.exists('LocalSettings.php'): setup_mediawiki() dumps = get_available_dumps() print("Available dumps:") for i, dump in enumerate(dumps): print(f"{i + 1}. {dump}") choice = int(input("Enter the number of the dump you want to download: ")) - 1 selected_dump = dumps[choice] files = get_dump_files(selected_dump) xml_file = next(iter(files)) print(f"Downloading {xml_file}...") download_file(BASE_URL + selected_dump + '/' + xml_file, xml_file) print("Importing XML dump into MediaWiki...") import_xml_to_mediawiki(xml_file) print("Import completed successfully.") if __name__ == "__main__": main()</source> === Running the Script === <source lang="bash"> python3 setup_and_import.py </source> <div class="toccolours mw-collapsible mw-collapsed"> '''Terminal Output: when script running at this stage: <div class="mw-collapsible-content"> <pre> noob@noob-elite:~/wiki$ python3 setup_and_import.py Setting up MediaWiki... WARN[0000] /home/noob/wiki/docker-compose.yml: the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion [+] Running 33/2 ✔ database Pulled 54.0s ✔ mediawiki Pulled 95.0s [+] Running 3/3 ✔ Network wiki_default Created 0.1s ✔ Container wiki-database-1 Started 0.3s ✔ Container wiki-mediawiki-1 Started 0.5s Please complete the MediaWiki installation by visiting http://localhost:8080 Use the following database settings: Database host: database Database name: my_wiki Database username: wikiuser Database password: wikipass Press Enter when you have completed the installation and downloaded LocalSettings.php... </pre> </div> </div> === Script Execution Steps === * '''Initial Setup:''' The script starts Docker containers and waits for MediaWiki installation. * '''Manual Steps:''' ** Leave the script terminal running. ** Open a new terminal for further commands. ** Visit <code>http://localhost:8080</code> in your browser to complete the MediaWiki setup using: *** Database host: <code>database</code> *** Database name: <code>my_wiki</code> *** Database username: <code>wikiuser</code> *** Database password: <code>wikipass</code> * '''Post Installation:''' ** Download <code>LocalSettings.php</code> from the browser. ** This Downloads to your <code>Downloads</code> directory, move/copy to your <code>noobwiki</code> directory. ** Stop the containers: *** NOTE: <code>docker-compose</code> commands are ment to be run in direcotry containing the docker-compose.yml file Or you need to use <code>docker-compose -f /path/to/docker-compose.yml down -v</code> <source lang="bash"> docker-compose down -v </source> ** Uncomment the <code>LocalSettings.php</code> volume mapping in <code>docker-compose.yml</code>. <source lang="bash"> $EDITOR docker-compose.yml</source> <div class="toccolours mw-collapsible mw-collapsed"> <code>docker-compose.yml</code> After uncommenting: <div class="mw-collapsible-content"> <pre> services: database: image: mysql:5.7 environment: MYSQL_DATABASE: my_wiki MYSQL_USER: wikiuser MYSQL_PASSWORD: wikipass MYSQL_RANDOM_ROOT_PASSWORD: 'yes' volumes: - ./mysql_data:/var/lib/mysql mediawiki: image: mediawiki ports: - 8080:80 links: - database volumes: - ./mediawiki_data:/var/www/html/images - ./LocalSettings.php:/var/www/html/LocalSettings.php # This line is commented out initially </pre> </div> </div> ** Restart Docker: <source lang="bash"> docker-compose up -d </source> * '''Return to Script Terminal:''' ** Press Enter to continue with XML dump selection and import. ===Post LocalSettings.php script=== After returning to script and pressing Enter, the script will scan xml.completenoobs.com and give you a list of wiki dumps with a Number on the left and a date. * Enter number to select a dated xml <pre> Press Enter when you have completed the installation and downloaded LocalSettings.php... [+] Restarting 1/1 ✔ Container wiki-mediawiki-1 Started 1.3s MediaWiki setup completed. Available dumps: 1. 31_05_23.Noobs 2. 30_03_23.Noobs 3. 28_04_24.Noobs 4. 28_04_23.Noobs 5. 26_06_23.Noobs 6. 26_05_23.Noobs 7. 26_04_23.Noobs 8. 23_04_23.Noobs 9. 23_03_23.Noobs 10. 21_06_23.Noobs 11. 21_05_23.Noobs 12. 21_04_23.Noobs 13. 20_03_23.Noobs 14. 17_04_23.Noobs 15. 16_06_23.Noobs 16. 16_05_23.Noobs 17. 11_07_23.Noobs 18. 11_06_23.Noobs 19. 11_05_23.Noobs 20. 06_07_23.Noobs 21. 06_06_23.Noobs 22. 06_05_23.Noobs 23. 04_05_23.Noobs 24. 01_07_23.Noobs 25. 01_06_23.Noobs 26. 01_05_23.Noobs Enter the number of the dump you want to download: 3 Downloading 28_04_24.Noobs.xml... Importing XML dump into MediaWiki... Done! You might want to run rebuildrecentchanges.php to regenerate RecentChanges, and initSiteStats.php to update page and revision counts Import completed successfully. </pre> == Post-Setup Maintenance == Now, we need to rebuild our wiki so that the database reflects our imported content. === Login to Container for Maintenance === * Syntax:<code>docker exec -it <directory_name>-<service>-1 /bin/bash</code> ** use:<code>docker container ls</code> to see container and service names. <source lang="bash"> docker exec -it noobwiki-mediawiki-1 /bin/bash </source> * Run maintenance scripts: <source lang="bash"> php maintenance/initSiteStats.php php maintenance/rebuildrecentchanges.php php maintenance/rebuildall.php </source> * Exit the container: <source lang="bash"> exit </source> === Verify Wiki Content === * Check all pages have loaded by visiting: <source lang="bash"> http://127.0.0.1:8080/index.php/Special:AllPages </source> Here's the section in raw MediaWiki syntax: == Network Configuration == By default, your wiki might only be accessible from the host machine where Docker is running, using <code>localhost</code> or <code>127.0.0.1</code>. However, if you want others on your network to access your wiki, you need to make some adjustments. '''Current Setup:''' The computer running Docker Compose has an IP address of <code>192.168.0.44</code>. * You can find the IP address of your computer running Docker using the command: <code>ip addr</code><br> <div class="toccolours mw-collapsible mw-collapsed"> OutPut from <code>ip addr</code> <div class="mw-collapsible-content"> <pre> noob@noob-HP-EliteDesk-800-G1-DM:~$ ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host noprefixroute valid_lft forever preferred_lft forever 2: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 8c:dc:d4:3d:93:49 brd ff:ff:ff:ff:ff:ff altname enp0s25 3: wlxe8de27142be2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether e8:de:27:14:2b:e2 brd ff:ff:ff:ff:ff:ff inet 192.168.0.44/24 brd 192.168.0.255 scope global dynamic noprefixroute wlxe8de27142be2 valid_lft 86357sec preferred_lft 86357sec inet6 fe80::afbe:cc73:73a2:fcdf/64 scope link noprefixroute valid_lft forever preferred_lft forever </pre> </div> </div> My IP is <code>192.168.0.44</code> If someone from another computer on the network tries to visit <code>192.168.0.44:8080</code>, they might encounter a "cannot connect" error. This happens because MediaWiki, by default, redirects to <code>127.0.0.1:8080</code>, which is only accessible from the host machine itself. '''Solution:''' To allow access from other devices on the same network, you need to: * '''Edit the <code>LocalSettings.php</code> File:''' This isn't done inside the Docker container but rather in the directory where your <code>docker-compose.yml</code> file is located. Here, you need to change the server URL configuration. * '''Modify URL Configuration:''' On lines 34-35 of <code>LocalSettings.php</code>, you'll find the following: === Allowing Access from Other Network Devices === * Edit <code>LocalSettings.php</code> in the Docker Compose directory to change the server URL: <source lang="php"> ## The protocol and server name to use in fully-qualified URLs $wgServer = 'http://192.168.0.44:8080'; </source> * Restart Docker to apply changes: <source lang="bash"> docker-compose restart </source> This allows access to your wiki from other devices on the network using <code>192.168.0.44:8080</code>. This adjustment tells MediaWiki to use the network IP of the host (<code>192.168.0.44</code>) instead of the local loopback (<code>127.0.0.1</code>), allowing other devices on the network to access the wiki through <code>192.168.0.44:8080</code>. Even after this change, <code>localhost:8080</code> or <code>127.0.0.1:8080</code> will still work on the host machine, but now the wiki is also accessible via the network IP from other devices. qeyzn0gjargiphl61yuaftqt64vc5ms 477 468 2025-02-17T09:51:33Z AwesomO 5 /* Configure User Permissions */ 477 wikitext text/x-wiki ==Starting Environment== * '''Hardware''': HP EliteDesk 800 G1 * '''Operating System''': Ubuntu-Mate 24.04 * '''Installation Type''': Fresh Install * '''Initial Setup Post-Install''': Package Update: <code>sudo apt update && sudo apt upgrade -y</code> * '''Additional Software''': Installed just to record screen for this tut and not needed <code>sudo apt install simplescreenrecorder</code> == Docker Installation Guide == === Preparation === Before we begin, make sure you're logged in with a user account that has sudo privileges. === Update System Packages === Update your package list to ensure you have the latest versions of packages: <source lang="bash"> sudo apt update </source> === Install Docker Prerequisites === Install the necessary packages for Docker setup: <source lang="bash"> sudo apt install -y apt-transport-https ca-certificates curl software-properties-common </source> === Setup Docker Repository === * '''Add Docker's Official GPG Key''': <source lang="bash"> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg </source> * '''Add the Docker Repository''': <source lang="bash"> echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null </source> === Install Docker and Docker Compose === * '''Update Package List Again''': <source lang="bash"> sudo apt update </source> * '''Install Docker Engine, CLI, Containerd, and Additional Tools''': <source lang="bash"> sudo apt install -y docker-ce docker-ce-cli containerd.io python3-bs4 python3-requests docker-compose </source> * '''Install Docker Compose''': Here we're downloading the latest version of Docker Compose: <source lang="bash"> sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose </source> Make the Docker Compose binary executable: <source lang="bash"> sudo chmod +x /usr/local/bin/docker-compose </source> === Verify Installation === Check if Docker and Docker Compose are installed correctly: <source lang="bash"> docker --version docker-compose --version </source> === Configure User Permissions === To run Docker commands without <code>sudo</code>, add your user to the <code>docker</code> group: <source lang="bash"> sudo usermod -aG docker $USER </source> '''Note''': After adding your user to the docker group, you'll need to '''log out and log back in''' for the changes to take effect. If you do not log out and back in, Or you do not add your $USER to the docker group, you will be required to use sudo in some cases. such as .. <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip: <div class="mw-collapsible-content"> <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. Remember, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> = Creating a Wiki and Importing an XML Dump = == Setup the Wiki Environment == === Create Directory for the Wiki === <source lang="bash"> mkdir noobwiki cd noobwiki </source> === Create Docker Compose File === Edit your <code>docker-compose.yml</code> file: * [[SET$EDITOR|set editor]] <source lang="bash"> $EDITOR docker-compose.yml </source> '''Contents of <code>docker-compose.yml</code>''': <source lang="yaml"> services: database: image: mysql:5.7 environment: MYSQL_DATABASE: my_wiki MYSQL_USER: wikiuser MYSQL_PASSWORD: wikipass MYSQL_RANDOM_ROOT_PASSWORD: 'yes' volumes: - ./mysql_data:/var/lib/mysql mediawiki: image: mediawiki ports: - 8080:80 links: - database volumes: - ./mediawiki_data:/var/www/html/images # - ./LocalSettings.php:/var/www/html/LocalSettings.php # This line is commented out initially </source> '''Note:''' The <code>LocalSettings.php</code> volume mapping is commented out to prevent automatic creation during initial setup. == Python Script for Setup and XML Import == === Script Details === Create a Python script to automate the setup and import process: <source lang="bash"> $EDITOR setup_and_import.py </source> '''Contents of <code>setup_and_import.py</code>''': <source lang="python"> import os import time import requests from bs4 import BeautifulSoup import re import subprocess import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def get_available_dumps(): response = requests.get(BASE_URL) soup = BeautifulSoup(response.text, 'html.parser') dumps = [] for link in soup.find_all('a'): href = link.get('href') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', href): dumps.append(href.rstrip('/')) return sorted(dumps, reverse=True) def get_dump_files(dump): response = requests.get(BASE_URL + dump) soup = BeautifulSoup(response.text, 'html.parser') files = {} for link in soup.find_all('a'): href = link.get('href') if href.endswith('.xml'): files[href] = link.next_sibling.strip() return files def download_file(url, filename): response = requests.get(url) with open(filename, 'wb') as f: f.write(response.content) def run_command(command): process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) output, error = process.communicate() return output.decode(), error.decode(), process.returncode def setup_mediawiki(): print("Setting up MediaWiki...") os.system("docker-compose up -d") time.sleep(10) # Wait for services to start print("Please complete the MediaWiki installation by visiting http://localhost:8080") print("Use the following database settings:") print("Database host: database") print("Database name: my_wiki") print("Database username: wikiuser") print("Database password: wikipass") input("Press Enter when you have completed the installation and downloaded LocalSettings.php...") if not os.path.exists('LocalSettings.php'): print("LocalSettings.php not found. Please place it in the current directory.") sys.exit(1) os.system("docker-compose restart mediawiki") print("MediaWiki setup completed.") def import_xml_to_mediawiki(xml_file): command = f"docker-compose exec -T mediawiki php maintenance/importDump.php < {xml_file}" output, error, return_code = run_command(command) if return_code != 0: print(f"Error importing XML: {error}") sys.exit(1) print(output) def main(): if not os.path.exists('LocalSettings.php'): setup_mediawiki() dumps = get_available_dumps() print("Available dumps:") for i, dump in enumerate(dumps): print(f"{i + 1}. {dump}") choice = int(input("Enter the number of the dump you want to download: ")) - 1 selected_dump = dumps[choice] files = get_dump_files(selected_dump) xml_file = next(iter(files)) print(f"Downloading {xml_file}...") download_file(BASE_URL + selected_dump + '/' + xml_file, xml_file) print("Importing XML dump into MediaWiki...") import_xml_to_mediawiki(xml_file) print("Import completed successfully.") if __name__ == "__main__": main()</source> === Running the Script === <source lang="bash"> python3 setup_and_import.py </source> <div class="toccolours mw-collapsible mw-collapsed"> '''Terminal Output: when script running at this stage: <div class="mw-collapsible-content"> <pre> noob@noob-elite:~/wiki$ python3 setup_and_import.py Setting up MediaWiki... WARN[0000] /home/noob/wiki/docker-compose.yml: the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion [+] Running 33/2 ✔ database Pulled 54.0s ✔ mediawiki Pulled 95.0s [+] Running 3/3 ✔ Network wiki_default Created 0.1s ✔ Container wiki-database-1 Started 0.3s ✔ Container wiki-mediawiki-1 Started 0.5s Please complete the MediaWiki installation by visiting http://localhost:8080 Use the following database settings: Database host: database Database name: my_wiki Database username: wikiuser Database password: wikipass Press Enter when you have completed the installation and downloaded LocalSettings.php... </pre> </div> </div> === Script Execution Steps === * '''Initial Setup:''' The script starts Docker containers and waits for MediaWiki installation. * '''Manual Steps:''' ** Leave the script terminal running. ** Open a new terminal for further commands. ** Visit <code>http://localhost:8080</code> in your browser to complete the MediaWiki setup using: *** Database host: <code>database</code> *** Database name: <code>my_wiki</code> *** Database username: <code>wikiuser</code> *** Database password: <code>wikipass</code> * '''Post Installation:''' ** Download <code>LocalSettings.php</code> from the browser. ** This Downloads to your <code>Downloads</code> directory, move/copy to your <code>noobwiki</code> directory. ** Stop the containers: *** NOTE: <code>docker-compose</code> commands are ment to be run in direcotry containing the docker-compose.yml file Or you need to use <code>docker-compose -f /path/to/docker-compose.yml down -v</code> <source lang="bash"> docker-compose down -v </source> ** Uncomment the <code>LocalSettings.php</code> volume mapping in <code>docker-compose.yml</code>. <source lang="bash"> $EDITOR docker-compose.yml</source> <div class="toccolours mw-collapsible mw-collapsed"> <code>docker-compose.yml</code> After uncommenting: <div class="mw-collapsible-content"> <pre> services: database: image: mysql:5.7 environment: MYSQL_DATABASE: my_wiki MYSQL_USER: wikiuser MYSQL_PASSWORD: wikipass MYSQL_RANDOM_ROOT_PASSWORD: 'yes' volumes: - ./mysql_data:/var/lib/mysql mediawiki: image: mediawiki ports: - 8080:80 links: - database volumes: - ./mediawiki_data:/var/www/html/images - ./LocalSettings.php:/var/www/html/LocalSettings.php # This line is commented out initially </pre> </div> </div> ** Restart Docker: <source lang="bash"> docker-compose up -d </source> * '''Return to Script Terminal:''' ** Press Enter to continue with XML dump selection and import. ===Post LocalSettings.php script=== After returning to script and pressing Enter, the script will scan xml.completenoobs.com and give you a list of wiki dumps with a Number on the left and a date. * Enter number to select a dated xml <pre> Press Enter when you have completed the installation and downloaded LocalSettings.php... [+] Restarting 1/1 ✔ Container wiki-mediawiki-1 Started 1.3s MediaWiki setup completed. Available dumps: 1. 31_05_23.Noobs 2. 30_03_23.Noobs 3. 28_04_24.Noobs 4. 28_04_23.Noobs 5. 26_06_23.Noobs 6. 26_05_23.Noobs 7. 26_04_23.Noobs 8. 23_04_23.Noobs 9. 23_03_23.Noobs 10. 21_06_23.Noobs 11. 21_05_23.Noobs 12. 21_04_23.Noobs 13. 20_03_23.Noobs 14. 17_04_23.Noobs 15. 16_06_23.Noobs 16. 16_05_23.Noobs 17. 11_07_23.Noobs 18. 11_06_23.Noobs 19. 11_05_23.Noobs 20. 06_07_23.Noobs 21. 06_06_23.Noobs 22. 06_05_23.Noobs 23. 04_05_23.Noobs 24. 01_07_23.Noobs 25. 01_06_23.Noobs 26. 01_05_23.Noobs Enter the number of the dump you want to download: 3 Downloading 28_04_24.Noobs.xml... Importing XML dump into MediaWiki... Done! You might want to run rebuildrecentchanges.php to regenerate RecentChanges, and initSiteStats.php to update page and revision counts Import completed successfully. </pre> == Post-Setup Maintenance == Now, we need to rebuild our wiki so that the database reflects our imported content. === Login to Container for Maintenance === * Syntax:<code>docker exec -it <directory_name>-<service>-1 /bin/bash</code> ** use:<code>docker container ls</code> to see container and service names. <source lang="bash"> docker exec -it noobwiki-mediawiki-1 /bin/bash </source> * Run maintenance scripts: <source lang="bash"> php maintenance/initSiteStats.php php maintenance/rebuildrecentchanges.php php maintenance/rebuildall.php </source> * Exit the container: <source lang="bash"> exit </source> === Verify Wiki Content === * Check all pages have loaded by visiting: <source lang="bash"> http://127.0.0.1:8080/index.php/Special:AllPages </source> Here's the section in raw MediaWiki syntax: == Network Configuration == By default, your wiki might only be accessible from the host machine where Docker is running, using <code>localhost</code> or <code>127.0.0.1</code>. However, if you want others on your network to access your wiki, you need to make some adjustments. '''Current Setup:''' The computer running Docker Compose has an IP address of <code>192.168.0.44</code>. * You can find the IP address of your computer running Docker using the command: <code>ip addr</code><br> <div class="toccolours mw-collapsible mw-collapsed"> OutPut from <code>ip addr</code> <div class="mw-collapsible-content"> <pre> noob@noob-HP-EliteDesk-800-G1-DM:~$ ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host noprefixroute valid_lft forever preferred_lft forever 2: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 8c:dc:d4:3d:93:49 brd ff:ff:ff:ff:ff:ff altname enp0s25 3: wlxe8de27142be2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether e8:de:27:14:2b:e2 brd ff:ff:ff:ff:ff:ff inet 192.168.0.44/24 brd 192.168.0.255 scope global dynamic noprefixroute wlxe8de27142be2 valid_lft 86357sec preferred_lft 86357sec inet6 fe80::afbe:cc73:73a2:fcdf/64 scope link noprefixroute valid_lft forever preferred_lft forever </pre> </div> </div> My IP is <code>192.168.0.44</code> If someone from another computer on the network tries to visit <code>192.168.0.44:8080</code>, they might encounter a "cannot connect" error. This happens because MediaWiki, by default, redirects to <code>127.0.0.1:8080</code>, which is only accessible from the host machine itself. '''Solution:''' To allow access from other devices on the same network, you need to: * '''Edit the <code>LocalSettings.php</code> File:''' This isn't done inside the Docker container but rather in the directory where your <code>docker-compose.yml</code> file is located. Here, you need to change the server URL configuration. * '''Modify URL Configuration:''' On lines 34-35 of <code>LocalSettings.php</code>, you'll find the following: === Allowing Access from Other Network Devices === * Edit <code>LocalSettings.php</code> in the Docker Compose directory to change the server URL: <source lang="php"> ## The protocol and server name to use in fully-qualified URLs $wgServer = 'http://192.168.0.44:8080'; </source> * Restart Docker to apply changes: <source lang="bash"> docker-compose restart </source> This allows access to your wiki from other devices on the network using <code>192.168.0.44:8080</code>. This adjustment tells MediaWiki to use the network IP of the host (<code>192.168.0.44</code>) instead of the local loopback (<code>127.0.0.1</code>), allowing other devices on the network to access the wiki through <code>192.168.0.44:8080</code>. Even after this change, <code>localhost:8080</code> or <code>127.0.0.1:8080</code> will still work on the host machine, but now the wiki is also accessible via the network IP from other devices. tfzy61n0sk0sm2lvb4tjekzzd27lv5z 478 477 2025-02-19T20:32:37Z AwesomO 5 478 wikitext text/x-wiki ==Starting Environment== * '''Hardware''': HP EliteDesk 800 G1 * '''Operating System''': Ubuntu-Mate 24.04 * '''Installation Type''': Fresh Install * '''Initial Setup Post-Install''': Package Update: <code>sudo apt update && sudo apt upgrade -y</code> * '''Additional Software''': Installed just to record screen for this tut and not needed <code>sudo apt install simplescreenrecorder</code> == Docker Installation Guide == <youtube>https://www.youtube.com/watch?v=MheOIG2KiTI</youtube> === Preparation === Before we begin, make sure you're logged in with a user account that has sudo privileges. === Update System Packages === Update your package list to ensure you have the latest versions of packages: <source lang="bash"> sudo apt update </source> === Install Docker Prerequisites === Install the necessary packages for Docker setup: <source lang="bash"> sudo apt install -y apt-transport-https ca-certificates curl software-properties-common </source> === Setup Docker Repository === * '''Add Docker's Official GPG Key''': <source lang="bash"> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg </source> * '''Add the Docker Repository''': <source lang="bash"> echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null </source> === Install Docker and Docker Compose === * '''Update Package List Again''': <source lang="bash"> sudo apt update </source> * '''Install Docker Engine, CLI, Containerd, and Additional Tools''': <source lang="bash"> sudo apt install -y docker-ce docker-ce-cli containerd.io python3-bs4 python3-requests docker-compose </source> * '''Install Docker Compose''': Here we're downloading the latest version of Docker Compose: <source lang="bash"> sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose </source> Make the Docker Compose binary executable: <source lang="bash"> sudo chmod +x /usr/local/bin/docker-compose </source> === Verify Installation === Check if Docker and Docker Compose are installed correctly: <source lang="bash"> docker --version docker-compose --version </source> === Configure User Permissions === To run Docker commands without <code>sudo</code>, add your user to the <code>docker</code> group: <source lang="bash"> sudo usermod -aG docker $USER </source> '''Note''': After adding your user to the docker group, you'll need to '''log out and log back in''' for the changes to take effect. If you do not log out and back in, Or you do not add your $USER to the docker group, you will be required to use sudo in some cases. such as .. <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip: <div class="mw-collapsible-content"> <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. Remember, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> = Creating a Wiki and Importing an XML Dump = == Setup the Wiki Environment == === Create Directory for the Wiki === <source lang="bash"> mkdir noobwiki cd noobwiki </source> === Create Docker Compose File === Edit your <code>docker-compose.yml</code> file: * [[SET$EDITOR|set editor]] <source lang="bash"> $EDITOR docker-compose.yml </source> '''Contents of <code>docker-compose.yml</code>''': <source lang="yaml"> services: database: image: mysql:5.7 environment: MYSQL_DATABASE: my_wiki MYSQL_USER: wikiuser MYSQL_PASSWORD: wikipass MYSQL_RANDOM_ROOT_PASSWORD: 'yes' volumes: - ./mysql_data:/var/lib/mysql mediawiki: image: mediawiki ports: - 8080:80 links: - database volumes: - ./mediawiki_data:/var/www/html/images # - ./LocalSettings.php:/var/www/html/LocalSettings.php # This line is commented out initially </source> '''Note:''' The <code>LocalSettings.php</code> volume mapping is commented out to prevent automatic creation during initial setup. == Python Script for Setup and XML Import == === Script Details === Create a Python script to automate the setup and import process: <source lang="bash"> $EDITOR setup_and_import.py </source> '''Contents of <code>setup_and_import.py</code>''': <source lang="python"> import os import time import requests from bs4 import BeautifulSoup import re import subprocess import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def get_available_dumps(): response = requests.get(BASE_URL) soup = BeautifulSoup(response.text, 'html.parser') dumps = [] for link in soup.find_all('a'): href = link.get('href') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', href): dumps.append(href.rstrip('/')) return sorted(dumps, reverse=True) def get_dump_files(dump): response = requests.get(BASE_URL + dump) soup = BeautifulSoup(response.text, 'html.parser') files = {} for link in soup.find_all('a'): href = link.get('href') if href.endswith('.xml'): files[href] = link.next_sibling.strip() return files def download_file(url, filename): response = requests.get(url) with open(filename, 'wb') as f: f.write(response.content) def run_command(command): process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) output, error = process.communicate() return output.decode(), error.decode(), process.returncode def setup_mediawiki(): print("Setting up MediaWiki...") os.system("docker-compose up -d") time.sleep(10) # Wait for services to start print("Please complete the MediaWiki installation by visiting http://localhost:8080") print("Use the following database settings:") print("Database host: database") print("Database name: my_wiki") print("Database username: wikiuser") print("Database password: wikipass") input("Press Enter when you have completed the installation and downloaded LocalSettings.php...") if not os.path.exists('LocalSettings.php'): print("LocalSettings.php not found. Please place it in the current directory.") sys.exit(1) os.system("docker-compose restart mediawiki") print("MediaWiki setup completed.") def import_xml_to_mediawiki(xml_file): command = f"docker-compose exec -T mediawiki php maintenance/importDump.php < {xml_file}" output, error, return_code = run_command(command) if return_code != 0: print(f"Error importing XML: {error}") sys.exit(1) print(output) def main(): if not os.path.exists('LocalSettings.php'): setup_mediawiki() dumps = get_available_dumps() print("Available dumps:") for i, dump in enumerate(dumps): print(f"{i + 1}. {dump}") choice = int(input("Enter the number of the dump you want to download: ")) - 1 selected_dump = dumps[choice] files = get_dump_files(selected_dump) xml_file = next(iter(files)) print(f"Downloading {xml_file}...") download_file(BASE_URL + selected_dump + '/' + xml_file, xml_file) print("Importing XML dump into MediaWiki...") import_xml_to_mediawiki(xml_file) print("Import completed successfully.") if __name__ == "__main__": main()</source> === Running the Script === <source lang="bash"> python3 setup_and_import.py </source> <div class="toccolours mw-collapsible mw-collapsed"> '''Terminal Output: when script running at this stage: <div class="mw-collapsible-content"> <pre> noob@noob-elite:~/wiki$ python3 setup_and_import.py Setting up MediaWiki... WARN[0000] /home/noob/wiki/docker-compose.yml: the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion [+] Running 33/2 ✔ database Pulled 54.0s ✔ mediawiki Pulled 95.0s [+] Running 3/3 ✔ Network wiki_default Created 0.1s ✔ Container wiki-database-1 Started 0.3s ✔ Container wiki-mediawiki-1 Started 0.5s Please complete the MediaWiki installation by visiting http://localhost:8080 Use the following database settings: Database host: database Database name: my_wiki Database username: wikiuser Database password: wikipass Press Enter when you have completed the installation and downloaded LocalSettings.php... </pre> </div> </div> === Script Execution Steps === * '''Initial Setup:''' The script starts Docker containers and waits for MediaWiki installation. * '''Manual Steps:''' ** Leave the script terminal running. ** Open a new terminal for further commands. ** Visit <code>http://localhost:8080</code> in your browser to complete the MediaWiki setup using: *** Database host: <code>database</code> *** Database name: <code>my_wiki</code> *** Database username: <code>wikiuser</code> *** Database password: <code>wikipass</code> * '''Post Installation:''' ** Download <code>LocalSettings.php</code> from the browser. ** This Downloads to your <code>Downloads</code> directory, move/copy to your <code>noobwiki</code> directory. ** Stop the containers: *** NOTE: <code>docker-compose</code> commands are ment to be run in direcotry containing the docker-compose.yml file Or you need to use <code>docker-compose -f /path/to/docker-compose.yml down -v</code> <source lang="bash"> docker-compose down -v </source> ** Uncomment the <code>LocalSettings.php</code> volume mapping in <code>docker-compose.yml</code>. <source lang="bash"> $EDITOR docker-compose.yml</source> <div class="toccolours mw-collapsible mw-collapsed"> <code>docker-compose.yml</code> After uncommenting: <div class="mw-collapsible-content"> <pre> services: database: image: mysql:5.7 environment: MYSQL_DATABASE: my_wiki MYSQL_USER: wikiuser MYSQL_PASSWORD: wikipass MYSQL_RANDOM_ROOT_PASSWORD: 'yes' volumes: - ./mysql_data:/var/lib/mysql mediawiki: image: mediawiki ports: - 8080:80 links: - database volumes: - ./mediawiki_data:/var/www/html/images - ./LocalSettings.php:/var/www/html/LocalSettings.php # This line is commented out initially </pre> </div> </div> ** Restart Docker: <source lang="bash"> docker-compose up -d </source> * '''Return to Script Terminal:''' ** Press Enter to continue with XML dump selection and import. ===Post LocalSettings.php script=== After returning to script and pressing Enter, the script will scan xml.completenoobs.com and give you a list of wiki dumps with a Number on the left and a date. * Enter number to select a dated xml <pre> Press Enter when you have completed the installation and downloaded LocalSettings.php... [+] Restarting 1/1 ✔ Container wiki-mediawiki-1 Started 1.3s MediaWiki setup completed. Available dumps: 1. 31_05_23.Noobs 2. 30_03_23.Noobs 3. 28_04_24.Noobs 4. 28_04_23.Noobs 5. 26_06_23.Noobs 6. 26_05_23.Noobs 7. 26_04_23.Noobs 8. 23_04_23.Noobs 9. 23_03_23.Noobs 10. 21_06_23.Noobs 11. 21_05_23.Noobs 12. 21_04_23.Noobs 13. 20_03_23.Noobs 14. 17_04_23.Noobs 15. 16_06_23.Noobs 16. 16_05_23.Noobs 17. 11_07_23.Noobs 18. 11_06_23.Noobs 19. 11_05_23.Noobs 20. 06_07_23.Noobs 21. 06_06_23.Noobs 22. 06_05_23.Noobs 23. 04_05_23.Noobs 24. 01_07_23.Noobs 25. 01_06_23.Noobs 26. 01_05_23.Noobs Enter the number of the dump you want to download: 3 Downloading 28_04_24.Noobs.xml... Importing XML dump into MediaWiki... Done! You might want to run rebuildrecentchanges.php to regenerate RecentChanges, and initSiteStats.php to update page and revision counts Import completed successfully. </pre> == Post-Setup Maintenance == Now, we need to rebuild our wiki so that the database reflects our imported content. === Login to Container for Maintenance === * Syntax:<code>docker exec -it <directory_name>-<service>-1 /bin/bash</code> ** use:<code>docker container ls</code> to see container and service names. <source lang="bash"> docker exec -it noobwiki-mediawiki-1 /bin/bash </source> * Run maintenance scripts: <source lang="bash"> php maintenance/initSiteStats.php php maintenance/rebuildrecentchanges.php php maintenance/rebuildall.php </source> * Exit the container: <source lang="bash"> exit </source> === Verify Wiki Content === * Check all pages have loaded by visiting: <source lang="bash"> http://127.0.0.1:8080/index.php/Special:AllPages </source> Here's the section in raw MediaWiki syntax: == Network Configuration == By default, your wiki might only be accessible from the host machine where Docker is running, using <code>localhost</code> or <code>127.0.0.1</code>. However, if you want others on your network to access your wiki, you need to make some adjustments. '''Current Setup:''' The computer running Docker Compose has an IP address of <code>192.168.0.44</code>. * You can find the IP address of your computer running Docker using the command: <code>ip addr</code><br> <div class="toccolours mw-collapsible mw-collapsed"> OutPut from <code>ip addr</code> <div class="mw-collapsible-content"> <pre> noob@noob-HP-EliteDesk-800-G1-DM:~$ ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host noprefixroute valid_lft forever preferred_lft forever 2: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 8c:dc:d4:3d:93:49 brd ff:ff:ff:ff:ff:ff altname enp0s25 3: wlxe8de27142be2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether e8:de:27:14:2b:e2 brd ff:ff:ff:ff:ff:ff inet 192.168.0.44/24 brd 192.168.0.255 scope global dynamic noprefixroute wlxe8de27142be2 valid_lft 86357sec preferred_lft 86357sec inet6 fe80::afbe:cc73:73a2:fcdf/64 scope link noprefixroute valid_lft forever preferred_lft forever </pre> </div> </div> My IP is <code>192.168.0.44</code> If someone from another computer on the network tries to visit <code>192.168.0.44:8080</code>, they might encounter a "cannot connect" error. This happens because MediaWiki, by default, redirects to <code>127.0.0.1:8080</code>, which is only accessible from the host machine itself. '''Solution:''' To allow access from other devices on the same network, you need to: * '''Edit the <code>LocalSettings.php</code> File:''' This isn't done inside the Docker container but rather in the directory where your <code>docker-compose.yml</code> file is located. Here, you need to change the server URL configuration. * '''Modify URL Configuration:''' On lines 34-35 of <code>LocalSettings.php</code>, you'll find the following: === Allowing Access from Other Network Devices === * Edit <code>LocalSettings.php</code> in the Docker Compose directory to change the server URL: <source lang="php"> ## The protocol and server name to use in fully-qualified URLs $wgServer = 'http://192.168.0.44:8080'; </source> * Restart Docker to apply changes: <source lang="bash"> docker-compose restart </source> This allows access to your wiki from other devices on the network using <code>192.168.0.44:8080</code>. This adjustment tells MediaWiki to use the network IP of the host (<code>192.168.0.44</code>) instead of the local loopback (<code>127.0.0.1</code>), allowing other devices on the network to access the wiki through <code>192.168.0.44:8080</code>. Even after this change, <code>localhost:8080</code> or <code>127.0.0.1:8080</code> will still work on the host machine, but now the wiki is also accessible via the network IP from other devices. p8zwhgvc1rjwzany7sw1gug1yni93oh 579 478 2025-06-21T01:44:03Z AwesomO 5 /* Login to Container for Maintenance */ 579 wikitext text/x-wiki ==Starting Environment== * '''Hardware''': HP EliteDesk 800 G1 * '''Operating System''': Ubuntu-Mate 24.04 * '''Installation Type''': Fresh Install * '''Initial Setup Post-Install''': Package Update: <code>sudo apt update && sudo apt upgrade -y</code> * '''Additional Software''': Installed just to record screen for this tut and not needed <code>sudo apt install simplescreenrecorder</code> == Docker Installation Guide == <youtube>https://www.youtube.com/watch?v=MheOIG2KiTI</youtube> === Preparation === Before we begin, make sure you're logged in with a user account that has sudo privileges. === Update System Packages === Update your package list to ensure you have the latest versions of packages: <source lang="bash"> sudo apt update </source> === Install Docker Prerequisites === Install the necessary packages for Docker setup: <source lang="bash"> sudo apt install -y apt-transport-https ca-certificates curl software-properties-common </source> === Setup Docker Repository === * '''Add Docker's Official GPG Key''': <source lang="bash"> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg </source> * '''Add the Docker Repository''': <source lang="bash"> echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null </source> === Install Docker and Docker Compose === * '''Update Package List Again''': <source lang="bash"> sudo apt update </source> * '''Install Docker Engine, CLI, Containerd, and Additional Tools''': <source lang="bash"> sudo apt install -y docker-ce docker-ce-cli containerd.io python3-bs4 python3-requests docker-compose </source> * '''Install Docker Compose''': Here we're downloading the latest version of Docker Compose: <source lang="bash"> sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose </source> Make the Docker Compose binary executable: <source lang="bash"> sudo chmod +x /usr/local/bin/docker-compose </source> === Verify Installation === Check if Docker and Docker Compose are installed correctly: <source lang="bash"> docker --version docker-compose --version </source> === Configure User Permissions === To run Docker commands without <code>sudo</code>, add your user to the <code>docker</code> group: <source lang="bash"> sudo usermod -aG docker $USER </source> '''Note''': After adding your user to the docker group, you'll need to '''log out and log back in''' for the changes to take effect. If you do not log out and back in, Or you do not add your $USER to the docker group, you will be required to use sudo in some cases. such as .. <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip: <div class="mw-collapsible-content"> <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. Remember, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> = Creating a Wiki and Importing an XML Dump = == Setup the Wiki Environment == === Create Directory for the Wiki === <source lang="bash"> mkdir noobwiki cd noobwiki </source> === Create Docker Compose File === Edit your <code>docker-compose.yml</code> file: * [[SET$EDITOR|set editor]] <source lang="bash"> $EDITOR docker-compose.yml </source> '''Contents of <code>docker-compose.yml</code>''': <source lang="yaml"> services: database: image: mysql:5.7 environment: MYSQL_DATABASE: my_wiki MYSQL_USER: wikiuser MYSQL_PASSWORD: wikipass MYSQL_RANDOM_ROOT_PASSWORD: 'yes' volumes: - ./mysql_data:/var/lib/mysql mediawiki: image: mediawiki ports: - 8080:80 links: - database volumes: - ./mediawiki_data:/var/www/html/images # - ./LocalSettings.php:/var/www/html/LocalSettings.php # This line is commented out initially </source> '''Note:''' The <code>LocalSettings.php</code> volume mapping is commented out to prevent automatic creation during initial setup. == Python Script for Setup and XML Import == === Script Details === Create a Python script to automate the setup and import process: <source lang="bash"> $EDITOR setup_and_import.py </source> '''Contents of <code>setup_and_import.py</code>''': <source lang="python"> import os import time import requests from bs4 import BeautifulSoup import re import subprocess import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def get_available_dumps(): response = requests.get(BASE_URL) soup = BeautifulSoup(response.text, 'html.parser') dumps = [] for link in soup.find_all('a'): href = link.get('href') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', href): dumps.append(href.rstrip('/')) return sorted(dumps, reverse=True) def get_dump_files(dump): response = requests.get(BASE_URL + dump) soup = BeautifulSoup(response.text, 'html.parser') files = {} for link in soup.find_all('a'): href = link.get('href') if href.endswith('.xml'): files[href] = link.next_sibling.strip() return files def download_file(url, filename): response = requests.get(url) with open(filename, 'wb') as f: f.write(response.content) def run_command(command): process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) output, error = process.communicate() return output.decode(), error.decode(), process.returncode def setup_mediawiki(): print("Setting up MediaWiki...") os.system("docker-compose up -d") time.sleep(10) # Wait for services to start print("Please complete the MediaWiki installation by visiting http://localhost:8080") print("Use the following database settings:") print("Database host: database") print("Database name: my_wiki") print("Database username: wikiuser") print("Database password: wikipass") input("Press Enter when you have completed the installation and downloaded LocalSettings.php...") if not os.path.exists('LocalSettings.php'): print("LocalSettings.php not found. Please place it in the current directory.") sys.exit(1) os.system("docker-compose restart mediawiki") print("MediaWiki setup completed.") def import_xml_to_mediawiki(xml_file): command = f"docker-compose exec -T mediawiki php maintenance/importDump.php < {xml_file}" output, error, return_code = run_command(command) if return_code != 0: print(f"Error importing XML: {error}") sys.exit(1) print(output) def main(): if not os.path.exists('LocalSettings.php'): setup_mediawiki() dumps = get_available_dumps() print("Available dumps:") for i, dump in enumerate(dumps): print(f"{i + 1}. {dump}") choice = int(input("Enter the number of the dump you want to download: ")) - 1 selected_dump = dumps[choice] files = get_dump_files(selected_dump) xml_file = next(iter(files)) print(f"Downloading {xml_file}...") download_file(BASE_URL + selected_dump + '/' + xml_file, xml_file) print("Importing XML dump into MediaWiki...") import_xml_to_mediawiki(xml_file) print("Import completed successfully.") if __name__ == "__main__": main()</source> === Running the Script === <source lang="bash"> python3 setup_and_import.py </source> <div class="toccolours mw-collapsible mw-collapsed"> '''Terminal Output: when script running at this stage: <div class="mw-collapsible-content"> <pre> noob@noob-elite:~/wiki$ python3 setup_and_import.py Setting up MediaWiki... WARN[0000] /home/noob/wiki/docker-compose.yml: the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion [+] Running 33/2 ✔ database Pulled 54.0s ✔ mediawiki Pulled 95.0s [+] Running 3/3 ✔ Network wiki_default Created 0.1s ✔ Container wiki-database-1 Started 0.3s ✔ Container wiki-mediawiki-1 Started 0.5s Please complete the MediaWiki installation by visiting http://localhost:8080 Use the following database settings: Database host: database Database name: my_wiki Database username: wikiuser Database password: wikipass Press Enter when you have completed the installation and downloaded LocalSettings.php... </pre> </div> </div> === Script Execution Steps === * '''Initial Setup:''' The script starts Docker containers and waits for MediaWiki installation. * '''Manual Steps:''' ** Leave the script terminal running. ** Open a new terminal for further commands. ** Visit <code>http://localhost:8080</code> in your browser to complete the MediaWiki setup using: *** Database host: <code>database</code> *** Database name: <code>my_wiki</code> *** Database username: <code>wikiuser</code> *** Database password: <code>wikipass</code> * '''Post Installation:''' ** Download <code>LocalSettings.php</code> from the browser. ** This Downloads to your <code>Downloads</code> directory, move/copy to your <code>noobwiki</code> directory. ** Stop the containers: *** NOTE: <code>docker-compose</code> commands are ment to be run in direcotry containing the docker-compose.yml file Or you need to use <code>docker-compose -f /path/to/docker-compose.yml down -v</code> <source lang="bash"> docker-compose down -v </source> ** Uncomment the <code>LocalSettings.php</code> volume mapping in <code>docker-compose.yml</code>. <source lang="bash"> $EDITOR docker-compose.yml</source> <div class="toccolours mw-collapsible mw-collapsed"> <code>docker-compose.yml</code> After uncommenting: <div class="mw-collapsible-content"> <pre> services: database: image: mysql:5.7 environment: MYSQL_DATABASE: my_wiki MYSQL_USER: wikiuser MYSQL_PASSWORD: wikipass MYSQL_RANDOM_ROOT_PASSWORD: 'yes' volumes: - ./mysql_data:/var/lib/mysql mediawiki: image: mediawiki ports: - 8080:80 links: - database volumes: - ./mediawiki_data:/var/www/html/images - ./LocalSettings.php:/var/www/html/LocalSettings.php # This line is commented out initially </pre> </div> </div> ** Restart Docker: <source lang="bash"> docker-compose up -d </source> * '''Return to Script Terminal:''' ** Press Enter to continue with XML dump selection and import. ===Post LocalSettings.php script=== After returning to script and pressing Enter, the script will scan xml.completenoobs.com and give you a list of wiki dumps with a Number on the left and a date. * Enter number to select a dated xml <pre> Press Enter when you have completed the installation and downloaded LocalSettings.php... [+] Restarting 1/1 ✔ Container wiki-mediawiki-1 Started 1.3s MediaWiki setup completed. Available dumps: 1. 31_05_23.Noobs 2. 30_03_23.Noobs 3. 28_04_24.Noobs 4. 28_04_23.Noobs 5. 26_06_23.Noobs 6. 26_05_23.Noobs 7. 26_04_23.Noobs 8. 23_04_23.Noobs 9. 23_03_23.Noobs 10. 21_06_23.Noobs 11. 21_05_23.Noobs 12. 21_04_23.Noobs 13. 20_03_23.Noobs 14. 17_04_23.Noobs 15. 16_06_23.Noobs 16. 16_05_23.Noobs 17. 11_07_23.Noobs 18. 11_06_23.Noobs 19. 11_05_23.Noobs 20. 06_07_23.Noobs 21. 06_06_23.Noobs 22. 06_05_23.Noobs 23. 04_05_23.Noobs 24. 01_07_23.Noobs 25. 01_06_23.Noobs 26. 01_05_23.Noobs Enter the number of the dump you want to download: 3 Downloading 28_04_24.Noobs.xml... Importing XML dump into MediaWiki... Done! You might want to run rebuildrecentchanges.php to regenerate RecentChanges, and initSiteStats.php to update page and revision counts Import completed successfully. </pre> == Post-Setup Maintenance == Now, we need to rebuild our wiki so that the database reflects our imported content. === Login to Container for Maintenance === * Syntax:<code>docker exec -it <container_name_and_service>-1 /bin/bash</code> ** use:<code>docker container ls</code> or <code>docker ps</code> to see container and service names. <source lang="bash"> docker exec -it noobwiki-mediawiki-1 /bin/bash </source> * Run maintenance scripts: <source lang="bash"> php maintenance/initSiteStats.php php maintenance/rebuildrecentchanges.php php maintenance/rebuildall.php </source> * Exit the container: <source lang="bash"> exit </source> === Verify Wiki Content === * Check all pages have loaded by visiting: <source lang="bash"> http://127.0.0.1:8080/index.php/Special:AllPages </source> Here's the section in raw MediaWiki syntax: == Network Configuration == By default, your wiki might only be accessible from the host machine where Docker is running, using <code>localhost</code> or <code>127.0.0.1</code>. However, if you want others on your network to access your wiki, you need to make some adjustments. '''Current Setup:''' The computer running Docker Compose has an IP address of <code>192.168.0.44</code>. * You can find the IP address of your computer running Docker using the command: <code>ip addr</code><br> <div class="toccolours mw-collapsible mw-collapsed"> OutPut from <code>ip addr</code> <div class="mw-collapsible-content"> <pre> noob@noob-HP-EliteDesk-800-G1-DM:~$ ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host noprefixroute valid_lft forever preferred_lft forever 2: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 8c:dc:d4:3d:93:49 brd ff:ff:ff:ff:ff:ff altname enp0s25 3: wlxe8de27142be2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether e8:de:27:14:2b:e2 brd ff:ff:ff:ff:ff:ff inet 192.168.0.44/24 brd 192.168.0.255 scope global dynamic noprefixroute wlxe8de27142be2 valid_lft 86357sec preferred_lft 86357sec inet6 fe80::afbe:cc73:73a2:fcdf/64 scope link noprefixroute valid_lft forever preferred_lft forever </pre> </div> </div> My IP is <code>192.168.0.44</code> If someone from another computer on the network tries to visit <code>192.168.0.44:8080</code>, they might encounter a "cannot connect" error. This happens because MediaWiki, by default, redirects to <code>127.0.0.1:8080</code>, which is only accessible from the host machine itself. '''Solution:''' To allow access from other devices on the same network, you need to: * '''Edit the <code>LocalSettings.php</code> File:''' This isn't done inside the Docker container but rather in the directory where your <code>docker-compose.yml</code> file is located. Here, you need to change the server URL configuration. * '''Modify URL Configuration:''' On lines 34-35 of <code>LocalSettings.php</code>, you'll find the following: === Allowing Access from Other Network Devices === * Edit <code>LocalSettings.php</code> in the Docker Compose directory to change the server URL: <source lang="php"> ## The protocol and server name to use in fully-qualified URLs $wgServer = 'http://192.168.0.44:8080'; </source> * Restart Docker to apply changes: <source lang="bash"> docker-compose restart </source> This allows access to your wiki from other devices on the network using <code>192.168.0.44:8080</code>. This adjustment tells MediaWiki to use the network IP of the host (<code>192.168.0.44</code>) instead of the local loopback (<code>127.0.0.1</code>), allowing other devices on the network to access the wiki through <code>192.168.0.44:8080</code>. Even after this change, <code>localhost:8080</code> or <code>127.0.0.1:8080</code> will still work on the host machine, but now the wiki is also accessible via the network IP from other devices. nqfgvcsf2d1onp3trhxhf6honcsuwuh 580 579 2025-06-21T01:52:09Z AwesomO 5 /* Script Details */ 580 wikitext text/x-wiki ==Starting Environment== * '''Hardware''': HP EliteDesk 800 G1 * '''Operating System''': Ubuntu-Mate 24.04 * '''Installation Type''': Fresh Install * '''Initial Setup Post-Install''': Package Update: <code>sudo apt update && sudo apt upgrade -y</code> * '''Additional Software''': Installed just to record screen for this tut and not needed <code>sudo apt install simplescreenrecorder</code> == Docker Installation Guide == <youtube>https://www.youtube.com/watch?v=MheOIG2KiTI</youtube> === Preparation === Before we begin, make sure you're logged in with a user account that has sudo privileges. === Update System Packages === Update your package list to ensure you have the latest versions of packages: <source lang="bash"> sudo apt update </source> === Install Docker Prerequisites === Install the necessary packages for Docker setup: <source lang="bash"> sudo apt install -y apt-transport-https ca-certificates curl software-properties-common </source> === Setup Docker Repository === * '''Add Docker's Official GPG Key''': <source lang="bash"> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg </source> * '''Add the Docker Repository''': <source lang="bash"> echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null </source> === Install Docker and Docker Compose === * '''Update Package List Again''': <source lang="bash"> sudo apt update </source> * '''Install Docker Engine, CLI, Containerd, and Additional Tools''': <source lang="bash"> sudo apt install -y docker-ce docker-ce-cli containerd.io python3-bs4 python3-requests docker-compose </source> * '''Install Docker Compose''': Here we're downloading the latest version of Docker Compose: <source lang="bash"> sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose </source> Make the Docker Compose binary executable: <source lang="bash"> sudo chmod +x /usr/local/bin/docker-compose </source> === Verify Installation === Check if Docker and Docker Compose are installed correctly: <source lang="bash"> docker --version docker-compose --version </source> === Configure User Permissions === To run Docker commands without <code>sudo</code>, add your user to the <code>docker</code> group: <source lang="bash"> sudo usermod -aG docker $USER </source> '''Note''': After adding your user to the docker group, you'll need to '''log out and log back in''' for the changes to take effect. If you do not log out and back in, Or you do not add your $USER to the docker group, you will be required to use sudo in some cases. such as .. <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip: <div class="mw-collapsible-content"> <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. Remember, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> = Creating a Wiki and Importing an XML Dump = == Setup the Wiki Environment == === Create Directory for the Wiki === <source lang="bash"> mkdir noobwiki cd noobwiki </source> === Create Docker Compose File === Edit your <code>docker-compose.yml</code> file: * [[SET$EDITOR|set editor]] <source lang="bash"> $EDITOR docker-compose.yml </source> '''Contents of <code>docker-compose.yml</code>''': <source lang="yaml"> services: database: image: mysql:5.7 environment: MYSQL_DATABASE: my_wiki MYSQL_USER: wikiuser MYSQL_PASSWORD: wikipass MYSQL_RANDOM_ROOT_PASSWORD: 'yes' volumes: - ./mysql_data:/var/lib/mysql mediawiki: image: mediawiki ports: - 8080:80 links: - database volumes: - ./mediawiki_data:/var/www/html/images # - ./LocalSettings.php:/var/www/html/LocalSettings.php # This line is commented out initially </source> '''Note:''' The <code>LocalSettings.php</code> volume mapping is commented out to prevent automatic creation during initial setup. == Python Script for Setup and XML Import == === Script Details === Create a Python script to automate the setup and import process: <source lang="bash"> $EDITOR setup_and_import.py </source> <div class="toccolours mw-collapsible mw-collapsed"> Newer Script that will list newest first - list from new to old in order: <div class="mw-collapsible-content"> * Passed early testing <source lang="python"> import os import time import requests from bs4 import BeautifulSoup import re import subprocess import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): """Parse DD_MM_YY format and return a sortable date tuple.""" match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() # Convert 2-digit year to 4-digit (assuming 00-49 = 2000-2049, 50-99 = 1950-1999) year_int = int(year) if year_int <= 49: full_year = 2000 + year_int else: full_year = 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) # fallback for unparseable names def get_available_dumps(): response = requests.get(BASE_URL) soup = BeautifulSoup(response.text, 'html.parser') dumps = [] for link in soup.find_all('a'): href = link.get('href') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', href): dumps.append(href.rstrip('/')) # Sort by actual date (newest first) return sorted(dumps, key=parse_date_from_dump, reverse=True) def get_dump_files(dump): response = requests.get(BASE_URL + dump) soup = BeautifulSoup(response.text, 'html.parser') files = {} for link in soup.find_all('a'): href = link.get('href') if href.endswith('.xml'): # Extract file info (size, date) from the next sibling text file_info = "" next_sibling = link.next_sibling if next_sibling: file_info = next_sibling.strip() files[href] = file_info # Sort XML files by name (newest first, assuming filename contains date/time info) sorted_files = dict(sorted(files.items(), key=lambda x: x[0], reverse=True)) return sorted_files def download_file(url, filename): print(f"Downloading from: {url}") response = requests.get(url, stream=True) response.raise_for_status() total_size = int(response.headers.get('content-length', 0)) downloaded = 0 with open(filename, 'wb') as f: for chunk in response.iter_content(chunk_size=8192): if chunk: f.write(chunk) downloaded += len(chunk) if total_size > 0: progress = (downloaded / total_size) * 100 print(f"\rProgress: {progress:.1f}%", end='', flush=True) print() # New line after progress def run_command(command): process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) output, error = process.communicate() return output.decode(), error.decode(), process.returncode def check_docker_permissions(): """Check if Docker is accessible and provide helpful error messages.""" try: output, error, return_code = run_command("docker info") if return_code != 0: if "permission denied" in error.lower(): print("ERROR: Docker permission denied!") print("Solutions:") print("1. Run this script with sudo: sudo python3 setup_and_import.py") print("2. Or add your user to docker group: sudo usermod -aG docker $USER") print(" Then log out and log back in.") return False else: print(f"Docker error: {error}") return False return True except Exception as e: print(f"Error checking Docker: {e}") return False def setup_mediawiki(): print("Checking Docker permissions...") if not check_docker_permissions(): sys.exit(1) print("Setting up MediaWiki...") output, error, return_code = run_command("docker-compose up -d") if return_code != 0: print(f"Error starting Docker containers: {error}") sys.exit(1) time.sleep(10) # Wait for services to start print("Please complete the MediaWiki installation by visiting http://localhost:8080") print("Use the following database settings:") print("Database host: database") print("Database name: my_wiki") print("Database username: wikiuser") print("Database password: wikipass") input("Press Enter when you have completed the installation and downloaded LocalSettings.php...") if not os.path.exists('LocalSettings.php'): print("LocalSettings.php not found. Please place it in the current directory.") sys.exit(1) output, error, return_code = run_command("docker-compose restart mediawiki") if return_code != 0: print(f"Error restarting MediaWiki: {error}") sys.exit(1) print("MediaWiki setup completed.") def import_xml_to_mediawiki(xml_file): command = f"docker-compose exec -T mediawiki php maintenance/importDump.php < {xml_file}" print(f"Importing {xml_file} into MediaWiki...") output, error, return_code = run_command(command) if return_code != 0: print(f"Error importing XML: {error}") sys.exit(1) print("Import completed successfully.") def main(): # Check Docker permissions early if not os.path.exists('LocalSettings.php'): setup_mediawiki() else: # Even if LocalSettings.php exists, check Docker permissions for import print("Checking Docker permissions...") if not check_docker_permissions(): sys.exit(1) print("Fetching available dumps...") dumps = get_available_dumps() if not dumps: print("No dumps found!") sys.exit(1) print("\nAvailable dumps (newest first):") for i, dump in enumerate(dumps): marker = " (NEWEST)" if i == 0 else "" print(f"{i + 1}. {dump}{marker}") # Default to newest dump (index 0) default_choice = 1 choice_input = input(f"\nEnter the number of the dump you want to download (default: {default_choice} - newest): ").strip() if choice_input == "": choice = default_choice - 1 else: try: choice = int(choice_input) - 1 if choice < 0 or choice >= len(dumps): print("Invalid choice. Using newest dump.") choice = 0 except ValueError: print("Invalid input. Using newest dump.") choice = 0 selected_dump = dumps[choice] print(f"\nSelected dump: {selected_dump}") print("Fetching XML files from selected dump...") files = get_dump_files(selected_dump) if not files: print("No XML files found in the selected dump!") sys.exit(1) xml_files = list(files.keys()) print(f"\nAvailable XML files in {selected_dump} (newest first):") for i, xml_file in enumerate(xml_files): file_info = files[xml_file] marker = " (RECOMMENDED)" if i == 0 else "" print(f"{i + 1}. {xml_file}{marker}") if file_info: print(f" {file_info}") # Default to newest XML file (index 0) default_xml_choice = 1 xml_choice_input = input(f"\nEnter the number of the XML file you want to download (default: {default_xml_choice} - newest): ").strip() if xml_choice_input == "": xml_choice = default_xml_choice - 1 else: try: xml_choice = int(xml_choice_input) - 1 if xml_choice < 0 or xml_choice >= len(xml_files): print("Invalid choice. Using newest XML file.") xml_choice = 0 except ValueError: print("Invalid input. Using newest XML file.") xml_choice = 0 selected_xml = xml_files[xml_choice] print(f"\nSelected XML file: {selected_xml}") # Check if file already exists if os.path.exists(selected_xml): overwrite = input(f"\n{selected_xml} already exists. Overwrite? (y/N): ").strip().lower() if overwrite not in ['y', 'yes']: print("Using existing file.") else: print(f"Downloading {selected_xml}...") download_file(BASE_URL + selected_dump + '/' + selected_xml, selected_xml) else: print(f"Downloading {selected_xml}...") download_file(BASE_URL + selected_dump + '/' + selected_xml, selected_xml) print("Importing XML dump into MediaWiki...") import_xml_to_mediawiki(selected_xml) print("\nImport completed successfully!") print(f"Your MediaWiki instance should now be available at: http://localhost:8080") if __name__ == "__main__": main() </source> </div> </div> '''Contents of <code>setup_and_import.py</code>''': <source lang="python"> import os import time import requests from bs4 import BeautifulSoup import re import subprocess import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def get_available_dumps(): response = requests.get(BASE_URL) soup = BeautifulSoup(response.text, 'html.parser') dumps = [] for link in soup.find_all('a'): href = link.get('href') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', href): dumps.append(href.rstrip('/')) return sorted(dumps, reverse=True) def get_dump_files(dump): response = requests.get(BASE_URL + dump) soup = BeautifulSoup(response.text, 'html.parser') files = {} for link in soup.find_all('a'): href = link.get('href') if href.endswith('.xml'): files[href] = link.next_sibling.strip() return files def download_file(url, filename): response = requests.get(url) with open(filename, 'wb') as f: f.write(response.content) def run_command(command): process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) output, error = process.communicate() return output.decode(), error.decode(), process.returncode def setup_mediawiki(): print("Setting up MediaWiki...") os.system("docker-compose up -d") time.sleep(10) # Wait for services to start print("Please complete the MediaWiki installation by visiting http://localhost:8080") print("Use the following database settings:") print("Database host: database") print("Database name: my_wiki") print("Database username: wikiuser") print("Database password: wikipass") input("Press Enter when you have completed the installation and downloaded LocalSettings.php...") if not os.path.exists('LocalSettings.php'): print("LocalSettings.php not found. Please place it in the current directory.") sys.exit(1) os.system("docker-compose restart mediawiki") print("MediaWiki setup completed.") def import_xml_to_mediawiki(xml_file): command = f"docker-compose exec -T mediawiki php maintenance/importDump.php < {xml_file}" output, error, return_code = run_command(command) if return_code != 0: print(f"Error importing XML: {error}") sys.exit(1) print(output) def main(): if not os.path.exists('LocalSettings.php'): setup_mediawiki() dumps = get_available_dumps() print("Available dumps:") for i, dump in enumerate(dumps): print(f"{i + 1}. {dump}") choice = int(input("Enter the number of the dump you want to download: ")) - 1 selected_dump = dumps[choice] files = get_dump_files(selected_dump) xml_file = next(iter(files)) print(f"Downloading {xml_file}...") download_file(BASE_URL + selected_dump + '/' + xml_file, xml_file) print("Importing XML dump into MediaWiki...") import_xml_to_mediawiki(xml_file) print("Import completed successfully.") if __name__ == "__main__": main()</source> === Running the Script === <source lang="bash"> python3 setup_and_import.py </source> <div class="toccolours mw-collapsible mw-collapsed"> '''Terminal Output: when script running at this stage: <div class="mw-collapsible-content"> <pre> noob@noob-elite:~/wiki$ python3 setup_and_import.py Setting up MediaWiki... WARN[0000] /home/noob/wiki/docker-compose.yml: the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion [+] Running 33/2 ✔ database Pulled 54.0s ✔ mediawiki Pulled 95.0s [+] Running 3/3 ✔ Network wiki_default Created 0.1s ✔ Container wiki-database-1 Started 0.3s ✔ Container wiki-mediawiki-1 Started 0.5s Please complete the MediaWiki installation by visiting http://localhost:8080 Use the following database settings: Database host: database Database name: my_wiki Database username: wikiuser Database password: wikipass Press Enter when you have completed the installation and downloaded LocalSettings.php... </pre> </div> </div> === Script Execution Steps === * '''Initial Setup:''' The script starts Docker containers and waits for MediaWiki installation. * '''Manual Steps:''' ** Leave the script terminal running. ** Open a new terminal for further commands. ** Visit <code>http://localhost:8080</code> in your browser to complete the MediaWiki setup using: *** Database host: <code>database</code> *** Database name: <code>my_wiki</code> *** Database username: <code>wikiuser</code> *** Database password: <code>wikipass</code> * '''Post Installation:''' ** Download <code>LocalSettings.php</code> from the browser. ** This Downloads to your <code>Downloads</code> directory, move/copy to your <code>noobwiki</code> directory. ** Stop the containers: *** NOTE: <code>docker-compose</code> commands are ment to be run in direcotry containing the docker-compose.yml file Or you need to use <code>docker-compose -f /path/to/docker-compose.yml down -v</code> <source lang="bash"> docker-compose down -v </source> ** Uncomment the <code>LocalSettings.php</code> volume mapping in <code>docker-compose.yml</code>. <source lang="bash"> $EDITOR docker-compose.yml</source> <div class="toccolours mw-collapsible mw-collapsed"> <code>docker-compose.yml</code> After uncommenting: <div class="mw-collapsible-content"> <pre> services: database: image: mysql:5.7 environment: MYSQL_DATABASE: my_wiki MYSQL_USER: wikiuser MYSQL_PASSWORD: wikipass MYSQL_RANDOM_ROOT_PASSWORD: 'yes' volumes: - ./mysql_data:/var/lib/mysql mediawiki: image: mediawiki ports: - 8080:80 links: - database volumes: - ./mediawiki_data:/var/www/html/images - ./LocalSettings.php:/var/www/html/LocalSettings.php # This line is commented out initially </pre> </div> </div> ** Restart Docker: <source lang="bash"> docker-compose up -d </source> * '''Return to Script Terminal:''' ** Press Enter to continue with XML dump selection and import. ===Post LocalSettings.php script=== After returning to script and pressing Enter, the script will scan xml.completenoobs.com and give you a list of wiki dumps with a Number on the left and a date. * Enter number to select a dated xml <pre> Press Enter when you have completed the installation and downloaded LocalSettings.php... [+] Restarting 1/1 ✔ Container wiki-mediawiki-1 Started 1.3s MediaWiki setup completed. Available dumps: 1. 31_05_23.Noobs 2. 30_03_23.Noobs 3. 28_04_24.Noobs 4. 28_04_23.Noobs 5. 26_06_23.Noobs 6. 26_05_23.Noobs 7. 26_04_23.Noobs 8. 23_04_23.Noobs 9. 23_03_23.Noobs 10. 21_06_23.Noobs 11. 21_05_23.Noobs 12. 21_04_23.Noobs 13. 20_03_23.Noobs 14. 17_04_23.Noobs 15. 16_06_23.Noobs 16. 16_05_23.Noobs 17. 11_07_23.Noobs 18. 11_06_23.Noobs 19. 11_05_23.Noobs 20. 06_07_23.Noobs 21. 06_06_23.Noobs 22. 06_05_23.Noobs 23. 04_05_23.Noobs 24. 01_07_23.Noobs 25. 01_06_23.Noobs 26. 01_05_23.Noobs Enter the number of the dump you want to download: 3 Downloading 28_04_24.Noobs.xml... Importing XML dump into MediaWiki... Done! You might want to run rebuildrecentchanges.php to regenerate RecentChanges, and initSiteStats.php to update page and revision counts Import completed successfully. </pre> == Post-Setup Maintenance == Now, we need to rebuild our wiki so that the database reflects our imported content. === Login to Container for Maintenance === * Syntax:<code>docker exec -it <container_name_and_service>-1 /bin/bash</code> ** use:<code>docker container ls</code> or <code>docker ps</code> to see container and service names. <source lang="bash"> docker exec -it noobwiki-mediawiki-1 /bin/bash </source> * Run maintenance scripts: <source lang="bash"> php maintenance/initSiteStats.php php maintenance/rebuildrecentchanges.php php maintenance/rebuildall.php </source> * Exit the container: <source lang="bash"> exit </source> === Verify Wiki Content === * Check all pages have loaded by visiting: <source lang="bash"> http://127.0.0.1:8080/index.php/Special:AllPages </source> Here's the section in raw MediaWiki syntax: == Network Configuration == By default, your wiki might only be accessible from the host machine where Docker is running, using <code>localhost</code> or <code>127.0.0.1</code>. However, if you want others on your network to access your wiki, you need to make some adjustments. '''Current Setup:''' The computer running Docker Compose has an IP address of <code>192.168.0.44</code>. * You can find the IP address of your computer running Docker using the command: <code>ip addr</code><br> <div class="toccolours mw-collapsible mw-collapsed"> OutPut from <code>ip addr</code> <div class="mw-collapsible-content"> <pre> noob@noob-HP-EliteDesk-800-G1-DM:~$ ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host noprefixroute valid_lft forever preferred_lft forever 2: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 8c:dc:d4:3d:93:49 brd ff:ff:ff:ff:ff:ff altname enp0s25 3: wlxe8de27142be2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether e8:de:27:14:2b:e2 brd ff:ff:ff:ff:ff:ff inet 192.168.0.44/24 brd 192.168.0.255 scope global dynamic noprefixroute wlxe8de27142be2 valid_lft 86357sec preferred_lft 86357sec inet6 fe80::afbe:cc73:73a2:fcdf/64 scope link noprefixroute valid_lft forever preferred_lft forever </pre> </div> </div> My IP is <code>192.168.0.44</code> If someone from another computer on the network tries to visit <code>192.168.0.44:8080</code>, they might encounter a "cannot connect" error. This happens because MediaWiki, by default, redirects to <code>127.0.0.1:8080</code>, which is only accessible from the host machine itself. '''Solution:''' To allow access from other devices on the same network, you need to: * '''Edit the <code>LocalSettings.php</code> File:''' This isn't done inside the Docker container but rather in the directory where your <code>docker-compose.yml</code> file is located. Here, you need to change the server URL configuration. * '''Modify URL Configuration:''' On lines 34-35 of <code>LocalSettings.php</code>, you'll find the following: === Allowing Access from Other Network Devices === * Edit <code>LocalSettings.php</code> in the Docker Compose directory to change the server URL: <source lang="php"> ## The protocol and server name to use in fully-qualified URLs $wgServer = 'http://192.168.0.44:8080'; </source> * Restart Docker to apply changes: <source lang="bash"> docker-compose restart </source> This allows access to your wiki from other devices on the network using <code>192.168.0.44:8080</code>. This adjustment tells MediaWiki to use the network IP of the host (<code>192.168.0.44</code>) instead of the local loopback (<code>127.0.0.1</code>), allowing other devices on the network to access the wiki through <code>192.168.0.44:8080</code>. Even after this change, <code>localhost:8080</code> or <code>127.0.0.1:8080</code> will still work on the host machine, but now the wiki is also accessible via the network IP from other devices. nmtbi4y5cuymahpi6a3sqx0nku3t5mu 658 580 2025-09-01T19:13:31Z AwesomO 5 /* Starting Environment */ 658 wikitext text/x-wiki ==Docker Image== * [[Ubuntu2404_Install_Docker_and_Docker_Compose| Download the wiki as a '''Docker image''' to run locally on your computer or fork it to contribute and share knowledge.]] ==Starting Environment== * '''Hardware''': HP EliteDesk 800 G1 * '''Operating System''': Ubuntu-Mate 24.04 * '''Installation Type''': Fresh Install * '''Initial Setup Post-Install''': Package Update: <code>sudo apt update && sudo apt upgrade -y</code> * '''Additional Software''': Installed just to record screen for this tut and not needed <code>sudo apt install simplescreenrecorder</code> == Docker Installation Guide == <youtube>https://www.youtube.com/watch?v=MheOIG2KiTI</youtube> === Preparation === Before we begin, make sure you're logged in with a user account that has sudo privileges. === Update System Packages === Update your package list to ensure you have the latest versions of packages: <source lang="bash"> sudo apt update </source> === Install Docker Prerequisites === Install the necessary packages for Docker setup: <source lang="bash"> sudo apt install -y apt-transport-https ca-certificates curl software-properties-common </source> === Setup Docker Repository === * '''Add Docker's Official GPG Key''': <source lang="bash"> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg </source> * '''Add the Docker Repository''': <source lang="bash"> echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null </source> === Install Docker and Docker Compose === * '''Update Package List Again''': <source lang="bash"> sudo apt update </source> * '''Install Docker Engine, CLI, Containerd, and Additional Tools''': <source lang="bash"> sudo apt install -y docker-ce docker-ce-cli containerd.io python3-bs4 python3-requests docker-compose </source> * '''Install Docker Compose''': Here we're downloading the latest version of Docker Compose: <source lang="bash"> sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose </source> Make the Docker Compose binary executable: <source lang="bash"> sudo chmod +x /usr/local/bin/docker-compose </source> === Verify Installation === Check if Docker and Docker Compose are installed correctly: <source lang="bash"> docker --version docker-compose --version </source> === Configure User Permissions === To run Docker commands without <code>sudo</code>, add your user to the <code>docker</code> group: <source lang="bash"> sudo usermod -aG docker $USER </source> '''Note''': After adding your user to the docker group, you'll need to '''log out and log back in''' for the changes to take effect. If you do not log out and back in, Or you do not add your $USER to the docker group, you will be required to use sudo in some cases. such as .. <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip: <div class="mw-collapsible-content"> <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. Remember, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> = Creating a Wiki and Importing an XML Dump = == Setup the Wiki Environment == === Create Directory for the Wiki === <source lang="bash"> mkdir noobwiki cd noobwiki </source> === Create Docker Compose File === Edit your <code>docker-compose.yml</code> file: * [[SET$EDITOR|set editor]] <source lang="bash"> $EDITOR docker-compose.yml </source> '''Contents of <code>docker-compose.yml</code>''': <source lang="yaml"> services: database: image: mysql:5.7 environment: MYSQL_DATABASE: my_wiki MYSQL_USER: wikiuser MYSQL_PASSWORD: wikipass MYSQL_RANDOM_ROOT_PASSWORD: 'yes' volumes: - ./mysql_data:/var/lib/mysql mediawiki: image: mediawiki ports: - 8080:80 links: - database volumes: - ./mediawiki_data:/var/www/html/images # - ./LocalSettings.php:/var/www/html/LocalSettings.php # This line is commented out initially </source> '''Note:''' The <code>LocalSettings.php</code> volume mapping is commented out to prevent automatic creation during initial setup. == Python Script for Setup and XML Import == === Script Details === Create a Python script to automate the setup and import process: <source lang="bash"> $EDITOR setup_and_import.py </source> <div class="toccolours mw-collapsible mw-collapsed"> Newer Script that will list newest first - list from new to old in order: <div class="mw-collapsible-content"> * Passed early testing <source lang="python"> import os import time import requests from bs4 import BeautifulSoup import re import subprocess import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): """Parse DD_MM_YY format and return a sortable date tuple.""" match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() # Convert 2-digit year to 4-digit (assuming 00-49 = 2000-2049, 50-99 = 1950-1999) year_int = int(year) if year_int <= 49: full_year = 2000 + year_int else: full_year = 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) # fallback for unparseable names def get_available_dumps(): response = requests.get(BASE_URL) soup = BeautifulSoup(response.text, 'html.parser') dumps = [] for link in soup.find_all('a'): href = link.get('href') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', href): dumps.append(href.rstrip('/')) # Sort by actual date (newest first) return sorted(dumps, key=parse_date_from_dump, reverse=True) def get_dump_files(dump): response = requests.get(BASE_URL + dump) soup = BeautifulSoup(response.text, 'html.parser') files = {} for link in soup.find_all('a'): href = link.get('href') if href.endswith('.xml'): # Extract file info (size, date) from the next sibling text file_info = "" next_sibling = link.next_sibling if next_sibling: file_info = next_sibling.strip() files[href] = file_info # Sort XML files by name (newest first, assuming filename contains date/time info) sorted_files = dict(sorted(files.items(), key=lambda x: x[0], reverse=True)) return sorted_files def download_file(url, filename): print(f"Downloading from: {url}") response = requests.get(url, stream=True) response.raise_for_status() total_size = int(response.headers.get('content-length', 0)) downloaded = 0 with open(filename, 'wb') as f: for chunk in response.iter_content(chunk_size=8192): if chunk: f.write(chunk) downloaded += len(chunk) if total_size > 0: progress = (downloaded / total_size) * 100 print(f"\rProgress: {progress:.1f}%", end='', flush=True) print() # New line after progress def run_command(command): process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) output, error = process.communicate() return output.decode(), error.decode(), process.returncode def check_docker_permissions(): """Check if Docker is accessible and provide helpful error messages.""" try: output, error, return_code = run_command("docker info") if return_code != 0: if "permission denied" in error.lower(): print("ERROR: Docker permission denied!") print("Solutions:") print("1. Run this script with sudo: sudo python3 setup_and_import.py") print("2. Or add your user to docker group: sudo usermod -aG docker $USER") print(" Then log out and log back in.") return False else: print(f"Docker error: {error}") return False return True except Exception as e: print(f"Error checking Docker: {e}") return False def setup_mediawiki(): print("Checking Docker permissions...") if not check_docker_permissions(): sys.exit(1) print("Setting up MediaWiki...") output, error, return_code = run_command("docker-compose up -d") if return_code != 0: print(f"Error starting Docker containers: {error}") sys.exit(1) time.sleep(10) # Wait for services to start print("Please complete the MediaWiki installation by visiting http://localhost:8080") print("Use the following database settings:") print("Database host: database") print("Database name: my_wiki") print("Database username: wikiuser") print("Database password: wikipass") input("Press Enter when you have completed the installation and downloaded LocalSettings.php...") if not os.path.exists('LocalSettings.php'): print("LocalSettings.php not found. Please place it in the current directory.") sys.exit(1) output, error, return_code = run_command("docker-compose restart mediawiki") if return_code != 0: print(f"Error restarting MediaWiki: {error}") sys.exit(1) print("MediaWiki setup completed.") def import_xml_to_mediawiki(xml_file): command = f"docker-compose exec -T mediawiki php maintenance/importDump.php < {xml_file}" print(f"Importing {xml_file} into MediaWiki...") output, error, return_code = run_command(command) if return_code != 0: print(f"Error importing XML: {error}") sys.exit(1) print("Import completed successfully.") def main(): # Check Docker permissions early if not os.path.exists('LocalSettings.php'): setup_mediawiki() else: # Even if LocalSettings.php exists, check Docker permissions for import print("Checking Docker permissions...") if not check_docker_permissions(): sys.exit(1) print("Fetching available dumps...") dumps = get_available_dumps() if not dumps: print("No dumps found!") sys.exit(1) print("\nAvailable dumps (newest first):") for i, dump in enumerate(dumps): marker = " (NEWEST)" if i == 0 else "" print(f"{i + 1}. {dump}{marker}") # Default to newest dump (index 0) default_choice = 1 choice_input = input(f"\nEnter the number of the dump you want to download (default: {default_choice} - newest): ").strip() if choice_input == "": choice = default_choice - 1 else: try: choice = int(choice_input) - 1 if choice < 0 or choice >= len(dumps): print("Invalid choice. Using newest dump.") choice = 0 except ValueError: print("Invalid input. Using newest dump.") choice = 0 selected_dump = dumps[choice] print(f"\nSelected dump: {selected_dump}") print("Fetching XML files from selected dump...") files = get_dump_files(selected_dump) if not files: print("No XML files found in the selected dump!") sys.exit(1) xml_files = list(files.keys()) print(f"\nAvailable XML files in {selected_dump} (newest first):") for i, xml_file in enumerate(xml_files): file_info = files[xml_file] marker = " (RECOMMENDED)" if i == 0 else "" print(f"{i + 1}. {xml_file}{marker}") if file_info: print(f" {file_info}") # Default to newest XML file (index 0) default_xml_choice = 1 xml_choice_input = input(f"\nEnter the number of the XML file you want to download (default: {default_xml_choice} - newest): ").strip() if xml_choice_input == "": xml_choice = default_xml_choice - 1 else: try: xml_choice = int(xml_choice_input) - 1 if xml_choice < 0 or xml_choice >= len(xml_files): print("Invalid choice. Using newest XML file.") xml_choice = 0 except ValueError: print("Invalid input. Using newest XML file.") xml_choice = 0 selected_xml = xml_files[xml_choice] print(f"\nSelected XML file: {selected_xml}") # Check if file already exists if os.path.exists(selected_xml): overwrite = input(f"\n{selected_xml} already exists. Overwrite? (y/N): ").strip().lower() if overwrite not in ['y', 'yes']: print("Using existing file.") else: print(f"Downloading {selected_xml}...") download_file(BASE_URL + selected_dump + '/' + selected_xml, selected_xml) else: print(f"Downloading {selected_xml}...") download_file(BASE_URL + selected_dump + '/' + selected_xml, selected_xml) print("Importing XML dump into MediaWiki...") import_xml_to_mediawiki(selected_xml) print("\nImport completed successfully!") print(f"Your MediaWiki instance should now be available at: http://localhost:8080") if __name__ == "__main__": main() </source> </div> </div> '''Contents of <code>setup_and_import.py</code>''': <source lang="python"> import os import time import requests from bs4 import BeautifulSoup import re import subprocess import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def get_available_dumps(): response = requests.get(BASE_URL) soup = BeautifulSoup(response.text, 'html.parser') dumps = [] for link in soup.find_all('a'): href = link.get('href') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', href): dumps.append(href.rstrip('/')) return sorted(dumps, reverse=True) def get_dump_files(dump): response = requests.get(BASE_URL + dump) soup = BeautifulSoup(response.text, 'html.parser') files = {} for link in soup.find_all('a'): href = link.get('href') if href.endswith('.xml'): files[href] = link.next_sibling.strip() return files def download_file(url, filename): response = requests.get(url) with open(filename, 'wb') as f: f.write(response.content) def run_command(command): process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) output, error = process.communicate() return output.decode(), error.decode(), process.returncode def setup_mediawiki(): print("Setting up MediaWiki...") os.system("docker-compose up -d") time.sleep(10) # Wait for services to start print("Please complete the MediaWiki installation by visiting http://localhost:8080") print("Use the following database settings:") print("Database host: database") print("Database name: my_wiki") print("Database username: wikiuser") print("Database password: wikipass") input("Press Enter when you have completed the installation and downloaded LocalSettings.php...") if not os.path.exists('LocalSettings.php'): print("LocalSettings.php not found. Please place it in the current directory.") sys.exit(1) os.system("docker-compose restart mediawiki") print("MediaWiki setup completed.") def import_xml_to_mediawiki(xml_file): command = f"docker-compose exec -T mediawiki php maintenance/importDump.php < {xml_file}" output, error, return_code = run_command(command) if return_code != 0: print(f"Error importing XML: {error}") sys.exit(1) print(output) def main(): if not os.path.exists('LocalSettings.php'): setup_mediawiki() dumps = get_available_dumps() print("Available dumps:") for i, dump in enumerate(dumps): print(f"{i + 1}. {dump}") choice = int(input("Enter the number of the dump you want to download: ")) - 1 selected_dump = dumps[choice] files = get_dump_files(selected_dump) xml_file = next(iter(files)) print(f"Downloading {xml_file}...") download_file(BASE_URL + selected_dump + '/' + xml_file, xml_file) print("Importing XML dump into MediaWiki...") import_xml_to_mediawiki(xml_file) print("Import completed successfully.") if __name__ == "__main__": main()</source> === Running the Script === <source lang="bash"> python3 setup_and_import.py </source> <div class="toccolours mw-collapsible mw-collapsed"> '''Terminal Output: when script running at this stage: <div class="mw-collapsible-content"> <pre> noob@noob-elite:~/wiki$ python3 setup_and_import.py Setting up MediaWiki... WARN[0000] /home/noob/wiki/docker-compose.yml: the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion [+] Running 33/2 ✔ database Pulled 54.0s ✔ mediawiki Pulled 95.0s [+] Running 3/3 ✔ Network wiki_default Created 0.1s ✔ Container wiki-database-1 Started 0.3s ✔ Container wiki-mediawiki-1 Started 0.5s Please complete the MediaWiki installation by visiting http://localhost:8080 Use the following database settings: Database host: database Database name: my_wiki Database username: wikiuser Database password: wikipass Press Enter when you have completed the installation and downloaded LocalSettings.php... </pre> </div> </div> === Script Execution Steps === * '''Initial Setup:''' The script starts Docker containers and waits for MediaWiki installation. * '''Manual Steps:''' ** Leave the script terminal running. ** Open a new terminal for further commands. ** Visit <code>http://localhost:8080</code> in your browser to complete the MediaWiki setup using: *** Database host: <code>database</code> *** Database name: <code>my_wiki</code> *** Database username: <code>wikiuser</code> *** Database password: <code>wikipass</code> * '''Post Installation:''' ** Download <code>LocalSettings.php</code> from the browser. ** This Downloads to your <code>Downloads</code> directory, move/copy to your <code>noobwiki</code> directory. ** Stop the containers: *** NOTE: <code>docker-compose</code> commands are ment to be run in direcotry containing the docker-compose.yml file Or you need to use <code>docker-compose -f /path/to/docker-compose.yml down -v</code> <source lang="bash"> docker-compose down -v </source> ** Uncomment the <code>LocalSettings.php</code> volume mapping in <code>docker-compose.yml</code>. <source lang="bash"> $EDITOR docker-compose.yml</source> <div class="toccolours mw-collapsible mw-collapsed"> <code>docker-compose.yml</code> After uncommenting: <div class="mw-collapsible-content"> <pre> services: database: image: mysql:5.7 environment: MYSQL_DATABASE: my_wiki MYSQL_USER: wikiuser MYSQL_PASSWORD: wikipass MYSQL_RANDOM_ROOT_PASSWORD: 'yes' volumes: - ./mysql_data:/var/lib/mysql mediawiki: image: mediawiki ports: - 8080:80 links: - database volumes: - ./mediawiki_data:/var/www/html/images - ./LocalSettings.php:/var/www/html/LocalSettings.php # This line is commented out initially </pre> </div> </div> ** Restart Docker: <source lang="bash"> docker-compose up -d </source> * '''Return to Script Terminal:''' ** Press Enter to continue with XML dump selection and import. ===Post LocalSettings.php script=== After returning to script and pressing Enter, the script will scan xml.completenoobs.com and give you a list of wiki dumps with a Number on the left and a date. * Enter number to select a dated xml <pre> Press Enter when you have completed the installation and downloaded LocalSettings.php... [+] Restarting 1/1 ✔ Container wiki-mediawiki-1 Started 1.3s MediaWiki setup completed. Available dumps: 1. 31_05_23.Noobs 2. 30_03_23.Noobs 3. 28_04_24.Noobs 4. 28_04_23.Noobs 5. 26_06_23.Noobs 6. 26_05_23.Noobs 7. 26_04_23.Noobs 8. 23_04_23.Noobs 9. 23_03_23.Noobs 10. 21_06_23.Noobs 11. 21_05_23.Noobs 12. 21_04_23.Noobs 13. 20_03_23.Noobs 14. 17_04_23.Noobs 15. 16_06_23.Noobs 16. 16_05_23.Noobs 17. 11_07_23.Noobs 18. 11_06_23.Noobs 19. 11_05_23.Noobs 20. 06_07_23.Noobs 21. 06_06_23.Noobs 22. 06_05_23.Noobs 23. 04_05_23.Noobs 24. 01_07_23.Noobs 25. 01_06_23.Noobs 26. 01_05_23.Noobs Enter the number of the dump you want to download: 3 Downloading 28_04_24.Noobs.xml... Importing XML dump into MediaWiki... Done! You might want to run rebuildrecentchanges.php to regenerate RecentChanges, and initSiteStats.php to update page and revision counts Import completed successfully. </pre> == Post-Setup Maintenance == Now, we need to rebuild our wiki so that the database reflects our imported content. === Login to Container for Maintenance === * Syntax:<code>docker exec -it <container_name_and_service>-1 /bin/bash</code> ** use:<code>docker container ls</code> or <code>docker ps</code> to see container and service names. <source lang="bash"> docker exec -it noobwiki-mediawiki-1 /bin/bash </source> * Run maintenance scripts: <source lang="bash"> php maintenance/initSiteStats.php php maintenance/rebuildrecentchanges.php php maintenance/rebuildall.php </source> * Exit the container: <source lang="bash"> exit </source> === Verify Wiki Content === * Check all pages have loaded by visiting: <source lang="bash"> http://127.0.0.1:8080/index.php/Special:AllPages </source> Here's the section in raw MediaWiki syntax: == Network Configuration == By default, your wiki might only be accessible from the host machine where Docker is running, using <code>localhost</code> or <code>127.0.0.1</code>. However, if you want others on your network to access your wiki, you need to make some adjustments. '''Current Setup:''' The computer running Docker Compose has an IP address of <code>192.168.0.44</code>. * You can find the IP address of your computer running Docker using the command: <code>ip addr</code><br> <div class="toccolours mw-collapsible mw-collapsed"> OutPut from <code>ip addr</code> <div class="mw-collapsible-content"> <pre> noob@noob-HP-EliteDesk-800-G1-DM:~$ ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host noprefixroute valid_lft forever preferred_lft forever 2: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 8c:dc:d4:3d:93:49 brd ff:ff:ff:ff:ff:ff altname enp0s25 3: wlxe8de27142be2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether e8:de:27:14:2b:e2 brd ff:ff:ff:ff:ff:ff inet 192.168.0.44/24 brd 192.168.0.255 scope global dynamic noprefixroute wlxe8de27142be2 valid_lft 86357sec preferred_lft 86357sec inet6 fe80::afbe:cc73:73a2:fcdf/64 scope link noprefixroute valid_lft forever preferred_lft forever </pre> </div> </div> My IP is <code>192.168.0.44</code> If someone from another computer on the network tries to visit <code>192.168.0.44:8080</code>, they might encounter a "cannot connect" error. This happens because MediaWiki, by default, redirects to <code>127.0.0.1:8080</code>, which is only accessible from the host machine itself. '''Solution:''' To allow access from other devices on the same network, you need to: * '''Edit the <code>LocalSettings.php</code> File:''' This isn't done inside the Docker container but rather in the directory where your <code>docker-compose.yml</code> file is located. Here, you need to change the server URL configuration. * '''Modify URL Configuration:''' On lines 34-35 of <code>LocalSettings.php</code>, you'll find the following: === Allowing Access from Other Network Devices === * Edit <code>LocalSettings.php</code> in the Docker Compose directory to change the server URL: <source lang="php"> ## The protocol and server name to use in fully-qualified URLs $wgServer = 'http://192.168.0.44:8080'; </source> * Restart Docker to apply changes: <source lang="bash"> docker-compose restart </source> This allows access to your wiki from other devices on the network using <code>192.168.0.44:8080</code>. This adjustment tells MediaWiki to use the network IP of the host (<code>192.168.0.44</code>) instead of the local loopback (<code>127.0.0.1</code>), allowing other devices on the network to access the wiki through <code>192.168.0.44:8080</code>. Even after this change, <code>localhost:8080</code> or <code>127.0.0.1:8080</code> will still work on the host machine, but now the wiki is also accessible via the network IP from other devices. rad7rsht7y3we8zgqh4rqf7hpb9v490 0 140 469 2025-02-16T23:23:44Z Noob 1 Created page with "The Page is designated to be the default main page for local wiki installs - any ideas welcome on how to struture this page. In Concept Mode DISCLAIMER: he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the informa..." 469 wikitext text/x-wiki The Page is designated to be the default main page for local wiki installs - any ideas welcome on how to struture this page. In Concept Mode DISCLAIMER: he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. CompleteNoobs Welcome to CompleteNoobs! We are a community of computer science enthusiasts who believe in making knowledge free, open, and reproducible. Whether you are a hobbyist, sysadmin, teacher, student, or simply interested in computer science, CompleteNoobs is a place to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips that are created or released under a Libre license that allows for the following freedoms: READ. EDIT/MODIFY. COPY. SHARE FREELY. CC BY-NC-SA licensed content can be hosted on the non-commercial fork at https://www.completenoobz.com To get started, request an account on the wiki and message user CompleteNoobs on Reddit. Please note that we are currently not allowing direct signups due to bots. We all start as Noobs Whether you're just starting out or you're an experienced professional, we all start as noobs. This wiki is a safe space for us to learn, experiment, and grow together. Getting Started Host Your Own Mediawiki Online - Linux Ubuntu Download CompleteNoobs Wiki to your personal computer Notes The main landing page is the Main_Index Page. Main Index Page All Pages Basic Wiki Syntax Support us by using affiliate links or by giving us donations. Data-Heavy Content To keep the XML light, data-heavy content such as pictures, audio, and video can be linked with IPFS and/or Zeronet hashes. IPFS Basics We encourage users to fork this project and download and keep a copy on their desktop and/or server. Licenses Please place a license on top of each page as long as the license falls in line with free to Copy, Modify, Distribute. {{:LICENCE_HEADER_CC0}} LICENCE: When you edit this page, you agree to release your contribution under the CC0 Licence More information about the cc0 licence can be found here: https://creativecommons.org/share-your-work/public-domain/cc0 Over View The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law. You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. Licence: Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. Special:ContributionScores/10/5 st7vmgv770izwj784aimdvw68ho1x6u 470 469 2025-02-16T23:24:56Z Noob 1 470 wikitext text/x-wiki '''The Page is designated to be the default main page for local wiki installs - any ideas welcome on how to struture this page.''' =In Concept Mode= <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> = CompleteNoobs = '''Welcome to CompleteNoobs!''' We are a community of computer science enthusiasts who believe in making knowledge free, open, and reproducible. Whether you are a hobbyist, sysadmin, teacher, student, or simply interested in computer science, CompleteNoobs is a place to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips that are created or released under a Libre license that allows for the following freedoms: * READ. * EDIT/MODIFY. * COPY. * SHARE FREELY. <b>CC BY-NC-SA</b> licensed content can be hosted on the non-commercial fork at https://www.completenoobz.com To get started, request an account on the wiki and message user CompleteNoobs on Reddit. Please note that we are currently not allowing direct signups due to bots. == We all start as Noobs == Whether you're just starting out or you're an experienced professional, we all start as noobs. This wiki is a safe space for us to learn, experiment, and grow together. == Getting Started == [[Host_Your_Own_Mediawiki_Online_-_Ubuntu|Host Your Own Mediawiki Online - Linux Ubuntu]]<br> [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] == Notes == The main landing page is the <b>Main_Index</b> Page. * [[Main_Index | Main Index Page]] * [[Special:AllPages | All Pages]] * [[Wiki_Basic_Syntax|Basic Wiki Syntax]] * [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] == Data-Heavy Content == To keep the XML light, data-heavy content such as pictures, audio, and video can be linked with IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] We encourage users to fork this project and download and keep a copy on their desktop and/or server. == Licenses == [[LICENCE_HEADERS|Please place a license on top of each page as long as the license falls in line with free to Copy, Modify, Distribute.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} d41u3z4jwhmy5ueykwh9l47elc1ezsz 534 470 2025-05-17T13:55:28Z AwesomO 5 534 wikitext text/x-wiki =In Concept Mode= * Discord: https://discord.gg/TdtmRQ6D '''Site is Currently under going some changes'''<br> Page links might be broken while we restructure page titles and content, before carrying on with content creation. <div class="toccolours mw-collapsible mw-collapsed"> '''''DISCLAIMER:''''' <div class="mw-collapsible-content"> he content provided on completenoobs.com is for general informational and educational purposes only. The website owner and authors make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will the website owner or authors be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of completenoobs.com. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, completenoobs.com takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control. </div> </div> =Welcome to CompleteNoobs= ''A community-driven resource for computer science enthusiasts'' '''Note''': At present, direct signups are disabled due to bot activity. To create an account on the wiki, please request an account and message user CompleteNoobs on Reddit. Your patience is appreciated as we may not be online all the time. ==CompleteNoobs BlockChain Project== <div class="toccolours mw-collapsible mw-collapsed"> '''CompletNoobs Blockchain''': A Value-for-Value Producer Platform <div class="mw-collapsible-content"> * '''Core Idea''': A decentralized blockchain enabling creators and consumers to exchange value directly through a wiki-style system. Content is stored on-chain or via '''IPFS''', with transparent contributions and user-driven value distribution. * '''Key Features''': ** '''Named Accounts''': *** '''Human-readable account names''' (e.g., @UserName). *** '''Public/private key pairs''' for security. *** Optional: Separate '''master key''' (for account control) and '''posting key''' (for content submission), inspired by EOS/BitShares for safer key management. ** '''Decentralized Wiki''': *** '''Text Content''': Wiki pages stored directly on the blockchain. *** '''Media Content''': Images, videos, audio, and source code stored as '''IPFS hashes'''. Browser extensions can fetch and display this content. *** '''Page Metadata''': Tracks contributors, edit history (diffs), and links to original sources or '''IPFS hashes'''. ** '''Value-for-Value System''': *** '''User Ratings''': Users with '''producer wallets''' rate pages (0–10) based on value received. *** '''Donations''': Users fund a '''drop/share wallet''' with crypto (e.g., project coin, Bitcoin, or Lightning Network). *** '''Fund Splitting''': At a set time/date, funds from the '''drop/share wallet''' are split among pages based on ratings. Each page’s funds are further split among its contributors. *** '''User Control''': Users can override suggested splits to decide which contributors receive funds (or none). ** '''Contributor Rewards''': *** Each contributor has a '''crypto address''' (project coin, Bitcoin, or Lightning) to receive donations or split funds. *** Suggested splits per page, but users have final say on distribution. * '''Goal''': Empower creators to produce valuable content and let users reward them directly, with full transparency and control, on a decentralized platform. </div> </div> * [[N33Bcoin| Currently learning more about the genesis of blockchain projects, Bitcoin.]] ** https://www.completenoobs.com/noobs/N33Bcoin ==We All Start as Noobs== ''Greetings, fellow Noobs.'' CompleteNoobs is currently in its concept stage, and we are learning as we go. Use the resources provided at your own risk. Our mission is to make computer science free, open, and reproducible for hobbyists, sysadmins, teachers, students, and anyone interested in the field. CompleteNoobs is a platform to share tutorials, documentation, walkthroughs, computer science courses, notes, and tips acquired along the way, under a Libre License that ensures the following freedoms: :* Read :* Edit/Modify :* Copy :* Share freely '''Note''': Content licensed under '''CC BY-NC-SA''' can be hosted on the non-commercial fork: https://www.completenoobz.com [[https://www.completenoobs.com/noobs/DEMONSTRATE-MIT_Introduction_to_Computer_Science_and_Programming_in_Python_6.0001_Fall_2016_Undergraduate| Example Content of CompleteNoobz]] The only proprietary aspects of this site are the domain and the trademark 'CompleteNoobs'. All content is available for download as an XML file at https://xml.completenoobs.com and is Libre licensed for everyone to use. https://ipfs.io/ipfs/QmPyUVTQa7gk8kueAnjNDtEReKZ8NnwvFLWv66aCVrq4dy ==Get Involved== We encourage users to fork this project, download it, and keep a copy on their desktop and/or server. :* [[Host_Your_Own_Mediawiki_Online|Host Your Own Mediawiki Online]] :* [[Local_CompleteNoobs_Wiki|Download CompleteNoobs Wiki to your personal computer]] ===Feed Back Received=== * Clearly indicate the terminal where commands should be entered * Break down content into smaller sections or modules * Provide timestamps in videos for each executed command or step * Organize steps/modules using numbers, and sub-steps within modules using letters (a, b, c, etc.) * Create shorter, focused videos for each step to avoid excessive scrolling * Clarify the use of terminal editors and how to set the $EDITOR variable * Place the EDITOR section at the top of the page and link to nano and vi guide pages * Include instructions on how to verify the completion of each step correctly <div class="toccolours mw-collapsible mw-collapsed"> Title Syntax: Title Re-structuring for Enhanced Clarity <div class="mw-collapsible-content"> Title Re-structuring for Enhanced Clarity Due to varying configurations and builds of apps/programs across different OS versions, step-by-step tutorials can be challenging to follow. To improve navigation, adjust page titles to include both the OS version/name and the software used. This will account for changes across different versions. Example of a re-structured title: "Windows 10 Pro - Adobe Photoshop CC 2021 Tutorial" If its a small change from each version, fork page to version and make small change.<br> If no change, still fork page to new title! </div> </div> ==Essential Links== :* [[Ubuntu_Cert_Draft|Ubuntu Cert Course '''DRAFTING''']] :* [[SET$EDITOR|Set $EDITOR]] :* [[Main_Index | Main Index Page]] :* [[Special:AllPages | All Pages]] :* [[Wiki_Basic_Syntax|Basic Wiki Syntax]] :* [[COMPLETENOOBS_FUNDING | Support us by using affiliate links or by giving us donations.]] ==Data-Heavy Content== To maintain a lightweight XML file, data-heavy content such as pictures, audio, and video can be linked using IPFS and/or Zeronet hashes. [[IPFS_Basics|IPFS Basics]] '''IPFS Browser Extensions''': '''Firefox''': https://addons.mozilla.org/en-GB/firefox/addon/ipfs-companion/<br> '''Brave''': brave://settings/ipfs and toggle on "IPFS Companion" [[Wiki_Basic_Syntax#Youtube_extension_-_Embed_Video|Youtube Embedded Videos also work.]] ==Licenses== [[LICENCE_HEADERS | Add a license to each page, as long as it adheres to the principles of free copying, modification, and distribution.]] <pre>{{:LICENCE_HEADER_CC0}}</pre> {{:LICENCE_HEADER_CC0}} {{Special:ContributionScores/10/5}} fjihe3iiqfl9p0xz4nnw77mxumpksvb 0 141 475 2025-02-17T08:20:38Z AwesomO 5 Created page with "= Quick Start Guide: Ubuntu LXC Containers for CompleteNoobs = NOTES - lost all notes on localwiki when i did bad backup before nuke and pave, starting again. == Introduction == This guide will help you get started with LXC (Linux Containers) on Ubuntu. We'll cover how to login to a container, run commands from the host on the container, and move files between the host and container. == Prerequisites == * Ubuntu system with LXC installed * Basic knowledge of terminal..." 475 wikitext text/x-wiki = Quick Start Guide: Ubuntu LXC Containers for CompleteNoobs = NOTES - lost all notes on localwiki when i did bad backup before nuke and pave, starting again. == Introduction == This guide will help you get started with LXC (Linux Containers) on Ubuntu. We'll cover how to login to a container, run commands from the host on the container, and move files between the host and container. == Prerequisites == * Ubuntu system with LXC installed * Basic knowledge of terminal commands ==Installing LXD== lxd comes preinstalled with ubuntu 24.04 * check current version <code>sudo lxd --version</code><br> Output: <pre> root@lxd-test:~# lxd --version 5.21.2 LTS </pre> * update snap package info <code>sudo snap refresh --list</code> * check if updated version avalible. <code>snap search</code> <br> <pre> root@lxd-test:~# snap search lxd Name Version Publisher Notes Summary lxd 5.21.2-34459c8 canonical✓ - LXD - container and VM manager lxd-bgp 0+git.a39f061 stgraber - BGP server that exposes LXD routes lxd-demo-server 0+git.6d54658 tomparrott - Online software demo sessions using LXD lxd-imagebuilder git-22d1484 tomparrott classic System container and VM image builder for LXD lxdmosaic 0+git.c6f53f3f turtle0x1 - A web interface to manage multiple instances of LXD lxd-gitlab-runner 0.1 alexclewontin - GitLab CI/CD runner with built in LXD executor microcloud 1.1-04a1c49 canonical✓ - Automated small-scale cloud deployment prometheus-juju-exporter 3.1.0 canonical✓ - Prometheus exporter for Juju machine statuses ghvmctl 0.4.1 snapcrafters✪ - A utility for manipulating virtual machines during snap testing. fabrica 1.1.0 ogra - Build snaps by simply pointing a web form to a git tree pluto 0.1.0 nuccitheboss - A swiss-army knife for managing HPC clusters built with Ubuntu hon-lxd-toolbox 0.7.40.21-b h350730 - Swiss knife of shell tools distrobuilder 3.0 stgraber classic Image builder for LXC and LXD satellite 0.1.2 alanzanattadev - Advanced scalable Open source intelligence platform </pre> All upto date already, but if was not then * update lxd <code>sudo snap refresh lxd</code> * check version is <code>snap info lxd</code><br> <code>lxd --version</code> <div class="toccolours mw-collapsible mw-collapsed"> Upgrading to Specific Channels (Optional): <div class="mw-collapsible-content"> LXD can be upgraded to specific versions or channels. This allows you to choose between stability and newer features. The available channels are: * '''latest/stable''': The most stable release, recommended for production environments * '''latest/candidate''': Release candidates, for testing before they become stable * '''latest/beta''': Beta versions, may contain bugs but offer newer features * '''latest/edge''': The most recent updates, potentially unstable To upgrade LXD to a specific channel, use the following command: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=CHANNEL_NAME </syntaxhighlight> For example, to upgrade to the stable channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/stable </syntaxhighlight> Or, to switch to the candidate channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/candidate </syntaxhighlight> * Restarting LXD After Updates (Optional) After upgrading LXD, it's sometimes necessary to restart the LXD daemon to apply changes. You can do this with the following command: <syntaxhighlight lang="bash"> sudo systemctl restart snap.lxd.daemon </syntaxhighlight> This ensures that LXD is running the most recently installed version. </div> </div> ==Add user to the lxc group== === Adding a User to the LXC Group === To manage LXC containers without using `sudo`, add your user to the `lxd` group. Add the user to the `lxd` group: <code>sudo adduser $USER lxd</code> ====Check user in group Using <b>id</b> Command==== You can use the <b>id</b> command, which shows the user's identity and associated groups: <code> id $USER </code> This will display something like: <pre> uid=1000(username) gid=1000(username) groups=1000(username),4(adm),27(sudo),109(lxd) </pre> Here, 109(lxd) indicates that the user is part of the lxd group. ==LXD Initialization== Its pretty straight forward:<br> <code>sudo lxd init</code> * [[Ubuntu_24.04_-_LXD_Initialization | If you want a LXD Initialization Guide click this link]] ==Launching First container== <code>lxc launch ubuntu:18.04 cnoobs</code><br> * IF you see: <pre> lxc launch ubuntu:18.04 cnoobs Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * REBOOT to apply changes * OR logout and backin to apply changes <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. Remember, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 cnoobs</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 cnoobs</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''cnoobs''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "cnoobs" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "cnoobs" in the example) must be unique within your LXD installation. </div> </div> == Logging into the Container == === Method 1: Using lxc exec === To log into the container directly: <code> lxc exec cnoobs -- bash </code> This command gives you a bash shell inside the container. === Method 2: Using SSH === If you prefer using SSH: 1. Install SSH in the container: <code> lxc exec cnoobs -- apt update lxc exec cnoobs -- apt install openssh-server -y </code> 2. Set a password for the ubuntu user: <code> lxc exec cnoobs -- passwd ubuntu </code> 3. Get the container's IP address: <code> lxc list cnoobs </code> 4. SSH into the container: <code> ssh ubuntu@<container_ip> </code> == Running Commands from Host on Container == To run a command in the container from the host system, use: <code> lxc exec cnoobs -- <command> </code> For example, to list files in the container's home directory: <code> lxc exec cnoobs -- ls /home/ubuntu </code> == Moving Files and Directories == === From Host to Container === Use the `lxc file push` command: <code> lxc file push /path/on/host/file.txt cnoobs/path/in/container/ </code> For example, to copy a file to the ubuntu user's home directory: <code> lxc file push ~/myfile.txt cnoobs/home/ubuntu/ </code> === From Container to Host === Use the `lxc file pull` command: <code> lxc file pull cnoobs/path/in/container/file.txt /path/on/host/ </code> For example, to copy a file from the container's home directory to the host's current directory: <code> lxc file pull cnoobs/home/ubuntu/myfile.txt ./ </code> === Moving Directories === To move entire directories, add the -r (recursive) flag: <pre> lxc file push -r ~/mydir cnoobs/home/ubuntu/ lxc file pull -r cnoobs/home/ubuntu/mydir ./ </pre> ==Snapshot and restore containers== ===If ZFS as the underlying storage driver=== ====Snapshot a Container==== To create a snapshot of a container, use the following command: <code> lxc snapshot <container_name> <snapshot_name> </code> * <container_name>: Replace this with the name of the container you want to snapshot. * <snapshot_name>: Replace this with a descriptive name for the snapshot. <b>Example:</b> <code> lxc snapshot cnoobs snapshot1 </code> This command creates a snapshot named snapshot1 of the container cnoobs. ====List Snapshots==== To view the snapshots for a specific container, you can use: <code> lxc info <container_name> </code> or more specifically for snapshots: <code> lxc snapshot list <container_name> </code> ====Restore a Snapshot==== If you need to restore a container to a previous state using a snapshot, use the following command: <code> lxc restore <container_name> <snapshot_name> </code> * <container_name>: The name of the container you want to restore. * <snapshot_name>: The name of the snapshot to which you want to revert. Example: <code> lxc restore cnoobs snapshot1 </code> This command will revert the container cnoobs to the state it was in when the snapshot1 snapshot was taken. ====Delete a Snapshot==== Once you no longer need a snapshot, you can delete it to free up space: <code> lxc delete <container_name>/<snapshot_name> </code> Example: <code> lxc delete cnoobs/snapshot1 </code> This command deletes the snapshot1 snapshot of the cnoobs container. ====Backing Up a Snapshot==== If you want to create a backup of the snapshot outside of LXD (for example, to transfer to another system), you can export it: <code> lxc export <container_name> --instance-only --snapshot <snapshot_name> <output_file.tar.gz> </code> Example: <code> lxc export mycontainer --instance-only --snapshot snapshot1 mycontainer-snapshot1.tar.gz </code> This creates a compressed tarball of the snapshot that you can store elsewhere. ===Compare the snapshots and see what has changed between them=== ====On host <b>zfsutils-linux</b> required==== <code>sudo apt install zfsutils-linux</code> ====Get the ZFS Dataset Names for the Snapshots==== LXD snapshots are stored as ZFS datasets. First, you need to identify the ZFS dataset names associated with your LXD container snapshots. <code> zfs list -t snapshot | grep <container_name> </code> This will list all ZFS snapshots related to your container. ==== Diff the Snapshots Using ZFS ==== Once you have the snapshot names, you can use zfs diff to see the differences between two snapshots. The zfs diff command shows changes such as file creations, deletions, and modifications between two snapshots. <code> zfs diff <snapshot1> <snapshot2> </code> Example Workflow Let's assume your container is named mycontainer, and you have two snapshots snapshot1 and snapshot2. Here's how you would do it: * List the ZFS Snapshots: <code> zfs list -t snapshot | grep mycontainer </code> You might see output like this: <pre> tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </pre> Diff the Snapshots: <code> zfs diff tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </code> This command will output the differences between the two snapshots. The output might look like this: <pre> M /path/to/modified/file - /path/to/deleted/file + /path/to/added/file R /path/to/renamed/file -> /path/to/newname/file M: Modified files -: Deleted files +: Added files R: Renamed files </pre> ====Interpreting the Output==== The output will show you which files have been added, removed, or modified between the two snapshots. If you're comparing entire directories or larger datasets, this can give you a quick overview of what's changed. Notes: * ZFS Tools Required: The zfs diff command is a ZFS feature, so you need to have ZFS installed and configured. * Permissions: Ensure you have sufficient permissions to view and compare the datasets. * Efficiency: zfs diff is generally efficient but might take time depending on the size and number of changes between the snapshots. ==Limit CPU and RAM per container can use== In Ubuntu 24.04, you can limit the CPU and RAM usage of an LXC (Linux Containers) container using the built-in resource control features provided by LXC. ===Limiting CPU Usage=== You can limit the CPU usage of an LXC container in two ways: by specifying the number of CPU cores the container can use, and by setting a CPU usage limit as a percentage of the host's total CPU resources. * Limit CPU Cores: You can assign specific CPU cores to a container by editing the container's configuration file. <code>lxc-cgroup -n <container-name> cpuset.cpus <cpu-cores></code> For example, to assign CPU cores 0 and 1 to a container: <code>lxc-cgroup -n my-container cpuset.cpus 0,1</code> Alternatively, you can add the following line to the container’s configuration file (usually found in /var/lib/lxc/<container-name>/config): <code>lxc.cgroup.cpuset.cpus = 0,1</code> * Limit CPU Usage You can limit the CPU usage as a percentage of the host’s total CPU time. <code>lxc-cgroup -n <container-name> cpu.shares <value></code> For example, to limit the CPU usage to 20%: <code>lxc.cgroup.cpu.shares = 204</code> This value is relative to the CPU shares of other containers. The default value is 1024, so 204 is about 20% of one CPU. === Limiting RAM Usage === You can also limit the amount of RAM a container can use. * Limit Memory: To set a hard limit on the maximum amount of RAM a container can use, add the following line to the container’s configuration file: <code>lxc.cgroup.memory.limit_in_bytes = 512M</code> This example limits the container to 512 MB of RAM. * Limit Swap Usage: You can also limit the amount of swap memory a container can use: <code>lxc.cgroup.memory.memsw.limit_in_bytes = 1G</code> This example limits the total memory usage (RAM + swap) to 1 GB. === Applying the Changes === After editing the configuration file, restart the container to apply the changes: <pre> lxc-stop -n <container-name> lxc-start -n <container-name> </pre> == References == * [https://linuxcontainers.org/lxc/introduction/ LXC Introduction] * [https://ubuntu.com/server/docs/containers-lxc Ubuntu LXC Documentation] This wiki-formatted tutorial provides a quick start guide for CompleteNoobs to work with LXC containers on Ubuntu. It covers the basics of logging in, running commands, and moving files, which are essential operations for beginners working with containers. mwbshd8da54bmdyg3woj7esa6q5m36e 498 475 2025-04-02T09:44:29Z AwesomO 5 /* Compare the snapshots and see what has changed between them */ 498 wikitext text/x-wiki = Quick Start Guide: Ubuntu LXC Containers for CompleteNoobs = NOTES - lost all notes on localwiki when i did bad backup before nuke and pave, starting again. == Introduction == This guide will help you get started with LXC (Linux Containers) on Ubuntu. We'll cover how to login to a container, run commands from the host on the container, and move files between the host and container. == Prerequisites == * Ubuntu system with LXC installed * Basic knowledge of terminal commands ==Installing LXD== lxd comes preinstalled with ubuntu 24.04 * check current version <code>sudo lxd --version</code><br> Output: <pre> root@lxd-test:~# lxd --version 5.21.2 LTS </pre> * update snap package info <code>sudo snap refresh --list</code> * check if updated version avalible. <code>snap search</code> <br> <pre> root@lxd-test:~# snap search lxd Name Version Publisher Notes Summary lxd 5.21.2-34459c8 canonical✓ - LXD - container and VM manager lxd-bgp 0+git.a39f061 stgraber - BGP server that exposes LXD routes lxd-demo-server 0+git.6d54658 tomparrott - Online software demo sessions using LXD lxd-imagebuilder git-22d1484 tomparrott classic System container and VM image builder for LXD lxdmosaic 0+git.c6f53f3f turtle0x1 - A web interface to manage multiple instances of LXD lxd-gitlab-runner 0.1 alexclewontin - GitLab CI/CD runner with built in LXD executor microcloud 1.1-04a1c49 canonical✓ - Automated small-scale cloud deployment prometheus-juju-exporter 3.1.0 canonical✓ - Prometheus exporter for Juju machine statuses ghvmctl 0.4.1 snapcrafters✪ - A utility for manipulating virtual machines during snap testing. fabrica 1.1.0 ogra - Build snaps by simply pointing a web form to a git tree pluto 0.1.0 nuccitheboss - A swiss-army knife for managing HPC clusters built with Ubuntu hon-lxd-toolbox 0.7.40.21-b h350730 - Swiss knife of shell tools distrobuilder 3.0 stgraber classic Image builder for LXC and LXD satellite 0.1.2 alanzanattadev - Advanced scalable Open source intelligence platform </pre> All upto date already, but if was not then * update lxd <code>sudo snap refresh lxd</code> * check version is <code>snap info lxd</code><br> <code>lxd --version</code> <div class="toccolours mw-collapsible mw-collapsed"> Upgrading to Specific Channels (Optional): <div class="mw-collapsible-content"> LXD can be upgraded to specific versions or channels. This allows you to choose between stability and newer features. The available channels are: * '''latest/stable''': The most stable release, recommended for production environments * '''latest/candidate''': Release candidates, for testing before they become stable * '''latest/beta''': Beta versions, may contain bugs but offer newer features * '''latest/edge''': The most recent updates, potentially unstable To upgrade LXD to a specific channel, use the following command: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=CHANNEL_NAME </syntaxhighlight> For example, to upgrade to the stable channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/stable </syntaxhighlight> Or, to switch to the candidate channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/candidate </syntaxhighlight> * Restarting LXD After Updates (Optional) After upgrading LXD, it's sometimes necessary to restart the LXD daemon to apply changes. You can do this with the following command: <syntaxhighlight lang="bash"> sudo systemctl restart snap.lxd.daemon </syntaxhighlight> This ensures that LXD is running the most recently installed version. </div> </div> ==Add user to the lxc group== === Adding a User to the LXC Group === To manage LXC containers without using `sudo`, add your user to the `lxd` group. Add the user to the `lxd` group: <code>sudo adduser $USER lxd</code> ====Check user in group Using <b>id</b> Command==== You can use the <b>id</b> command, which shows the user's identity and associated groups: <code> id $USER </code> This will display something like: <pre> uid=1000(username) gid=1000(username) groups=1000(username),4(adm),27(sudo),109(lxd) </pre> Here, 109(lxd) indicates that the user is part of the lxd group. ==LXD Initialization== Its pretty straight forward:<br> <code>sudo lxd init</code> * [[Ubuntu_24.04_-_LXD_Initialization | If you want a LXD Initialization Guide click this link]] ==Launching First container== <code>lxc launch ubuntu:18.04 cnoobs</code><br> * IF you see: <pre> lxc launch ubuntu:18.04 cnoobs Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * REBOOT to apply changes * OR logout and backin to apply changes <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. Remember, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 cnoobs</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 cnoobs</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''cnoobs''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "cnoobs" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "cnoobs" in the example) must be unique within your LXD installation. </div> </div> == Logging into the Container == === Method 1: Using lxc exec === To log into the container directly: <code> lxc exec cnoobs -- bash </code> This command gives you a bash shell inside the container. === Method 2: Using SSH === If you prefer using SSH: 1. Install SSH in the container: <code> lxc exec cnoobs -- apt update lxc exec cnoobs -- apt install openssh-server -y </code> 2. Set a password for the ubuntu user: <code> lxc exec cnoobs -- passwd ubuntu </code> 3. Get the container's IP address: <code> lxc list cnoobs </code> 4. SSH into the container: <code> ssh ubuntu@<container_ip> </code> == Running Commands from Host on Container == To run a command in the container from the host system, use: <code> lxc exec cnoobs -- <command> </code> For example, to list files in the container's home directory: <code> lxc exec cnoobs -- ls /home/ubuntu </code> == Moving Files and Directories == === From Host to Container === Use the `lxc file push` command: <code> lxc file push /path/on/host/file.txt cnoobs/path/in/container/ </code> For example, to copy a file to the ubuntu user's home directory: <code> lxc file push ~/myfile.txt cnoobs/home/ubuntu/ </code> === From Container to Host === Use the `lxc file pull` command: <code> lxc file pull cnoobs/path/in/container/file.txt /path/on/host/ </code> For example, to copy a file from the container's home directory to the host's current directory: <code> lxc file pull cnoobs/home/ubuntu/myfile.txt ./ </code> === Moving Directories === To move entire directories, add the -r (recursive) flag: <pre> lxc file push -r ~/mydir cnoobs/home/ubuntu/ lxc file pull -r cnoobs/home/ubuntu/mydir ./ </pre> ==Snapshot and restore containers== ===If ZFS as the underlying storage driver=== ====Snapshot a Container==== To create a snapshot of a container, use the following command: <code> lxc snapshot <container_name> <snapshot_name> </code> * <container_name>: Replace this with the name of the container you want to snapshot. * <snapshot_name>: Replace this with a descriptive name for the snapshot. <b>Example:</b> <code> lxc snapshot cnoobs snapshot1 </code> This command creates a snapshot named snapshot1 of the container cnoobs. ====List Snapshots==== To view the snapshots for a specific container, you can use: <code> lxc info <container_name> </code> or more specifically for snapshots: <code> lxc snapshot list <container_name> </code> ====Restore a Snapshot==== If you need to restore a container to a previous state using a snapshot, use the following command: <code> lxc restore <container_name> <snapshot_name> </code> * <container_name>: The name of the container you want to restore. * <snapshot_name>: The name of the snapshot to which you want to revert. Example: <code> lxc restore cnoobs snapshot1 </code> This command will revert the container cnoobs to the state it was in when the snapshot1 snapshot was taken. ====Delete a Snapshot==== Once you no longer need a snapshot, you can delete it to free up space: <code> lxc delete <container_name>/<snapshot_name> </code> Example: <code> lxc delete cnoobs/snapshot1 </code> This command deletes the snapshot1 snapshot of the cnoobs container. ====Backing Up a Snapshot==== If you want to create a backup of the snapshot outside of LXD (for example, to transfer to another system), you can export it: <code> lxc export <container_name> --instance-only --snapshot <snapshot_name> <output_file.tar.gz> </code> Example: <code> lxc export mycontainer --instance-only --snapshot snapshot1 mycontainer-snapshot1.tar.gz </code> This creates a compressed tarball of the snapshot that you can store elsewhere. ===Clone/Copy a Snapshot=== This section describes how to create an Ubuntu 18.04 build container using LXD, install dependencies, snapshot it, and clone the snapshot into a new container. * Create the Build Container Launch an Ubuntu 18.04 container named `1804build`: <br> <code>lxc launch ubuntu:18.04 1804build</code> * Install Dependencies Access the container and install required packages: <br> <code>lxc exec 1804build bash</code> <br> Inside, run: <br> <code>apt update && apt install build-essential</code> <br> Install all other packages and exit when done. * Stop the Container to prepare for snapshotting <code>lxc stop 1804build</code> * Create a Snapshot named `one` <code>lxc snapshot 1804build one</code> * Clone the Snapshot - Copy the snapshot `one` to a new container called `newbuild1` <code>lxc copy 1804build/one newbuild1</code> * Start and Verify Start the new container: <br> <code>lxc start newbuild1</code> Check it’s running and has the dependencies: <br> <code>lxc exec newbuild1 bash</code> The new container `newbuild1` is now a fully independent copy of the `1804build` state at the `one` snapshot, ready for builds. ===Compare the snapshots and see what has changed between them=== ====On host <b>zfsutils-linux</b> required==== <code>sudo apt install zfsutils-linux</code> ====Get the ZFS Dataset Names for the Snapshots==== LXD snapshots are stored as ZFS datasets. First, you need to identify the ZFS dataset names associated with your LXD container snapshots. <code> zfs list -t snapshot | grep <container_name> </code> This will list all ZFS snapshots related to your container. ==== Diff the Snapshots Using ZFS ==== Once you have the snapshot names, you can use zfs diff to see the differences between two snapshots. The zfs diff command shows changes such as file creations, deletions, and modifications between two snapshots. <code> zfs diff <snapshot1> <snapshot2> </code> Example Workflow Let's assume your container is named mycontainer, and you have two snapshots snapshot1 and snapshot2. Here's how you would do it: * List the ZFS Snapshots: <code> zfs list -t snapshot | grep mycontainer </code> You might see output like this: <pre> tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </pre> Diff the Snapshots: <code> zfs diff tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </code> This command will output the differences between the two snapshots. The output might look like this: <pre> M /path/to/modified/file - /path/to/deleted/file + /path/to/added/file R /path/to/renamed/file -> /path/to/newname/file M: Modified files -: Deleted files +: Added files R: Renamed files </pre> ====Interpreting the Output==== The output will show you which files have been added, removed, or modified between the two snapshots. If you're comparing entire directories or larger datasets, this can give you a quick overview of what's changed. Notes: * ZFS Tools Required: The zfs diff command is a ZFS feature, so you need to have ZFS installed and configured. * Permissions: Ensure you have sufficient permissions to view and compare the datasets. * Efficiency: zfs diff is generally efficient but might take time depending on the size and number of changes between the snapshots. ==Limit CPU and RAM per container can use== In Ubuntu 24.04, you can limit the CPU and RAM usage of an LXC (Linux Containers) container using the built-in resource control features provided by LXC. ===Limiting CPU Usage=== You can limit the CPU usage of an LXC container in two ways: by specifying the number of CPU cores the container can use, and by setting a CPU usage limit as a percentage of the host's total CPU resources. * Limit CPU Cores: You can assign specific CPU cores to a container by editing the container's configuration file. <code>lxc-cgroup -n <container-name> cpuset.cpus <cpu-cores></code> For example, to assign CPU cores 0 and 1 to a container: <code>lxc-cgroup -n my-container cpuset.cpus 0,1</code> Alternatively, you can add the following line to the container’s configuration file (usually found in /var/lib/lxc/<container-name>/config): <code>lxc.cgroup.cpuset.cpus = 0,1</code> * Limit CPU Usage You can limit the CPU usage as a percentage of the host’s total CPU time. <code>lxc-cgroup -n <container-name> cpu.shares <value></code> For example, to limit the CPU usage to 20%: <code>lxc.cgroup.cpu.shares = 204</code> This value is relative to the CPU shares of other containers. The default value is 1024, so 204 is about 20% of one CPU. === Limiting RAM Usage === You can also limit the amount of RAM a container can use. * Limit Memory: To set a hard limit on the maximum amount of RAM a container can use, add the following line to the container’s configuration file: <code>lxc.cgroup.memory.limit_in_bytes = 512M</code> This example limits the container to 512 MB of RAM. * Limit Swap Usage: You can also limit the amount of swap memory a container can use: <code>lxc.cgroup.memory.memsw.limit_in_bytes = 1G</code> This example limits the total memory usage (RAM + swap) to 1 GB. === Applying the Changes === After editing the configuration file, restart the container to apply the changes: <pre> lxc-stop -n <container-name> lxc-start -n <container-name> </pre> == References == * [https://linuxcontainers.org/lxc/introduction/ LXC Introduction] * [https://ubuntu.com/server/docs/containers-lxc Ubuntu LXC Documentation] This wiki-formatted tutorial provides a quick start guide for CompleteNoobs to work with LXC containers on Ubuntu. It covers the basics of logging in, running commands, and moving files, which are essential operations for beginners working with containers. t3e8ilie5wze78rm9j6g8cxbgqvkz20 499 498 2025-04-05T19:53:10Z AwesomO 5 /* Running Commands from Host on Container */ 499 wikitext text/x-wiki = Quick Start Guide: Ubuntu LXC Containers for CompleteNoobs = NOTES - lost all notes on localwiki when i did bad backup before nuke and pave, starting again. == Introduction == This guide will help you get started with LXC (Linux Containers) on Ubuntu. We'll cover how to login to a container, run commands from the host on the container, and move files between the host and container. == Prerequisites == * Ubuntu system with LXC installed * Basic knowledge of terminal commands ==Installing LXD== lxd comes preinstalled with ubuntu 24.04 * check current version <code>sudo lxd --version</code><br> Output: <pre> root@lxd-test:~# lxd --version 5.21.2 LTS </pre> * update snap package info <code>sudo snap refresh --list</code> * check if updated version avalible. <code>snap search</code> <br> <pre> root@lxd-test:~# snap search lxd Name Version Publisher Notes Summary lxd 5.21.2-34459c8 canonical✓ - LXD - container and VM manager lxd-bgp 0+git.a39f061 stgraber - BGP server that exposes LXD routes lxd-demo-server 0+git.6d54658 tomparrott - Online software demo sessions using LXD lxd-imagebuilder git-22d1484 tomparrott classic System container and VM image builder for LXD lxdmosaic 0+git.c6f53f3f turtle0x1 - A web interface to manage multiple instances of LXD lxd-gitlab-runner 0.1 alexclewontin - GitLab CI/CD runner with built in LXD executor microcloud 1.1-04a1c49 canonical✓ - Automated small-scale cloud deployment prometheus-juju-exporter 3.1.0 canonical✓ - Prometheus exporter for Juju machine statuses ghvmctl 0.4.1 snapcrafters✪ - A utility for manipulating virtual machines during snap testing. fabrica 1.1.0 ogra - Build snaps by simply pointing a web form to a git tree pluto 0.1.0 nuccitheboss - A swiss-army knife for managing HPC clusters built with Ubuntu hon-lxd-toolbox 0.7.40.21-b h350730 - Swiss knife of shell tools distrobuilder 3.0 stgraber classic Image builder for LXC and LXD satellite 0.1.2 alanzanattadev - Advanced scalable Open source intelligence platform </pre> All upto date already, but if was not then * update lxd <code>sudo snap refresh lxd</code> * check version is <code>snap info lxd</code><br> <code>lxd --version</code> <div class="toccolours mw-collapsible mw-collapsed"> Upgrading to Specific Channels (Optional): <div class="mw-collapsible-content"> LXD can be upgraded to specific versions or channels. This allows you to choose between stability and newer features. The available channels are: * '''latest/stable''': The most stable release, recommended for production environments * '''latest/candidate''': Release candidates, for testing before they become stable * '''latest/beta''': Beta versions, may contain bugs but offer newer features * '''latest/edge''': The most recent updates, potentially unstable To upgrade LXD to a specific channel, use the following command: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=CHANNEL_NAME </syntaxhighlight> For example, to upgrade to the stable channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/stable </syntaxhighlight> Or, to switch to the candidate channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/candidate </syntaxhighlight> * Restarting LXD After Updates (Optional) After upgrading LXD, it's sometimes necessary to restart the LXD daemon to apply changes. You can do this with the following command: <syntaxhighlight lang="bash"> sudo systemctl restart snap.lxd.daemon </syntaxhighlight> This ensures that LXD is running the most recently installed version. </div> </div> ==Add user to the lxc group== === Adding a User to the LXC Group === To manage LXC containers without using `sudo`, add your user to the `lxd` group. Add the user to the `lxd` group: <code>sudo adduser $USER lxd</code> ====Check user in group Using <b>id</b> Command==== You can use the <b>id</b> command, which shows the user's identity and associated groups: <code> id $USER </code> This will display something like: <pre> uid=1000(username) gid=1000(username) groups=1000(username),4(adm),27(sudo),109(lxd) </pre> Here, 109(lxd) indicates that the user is part of the lxd group. ==LXD Initialization== Its pretty straight forward:<br> <code>sudo lxd init</code> * [[Ubuntu_24.04_-_LXD_Initialization | If you want a LXD Initialization Guide click this link]] ==Launching First container== <code>lxc launch ubuntu:18.04 cnoobs</code><br> * IF you see: <pre> lxc launch ubuntu:18.04 cnoobs Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * REBOOT to apply changes * OR logout and backin to apply changes <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. Remember, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 cnoobs</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 cnoobs</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''cnoobs''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "cnoobs" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "cnoobs" in the example) must be unique within your LXD installation. </div> </div> == Logging into the Container == === Method 1: Using lxc exec === To log into the container directly: <code> lxc exec cnoobs -- bash </code> This command gives you a bash shell inside the container. === Method 2: Using SSH === If you prefer using SSH: 1. Install SSH in the container: <code> lxc exec cnoobs -- apt update lxc exec cnoobs -- apt install openssh-server -y </code> 2. Set a password for the ubuntu user: <code> lxc exec cnoobs -- passwd ubuntu </code> 3. Get the container's IP address: <code> lxc list cnoobs </code> 4. SSH into the container: <code> ssh ubuntu@<container_ip> </code> == stopping and starting a container == ===Stopping container=== * stop container foo <code>lxc stop foo</code> * Kill - This explicitly kills all tasks in the container instead of requesting a clean shutdown <code>lxc stop foo -k</code> or <code>lxc stop foo --kill</code> * Force - This sends a SIGKILL signal to all processes in the container, bypassing the clean shutdown process <code>lxc stop foo --force</code> * Manually killing processes <pre> ps -ef | grep -i <container_name> kill -9 <pid> </pre> ===start container=== * start container <code>lxc start foo</code> == Running Commands from Host on Container == To run a command in the container from the host system, use: <code> lxc exec cnoobs -- <command> </code> For example, to list files in the container's home directory: <code> lxc exec cnoobs -- ls /home/ubuntu </code> == Moving Files and Directories == === From Host to Container === Use the `lxc file push` command: <code> lxc file push /path/on/host/file.txt cnoobs/path/in/container/ </code> For example, to copy a file to the ubuntu user's home directory: <code> lxc file push ~/myfile.txt cnoobs/home/ubuntu/ </code> === From Container to Host === Use the `lxc file pull` command: <code> lxc file pull cnoobs/path/in/container/file.txt /path/on/host/ </code> For example, to copy a file from the container's home directory to the host's current directory: <code> lxc file pull cnoobs/home/ubuntu/myfile.txt ./ </code> === Moving Directories === To move entire directories, add the -r (recursive) flag: <pre> lxc file push -r ~/mydir cnoobs/home/ubuntu/ lxc file pull -r cnoobs/home/ubuntu/mydir ./ </pre> ==Snapshot and restore containers== ===If ZFS as the underlying storage driver=== ====Snapshot a Container==== To create a snapshot of a container, use the following command: <code> lxc snapshot <container_name> <snapshot_name> </code> * <container_name>: Replace this with the name of the container you want to snapshot. * <snapshot_name>: Replace this with a descriptive name for the snapshot. <b>Example:</b> <code> lxc snapshot cnoobs snapshot1 </code> This command creates a snapshot named snapshot1 of the container cnoobs. ====List Snapshots==== To view the snapshots for a specific container, you can use: <code> lxc info <container_name> </code> or more specifically for snapshots: <code> lxc snapshot list <container_name> </code> ====Restore a Snapshot==== If you need to restore a container to a previous state using a snapshot, use the following command: <code> lxc restore <container_name> <snapshot_name> </code> * <container_name>: The name of the container you want to restore. * <snapshot_name>: The name of the snapshot to which you want to revert. Example: <code> lxc restore cnoobs snapshot1 </code> This command will revert the container cnoobs to the state it was in when the snapshot1 snapshot was taken. ====Delete a Snapshot==== Once you no longer need a snapshot, you can delete it to free up space: <code> lxc delete <container_name>/<snapshot_name> </code> Example: <code> lxc delete cnoobs/snapshot1 </code> This command deletes the snapshot1 snapshot of the cnoobs container. ====Backing Up a Snapshot==== If you want to create a backup of the snapshot outside of LXD (for example, to transfer to another system), you can export it: <code> lxc export <container_name> --instance-only --snapshot <snapshot_name> <output_file.tar.gz> </code> Example: <code> lxc export mycontainer --instance-only --snapshot snapshot1 mycontainer-snapshot1.tar.gz </code> This creates a compressed tarball of the snapshot that you can store elsewhere. ===Clone/Copy a Snapshot=== This section describes how to create an Ubuntu 18.04 build container using LXD, install dependencies, snapshot it, and clone the snapshot into a new container. * Create the Build Container Launch an Ubuntu 18.04 container named `1804build`: <br> <code>lxc launch ubuntu:18.04 1804build</code> * Install Dependencies Access the container and install required packages: <br> <code>lxc exec 1804build bash</code> <br> Inside, run: <br> <code>apt update && apt install build-essential</code> <br> Install all other packages and exit when done. * Stop the Container to prepare for snapshotting <code>lxc stop 1804build</code> * Create a Snapshot named `one` <code>lxc snapshot 1804build one</code> * Clone the Snapshot - Copy the snapshot `one` to a new container called `newbuild1` <code>lxc copy 1804build/one newbuild1</code> * Start and Verify Start the new container: <br> <code>lxc start newbuild1</code> Check it’s running and has the dependencies: <br> <code>lxc exec newbuild1 bash</code> The new container `newbuild1` is now a fully independent copy of the `1804build` state at the `one` snapshot, ready for builds. ===Compare the snapshots and see what has changed between them=== ====On host <b>zfsutils-linux</b> required==== <code>sudo apt install zfsutils-linux</code> ====Get the ZFS Dataset Names for the Snapshots==== LXD snapshots are stored as ZFS datasets. First, you need to identify the ZFS dataset names associated with your LXD container snapshots. <code> zfs list -t snapshot | grep <container_name> </code> This will list all ZFS snapshots related to your container. ==== Diff the Snapshots Using ZFS ==== Once you have the snapshot names, you can use zfs diff to see the differences between two snapshots. The zfs diff command shows changes such as file creations, deletions, and modifications between two snapshots. <code> zfs diff <snapshot1> <snapshot2> </code> Example Workflow Let's assume your container is named mycontainer, and you have two snapshots snapshot1 and snapshot2. Here's how you would do it: * List the ZFS Snapshots: <code> zfs list -t snapshot | grep mycontainer </code> You might see output like this: <pre> tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </pre> Diff the Snapshots: <code> zfs diff tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </code> This command will output the differences between the two snapshots. The output might look like this: <pre> M /path/to/modified/file - /path/to/deleted/file + /path/to/added/file R /path/to/renamed/file -> /path/to/newname/file M: Modified files -: Deleted files +: Added files R: Renamed files </pre> ====Interpreting the Output==== The output will show you which files have been added, removed, or modified between the two snapshots. If you're comparing entire directories or larger datasets, this can give you a quick overview of what's changed. Notes: * ZFS Tools Required: The zfs diff command is a ZFS feature, so you need to have ZFS installed and configured. * Permissions: Ensure you have sufficient permissions to view and compare the datasets. * Efficiency: zfs diff is generally efficient but might take time depending on the size and number of changes between the snapshots. ==Limit CPU and RAM per container can use== In Ubuntu 24.04, you can limit the CPU and RAM usage of an LXC (Linux Containers) container using the built-in resource control features provided by LXC. ===Limiting CPU Usage=== You can limit the CPU usage of an LXC container in two ways: by specifying the number of CPU cores the container can use, and by setting a CPU usage limit as a percentage of the host's total CPU resources. * Limit CPU Cores: You can assign specific CPU cores to a container by editing the container's configuration file. <code>lxc-cgroup -n <container-name> cpuset.cpus <cpu-cores></code> For example, to assign CPU cores 0 and 1 to a container: <code>lxc-cgroup -n my-container cpuset.cpus 0,1</code> Alternatively, you can add the following line to the container’s configuration file (usually found in /var/lib/lxc/<container-name>/config): <code>lxc.cgroup.cpuset.cpus = 0,1</code> * Limit CPU Usage You can limit the CPU usage as a percentage of the host’s total CPU time. <code>lxc-cgroup -n <container-name> cpu.shares <value></code> For example, to limit the CPU usage to 20%: <code>lxc.cgroup.cpu.shares = 204</code> This value is relative to the CPU shares of other containers. The default value is 1024, so 204 is about 20% of one CPU. === Limiting RAM Usage === You can also limit the amount of RAM a container can use. * Limit Memory: To set a hard limit on the maximum amount of RAM a container can use, add the following line to the container’s configuration file: <code>lxc.cgroup.memory.limit_in_bytes = 512M</code> This example limits the container to 512 MB of RAM. * Limit Swap Usage: You can also limit the amount of swap memory a container can use: <code>lxc.cgroup.memory.memsw.limit_in_bytes = 1G</code> This example limits the total memory usage (RAM + swap) to 1 GB. === Applying the Changes === After editing the configuration file, restart the container to apply the changes: <pre> lxc-stop -n <container-name> lxc-start -n <container-name> </pre> == References == * [https://linuxcontainers.org/lxc/introduction/ LXC Introduction] * [https://ubuntu.com/server/docs/containers-lxc Ubuntu LXC Documentation] This wiki-formatted tutorial provides a quick start guide for CompleteNoobs to work with LXC containers on Ubuntu. It covers the basics of logging in, running commands, and moving files, which are essential operations for beginners working with containers. ac08xui73cfy470ief9s65lteckyc4n 500 499 2025-04-09T19:58:53Z AwesomO 5 /* Limit CPU and RAM per container can use */ 500 wikitext text/x-wiki = Quick Start Guide: Ubuntu LXC Containers for CompleteNoobs = NOTES - lost all notes on localwiki when i did bad backup before nuke and pave, starting again. == Introduction == This guide will help you get started with LXC (Linux Containers) on Ubuntu. We'll cover how to login to a container, run commands from the host on the container, and move files between the host and container. == Prerequisites == * Ubuntu system with LXC installed * Basic knowledge of terminal commands ==Installing LXD== lxd comes preinstalled with ubuntu 24.04 * check current version <code>sudo lxd --version</code><br> Output: <pre> root@lxd-test:~# lxd --version 5.21.2 LTS </pre> * update snap package info <code>sudo snap refresh --list</code> * check if updated version avalible. <code>snap search</code> <br> <pre> root@lxd-test:~# snap search lxd Name Version Publisher Notes Summary lxd 5.21.2-34459c8 canonical✓ - LXD - container and VM manager lxd-bgp 0+git.a39f061 stgraber - BGP server that exposes LXD routes lxd-demo-server 0+git.6d54658 tomparrott - Online software demo sessions using LXD lxd-imagebuilder git-22d1484 tomparrott classic System container and VM image builder for LXD lxdmosaic 0+git.c6f53f3f turtle0x1 - A web interface to manage multiple instances of LXD lxd-gitlab-runner 0.1 alexclewontin - GitLab CI/CD runner with built in LXD executor microcloud 1.1-04a1c49 canonical✓ - Automated small-scale cloud deployment prometheus-juju-exporter 3.1.0 canonical✓ - Prometheus exporter for Juju machine statuses ghvmctl 0.4.1 snapcrafters✪ - A utility for manipulating virtual machines during snap testing. fabrica 1.1.0 ogra - Build snaps by simply pointing a web form to a git tree pluto 0.1.0 nuccitheboss - A swiss-army knife for managing HPC clusters built with Ubuntu hon-lxd-toolbox 0.7.40.21-b h350730 - Swiss knife of shell tools distrobuilder 3.0 stgraber classic Image builder for LXC and LXD satellite 0.1.2 alanzanattadev - Advanced scalable Open source intelligence platform </pre> All upto date already, but if was not then * update lxd <code>sudo snap refresh lxd</code> * check version is <code>snap info lxd</code><br> <code>lxd --version</code> <div class="toccolours mw-collapsible mw-collapsed"> Upgrading to Specific Channels (Optional): <div class="mw-collapsible-content"> LXD can be upgraded to specific versions or channels. This allows you to choose between stability and newer features. The available channels are: * '''latest/stable''': The most stable release, recommended for production environments * '''latest/candidate''': Release candidates, for testing before they become stable * '''latest/beta''': Beta versions, may contain bugs but offer newer features * '''latest/edge''': The most recent updates, potentially unstable To upgrade LXD to a specific channel, use the following command: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=CHANNEL_NAME </syntaxhighlight> For example, to upgrade to the stable channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/stable </syntaxhighlight> Or, to switch to the candidate channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/candidate </syntaxhighlight> * Restarting LXD After Updates (Optional) After upgrading LXD, it's sometimes necessary to restart the LXD daemon to apply changes. You can do this with the following command: <syntaxhighlight lang="bash"> sudo systemctl restart snap.lxd.daemon </syntaxhighlight> This ensures that LXD is running the most recently installed version. </div> </div> ==Add user to the lxc group== === Adding a User to the LXC Group === To manage LXC containers without using `sudo`, add your user to the `lxd` group. Add the user to the `lxd` group: <code>sudo adduser $USER lxd</code> ====Check user in group Using <b>id</b> Command==== You can use the <b>id</b> command, which shows the user's identity and associated groups: <code> id $USER </code> This will display something like: <pre> uid=1000(username) gid=1000(username) groups=1000(username),4(adm),27(sudo),109(lxd) </pre> Here, 109(lxd) indicates that the user is part of the lxd group. ==LXD Initialization== Its pretty straight forward:<br> <code>sudo lxd init</code> * [[Ubuntu_24.04_-_LXD_Initialization | If you want a LXD Initialization Guide click this link]] ==Launching First container== <code>lxc launch ubuntu:18.04 cnoobs</code><br> * IF you see: <pre> lxc launch ubuntu:18.04 cnoobs Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * REBOOT to apply changes * OR logout and backin to apply changes <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. Remember, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 cnoobs</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 cnoobs</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''cnoobs''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "cnoobs" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "cnoobs" in the example) must be unique within your LXD installation. </div> </div> == Logging into the Container == === Method 1: Using lxc exec === To log into the container directly: <code> lxc exec cnoobs -- bash </code> This command gives you a bash shell inside the container. === Method 2: Using SSH === If you prefer using SSH: 1. Install SSH in the container: <code> lxc exec cnoobs -- apt update lxc exec cnoobs -- apt install openssh-server -y </code> 2. Set a password for the ubuntu user: <code> lxc exec cnoobs -- passwd ubuntu </code> 3. Get the container's IP address: <code> lxc list cnoobs </code> 4. SSH into the container: <code> ssh ubuntu@<container_ip> </code> == stopping and starting a container == ===Stopping container=== * stop container foo <code>lxc stop foo</code> * Kill - This explicitly kills all tasks in the container instead of requesting a clean shutdown <code>lxc stop foo -k</code> or <code>lxc stop foo --kill</code> * Force - This sends a SIGKILL signal to all processes in the container, bypassing the clean shutdown process <code>lxc stop foo --force</code> * Manually killing processes <pre> ps -ef | grep -i <container_name> kill -9 <pid> </pre> ===start container=== * start container <code>lxc start foo</code> == Running Commands from Host on Container == To run a command in the container from the host system, use: <code> lxc exec cnoobs -- <command> </code> For example, to list files in the container's home directory: <code> lxc exec cnoobs -- ls /home/ubuntu </code> == Moving Files and Directories == === From Host to Container === Use the `lxc file push` command: <code> lxc file push /path/on/host/file.txt cnoobs/path/in/container/ </code> For example, to copy a file to the ubuntu user's home directory: <code> lxc file push ~/myfile.txt cnoobs/home/ubuntu/ </code> === From Container to Host === Use the `lxc file pull` command: <code> lxc file pull cnoobs/path/in/container/file.txt /path/on/host/ </code> For example, to copy a file from the container's home directory to the host's current directory: <code> lxc file pull cnoobs/home/ubuntu/myfile.txt ./ </code> === Moving Directories === To move entire directories, add the -r (recursive) flag: <pre> lxc file push -r ~/mydir cnoobs/home/ubuntu/ lxc file pull -r cnoobs/home/ubuntu/mydir ./ </pre> ==Snapshot and restore containers== ===If ZFS as the underlying storage driver=== ====Snapshot a Container==== To create a snapshot of a container, use the following command: <code> lxc snapshot <container_name> <snapshot_name> </code> * <container_name>: Replace this with the name of the container you want to snapshot. * <snapshot_name>: Replace this with a descriptive name for the snapshot. <b>Example:</b> <code> lxc snapshot cnoobs snapshot1 </code> This command creates a snapshot named snapshot1 of the container cnoobs. ====List Snapshots==== To view the snapshots for a specific container, you can use: <code> lxc info <container_name> </code> or more specifically for snapshots: <code> lxc snapshot list <container_name> </code> ====Restore a Snapshot==== If you need to restore a container to a previous state using a snapshot, use the following command: <code> lxc restore <container_name> <snapshot_name> </code> * <container_name>: The name of the container you want to restore. * <snapshot_name>: The name of the snapshot to which you want to revert. Example: <code> lxc restore cnoobs snapshot1 </code> This command will revert the container cnoobs to the state it was in when the snapshot1 snapshot was taken. ====Delete a Snapshot==== Once you no longer need a snapshot, you can delete it to free up space: <code> lxc delete <container_name>/<snapshot_name> </code> Example: <code> lxc delete cnoobs/snapshot1 </code> This command deletes the snapshot1 snapshot of the cnoobs container. ====Backing Up a Snapshot==== If you want to create a backup of the snapshot outside of LXD (for example, to transfer to another system), you can export it: <code> lxc export <container_name> --instance-only --snapshot <snapshot_name> <output_file.tar.gz> </code> Example: <code> lxc export mycontainer --instance-only --snapshot snapshot1 mycontainer-snapshot1.tar.gz </code> This creates a compressed tarball of the snapshot that you can store elsewhere. ===Clone/Copy a Snapshot=== This section describes how to create an Ubuntu 18.04 build container using LXD, install dependencies, snapshot it, and clone the snapshot into a new container. * Create the Build Container Launch an Ubuntu 18.04 container named `1804build`: <br> <code>lxc launch ubuntu:18.04 1804build</code> * Install Dependencies Access the container and install required packages: <br> <code>lxc exec 1804build bash</code> <br> Inside, run: <br> <code>apt update && apt install build-essential</code> <br> Install all other packages and exit when done. * Stop the Container to prepare for snapshotting <code>lxc stop 1804build</code> * Create a Snapshot named `one` <code>lxc snapshot 1804build one</code> * Clone the Snapshot - Copy the snapshot `one` to a new container called `newbuild1` <code>lxc copy 1804build/one newbuild1</code> * Start and Verify Start the new container: <br> <code>lxc start newbuild1</code> Check it’s running and has the dependencies: <br> <code>lxc exec newbuild1 bash</code> The new container `newbuild1` is now a fully independent copy of the `1804build` state at the `one` snapshot, ready for builds. ===Compare the snapshots and see what has changed between them=== ====On host <b>zfsutils-linux</b> required==== <code>sudo apt install zfsutils-linux</code> ====Get the ZFS Dataset Names for the Snapshots==== LXD snapshots are stored as ZFS datasets. First, you need to identify the ZFS dataset names associated with your LXD container snapshots. <code> zfs list -t snapshot | grep <container_name> </code> This will list all ZFS snapshots related to your container. ==== Diff the Snapshots Using ZFS ==== Once you have the snapshot names, you can use zfs diff to see the differences between two snapshots. The zfs diff command shows changes such as file creations, deletions, and modifications between two snapshots. <code> zfs diff <snapshot1> <snapshot2> </code> Example Workflow Let's assume your container is named mycontainer, and you have two snapshots snapshot1 and snapshot2. Here's how you would do it: * List the ZFS Snapshots: <code> zfs list -t snapshot | grep mycontainer </code> You might see output like this: <pre> tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </pre> Diff the Snapshots: <code> zfs diff tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </code> This command will output the differences between the two snapshots. The output might look like this: <pre> M /path/to/modified/file - /path/to/deleted/file + /path/to/added/file R /path/to/renamed/file -> /path/to/newname/file M: Modified files -: Deleted files +: Added files R: Renamed files </pre> ====Interpreting the Output==== The output will show you which files have been added, removed, or modified between the two snapshots. If you're comparing entire directories or larger datasets, this can give you a quick overview of what's changed. Notes: * ZFS Tools Required: The zfs diff command is a ZFS feature, so you need to have ZFS installed and configured. * Permissions: Ensure you have sufficient permissions to view and compare the datasets. * Efficiency: zfs diff is generally efficient but might take time depending on the size and number of changes between the snapshots. ==Limit CPU and RAM per container can use== <!-- NOT TESTED clearly flaws In Ubuntu 24.04, you can limit the CPU and RAM usage of an LXC (Linux Containers) container using the built-in resource control features provided by LXC. ===Limiting CPU Usage=== You can limit the CPU usage of an LXC container in two ways: by specifying the number of CPU cores the container can use, and by setting a CPU usage limit as a percentage of the host's total CPU resources. * Limit CPU Cores: You can assign specific CPU cores to a container by editing the container's configuration file. <code>lxc-cgroup -n <container-name> cpuset.cpus <cpu-cores></code> For example, to assign CPU cores 0 and 1 to a container: <code>lxc-cgroup -n my-container cpuset.cpus 0,1</code> Alternatively, you can add the following line to the container’s configuration file (usually found in /var/lib/lxc/<container-name>/config): <code>lxc.cgroup.cpuset.cpus = 0,1</code> * Limit CPU Usage You can limit the CPU usage as a percentage of the host’s total CPU time. <code>lxc-cgroup -n <container-name> cpu.shares <value></code> For example, to limit the CPU usage to 20%: <code>lxc.cgroup.cpu.shares = 204</code> This value is relative to the CPU shares of other containers. The default value is 1024, so 204 is about 20% of one CPU. === Limiting RAM Usage === You can also limit the amount of RAM a container can use. * Limit Memory: To set a hard limit on the maximum amount of RAM a container can use, add the following line to the container’s configuration file: <code>lxc.cgroup.memory.limit_in_bytes = 512M</code> This example limits the container to 512 MB of RAM. * Limit Swap Usage: You can also limit the amount of swap memory a container can use: <code>lxc.cgroup.memory.memsw.limit_in_bytes = 1G</code> This example limits the total memory usage (RAM + swap) to 1 GB. === Applying the Changes === After editing the configuration file, restart the container to apply the changes: <pre> lxc-stop -n <container-name> lxc-start -n <container-name> </pre> --> == References == * [https://linuxcontainers.org/lxc/introduction/ LXC Introduction] * [https://ubuntu.com/server/docs/containers-lxc Ubuntu LXC Documentation] This wiki-formatted tutorial provides a quick start guide for CompleteNoobs to work with LXC containers on Ubuntu. It covers the basics of logging in, running commands, and moving files, which are essential operations for beginners working with containers. feo4ebn5zb3ggmi9u9gxgchtghyfkr3 501 500 2025-04-09T19:59:49Z AwesomO 5 /* Limit CPU and RAM per container can use */ 501 wikitext text/x-wiki = Quick Start Guide: Ubuntu LXC Containers for CompleteNoobs = NOTES - lost all notes on localwiki when i did bad backup before nuke and pave, starting again. == Introduction == This guide will help you get started with LXC (Linux Containers) on Ubuntu. We'll cover how to login to a container, run commands from the host on the container, and move files between the host and container. == Prerequisites == * Ubuntu system with LXC installed * Basic knowledge of terminal commands ==Installing LXD== lxd comes preinstalled with ubuntu 24.04 * check current version <code>sudo lxd --version</code><br> Output: <pre> root@lxd-test:~# lxd --version 5.21.2 LTS </pre> * update snap package info <code>sudo snap refresh --list</code> * check if updated version avalible. <code>snap search</code> <br> <pre> root@lxd-test:~# snap search lxd Name Version Publisher Notes Summary lxd 5.21.2-34459c8 canonical✓ - LXD - container and VM manager lxd-bgp 0+git.a39f061 stgraber - BGP server that exposes LXD routes lxd-demo-server 0+git.6d54658 tomparrott - Online software demo sessions using LXD lxd-imagebuilder git-22d1484 tomparrott classic System container and VM image builder for LXD lxdmosaic 0+git.c6f53f3f turtle0x1 - A web interface to manage multiple instances of LXD lxd-gitlab-runner 0.1 alexclewontin - GitLab CI/CD runner with built in LXD executor microcloud 1.1-04a1c49 canonical✓ - Automated small-scale cloud deployment prometheus-juju-exporter 3.1.0 canonical✓ - Prometheus exporter for Juju machine statuses ghvmctl 0.4.1 snapcrafters✪ - A utility for manipulating virtual machines during snap testing. fabrica 1.1.0 ogra - Build snaps by simply pointing a web form to a git tree pluto 0.1.0 nuccitheboss - A swiss-army knife for managing HPC clusters built with Ubuntu hon-lxd-toolbox 0.7.40.21-b h350730 - Swiss knife of shell tools distrobuilder 3.0 stgraber classic Image builder for LXC and LXD satellite 0.1.2 alanzanattadev - Advanced scalable Open source intelligence platform </pre> All upto date already, but if was not then * update lxd <code>sudo snap refresh lxd</code> * check version is <code>snap info lxd</code><br> <code>lxd --version</code> <div class="toccolours mw-collapsible mw-collapsed"> Upgrading to Specific Channels (Optional): <div class="mw-collapsible-content"> LXD can be upgraded to specific versions or channels. This allows you to choose between stability and newer features. The available channels are: * '''latest/stable''': The most stable release, recommended for production environments * '''latest/candidate''': Release candidates, for testing before they become stable * '''latest/beta''': Beta versions, may contain bugs but offer newer features * '''latest/edge''': The most recent updates, potentially unstable To upgrade LXD to a specific channel, use the following command: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=CHANNEL_NAME </syntaxhighlight> For example, to upgrade to the stable channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/stable </syntaxhighlight> Or, to switch to the candidate channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/candidate </syntaxhighlight> * Restarting LXD After Updates (Optional) After upgrading LXD, it's sometimes necessary to restart the LXD daemon to apply changes. You can do this with the following command: <syntaxhighlight lang="bash"> sudo systemctl restart snap.lxd.daemon </syntaxhighlight> This ensures that LXD is running the most recently installed version. </div> </div> ==Add user to the lxc group== === Adding a User to the LXC Group === To manage LXC containers without using `sudo`, add your user to the `lxd` group. Add the user to the `lxd` group: <code>sudo adduser $USER lxd</code> ====Check user in group Using <b>id</b> Command==== You can use the <b>id</b> command, which shows the user's identity and associated groups: <code> id $USER </code> This will display something like: <pre> uid=1000(username) gid=1000(username) groups=1000(username),4(adm),27(sudo),109(lxd) </pre> Here, 109(lxd) indicates that the user is part of the lxd group. ==LXD Initialization== Its pretty straight forward:<br> <code>sudo lxd init</code> * [[Ubuntu_24.04_-_LXD_Initialization | If you want a LXD Initialization Guide click this link]] ==Launching First container== <code>lxc launch ubuntu:18.04 cnoobs</code><br> * IF you see: <pre> lxc launch ubuntu:18.04 cnoobs Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * REBOOT to apply changes * OR logout and backin to apply changes <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. Remember, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 cnoobs</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 cnoobs</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''cnoobs''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "cnoobs" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "cnoobs" in the example) must be unique within your LXD installation. </div> </div> == Logging into the Container == === Method 1: Using lxc exec === To log into the container directly: <code> lxc exec cnoobs -- bash </code> This command gives you a bash shell inside the container. === Method 2: Using SSH === If you prefer using SSH: 1. Install SSH in the container: <code> lxc exec cnoobs -- apt update lxc exec cnoobs -- apt install openssh-server -y </code> 2. Set a password for the ubuntu user: <code> lxc exec cnoobs -- passwd ubuntu </code> 3. Get the container's IP address: <code> lxc list cnoobs </code> 4. SSH into the container: <code> ssh ubuntu@<container_ip> </code> == stopping and starting a container == ===Stopping container=== * stop container foo <code>lxc stop foo</code> * Kill - This explicitly kills all tasks in the container instead of requesting a clean shutdown <code>lxc stop foo -k</code> or <code>lxc stop foo --kill</code> * Force - This sends a SIGKILL signal to all processes in the container, bypassing the clean shutdown process <code>lxc stop foo --force</code> * Manually killing processes <pre> ps -ef | grep -i <container_name> kill -9 <pid> </pre> ===start container=== * start container <code>lxc start foo</code> == Running Commands from Host on Container == To run a command in the container from the host system, use: <code> lxc exec cnoobs -- <command> </code> For example, to list files in the container's home directory: <code> lxc exec cnoobs -- ls /home/ubuntu </code> == Moving Files and Directories == === From Host to Container === Use the `lxc file push` command: <code> lxc file push /path/on/host/file.txt cnoobs/path/in/container/ </code> For example, to copy a file to the ubuntu user's home directory: <code> lxc file push ~/myfile.txt cnoobs/home/ubuntu/ </code> === From Container to Host === Use the `lxc file pull` command: <code> lxc file pull cnoobs/path/in/container/file.txt /path/on/host/ </code> For example, to copy a file from the container's home directory to the host's current directory: <code> lxc file pull cnoobs/home/ubuntu/myfile.txt ./ </code> === Moving Directories === To move entire directories, add the -r (recursive) flag: <pre> lxc file push -r ~/mydir cnoobs/home/ubuntu/ lxc file pull -r cnoobs/home/ubuntu/mydir ./ </pre> ==Snapshot and restore containers== ===If ZFS as the underlying storage driver=== ====Snapshot a Container==== To create a snapshot of a container, use the following command: <code> lxc snapshot <container_name> <snapshot_name> </code> * <container_name>: Replace this with the name of the container you want to snapshot. * <snapshot_name>: Replace this with a descriptive name for the snapshot. <b>Example:</b> <code> lxc snapshot cnoobs snapshot1 </code> This command creates a snapshot named snapshot1 of the container cnoobs. ====List Snapshots==== To view the snapshots for a specific container, you can use: <code> lxc info <container_name> </code> or more specifically for snapshots: <code> lxc snapshot list <container_name> </code> ====Restore a Snapshot==== If you need to restore a container to a previous state using a snapshot, use the following command: <code> lxc restore <container_name> <snapshot_name> </code> * <container_name>: The name of the container you want to restore. * <snapshot_name>: The name of the snapshot to which you want to revert. Example: <code> lxc restore cnoobs snapshot1 </code> This command will revert the container cnoobs to the state it was in when the snapshot1 snapshot was taken. ====Delete a Snapshot==== Once you no longer need a snapshot, you can delete it to free up space: <code> lxc delete <container_name>/<snapshot_name> </code> Example: <code> lxc delete cnoobs/snapshot1 </code> This command deletes the snapshot1 snapshot of the cnoobs container. ====Backing Up a Snapshot==== If you want to create a backup of the snapshot outside of LXD (for example, to transfer to another system), you can export it: <code> lxc export <container_name> --instance-only --snapshot <snapshot_name> <output_file.tar.gz> </code> Example: <code> lxc export mycontainer --instance-only --snapshot snapshot1 mycontainer-snapshot1.tar.gz </code> This creates a compressed tarball of the snapshot that you can store elsewhere. ===Clone/Copy a Snapshot=== This section describes how to create an Ubuntu 18.04 build container using LXD, install dependencies, snapshot it, and clone the snapshot into a new container. * Create the Build Container Launch an Ubuntu 18.04 container named `1804build`: <br> <code>lxc launch ubuntu:18.04 1804build</code> * Install Dependencies Access the container and install required packages: <br> <code>lxc exec 1804build bash</code> <br> Inside, run: <br> <code>apt update && apt install build-essential</code> <br> Install all other packages and exit when done. * Stop the Container to prepare for snapshotting <code>lxc stop 1804build</code> * Create a Snapshot named `one` <code>lxc snapshot 1804build one</code> * Clone the Snapshot - Copy the snapshot `one` to a new container called `newbuild1` <code>lxc copy 1804build/one newbuild1</code> * Start and Verify Start the new container: <br> <code>lxc start newbuild1</code> Check it’s running and has the dependencies: <br> <code>lxc exec newbuild1 bash</code> The new container `newbuild1` is now a fully independent copy of the `1804build` state at the `one` snapshot, ready for builds. ===Compare the snapshots and see what has changed between them=== ====On host <b>zfsutils-linux</b> required==== <code>sudo apt install zfsutils-linux</code> ====Get the ZFS Dataset Names for the Snapshots==== LXD snapshots are stored as ZFS datasets. First, you need to identify the ZFS dataset names associated with your LXD container snapshots. <code> zfs list -t snapshot | grep <container_name> </code> This will list all ZFS snapshots related to your container. ==== Diff the Snapshots Using ZFS ==== Once you have the snapshot names, you can use zfs diff to see the differences between two snapshots. The zfs diff command shows changes such as file creations, deletions, and modifications between two snapshots. <code> zfs diff <snapshot1> <snapshot2> </code> Example Workflow Let's assume your container is named mycontainer, and you have two snapshots snapshot1 and snapshot2. Here's how you would do it: * List the ZFS Snapshots: <code> zfs list -t snapshot | grep mycontainer </code> You might see output like this: <pre> tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </pre> Diff the Snapshots: <code> zfs diff tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </code> This command will output the differences between the two snapshots. The output might look like this: <pre> M /path/to/modified/file - /path/to/deleted/file + /path/to/added/file R /path/to/renamed/file -> /path/to/newname/file M: Modified files -: Deleted files +: Added files R: Renamed files </pre> ====Interpreting the Output==== The output will show you which files have been added, removed, or modified between the two snapshots. If you're comparing entire directories or larger datasets, this can give you a quick overview of what's changed. Notes: * ZFS Tools Required: The zfs diff command is a ZFS feature, so you need to have ZFS installed and configured. * Permissions: Ensure you have sufficient permissions to view and compare the datasets. * Efficiency: zfs diff is generally efficient but might take time depending on the size and number of changes between the snapshots. ==Rename Containers== <code>lxc rename <old-container-name> <new-container-name></code> ==Limit CPU and RAM per container can use== <!-- NOT TESTED clearly flaws In Ubuntu 24.04, you can limit the CPU and RAM usage of an LXC (Linux Containers) container using the built-in resource control features provided by LXC. ===Limiting CPU Usage=== You can limit the CPU usage of an LXC container in two ways: by specifying the number of CPU cores the container can use, and by setting a CPU usage limit as a percentage of the host's total CPU resources. * Limit CPU Cores: You can assign specific CPU cores to a container by editing the container's configuration file. <code>lxc-cgroup -n <container-name> cpuset.cpus <cpu-cores></code> For example, to assign CPU cores 0 and 1 to a container: <code>lxc-cgroup -n my-container cpuset.cpus 0,1</code> Alternatively, you can add the following line to the container’s configuration file (usually found in /var/lib/lxc/<container-name>/config): <code>lxc.cgroup.cpuset.cpus = 0,1</code> * Limit CPU Usage You can limit the CPU usage as a percentage of the host’s total CPU time. <code>lxc-cgroup -n <container-name> cpu.shares <value></code> For example, to limit the CPU usage to 20%: <code>lxc.cgroup.cpu.shares = 204</code> This value is relative to the CPU shares of other containers. The default value is 1024, so 204 is about 20% of one CPU. === Limiting RAM Usage === You can also limit the amount of RAM a container can use. * Limit Memory: To set a hard limit on the maximum amount of RAM a container can use, add the following line to the container’s configuration file: <code>lxc.cgroup.memory.limit_in_bytes = 512M</code> This example limits the container to 512 MB of RAM. * Limit Swap Usage: You can also limit the amount of swap memory a container can use: <code>lxc.cgroup.memory.memsw.limit_in_bytes = 1G</code> This example limits the total memory usage (RAM + swap) to 1 GB. === Applying the Changes === After editing the configuration file, restart the container to apply the changes: <pre> lxc-stop -n <container-name> lxc-start -n <container-name> </pre> --> == References == * [https://linuxcontainers.org/lxc/introduction/ LXC Introduction] * [https://ubuntu.com/server/docs/containers-lxc Ubuntu LXC Documentation] This wiki-formatted tutorial provides a quick start guide for CompleteNoobs to work with LXC containers on Ubuntu. It covers the basics of logging in, running commands, and moving files, which are essential operations for beginners working with containers. o562h3vdldp68suq5y615s04lm6eazn 502 501 2025-04-09T20:12:56Z AwesomO 5 /* Clone/Copy a Snapshot */ 502 wikitext text/x-wiki = Quick Start Guide: Ubuntu LXC Containers for CompleteNoobs = NOTES - lost all notes on localwiki when i did bad backup before nuke and pave, starting again. == Introduction == This guide will help you get started with LXC (Linux Containers) on Ubuntu. We'll cover how to login to a container, run commands from the host on the container, and move files between the host and container. == Prerequisites == * Ubuntu system with LXC installed * Basic knowledge of terminal commands ==Installing LXD== lxd comes preinstalled with ubuntu 24.04 * check current version <code>sudo lxd --version</code><br> Output: <pre> root@lxd-test:~# lxd --version 5.21.2 LTS </pre> * update snap package info <code>sudo snap refresh --list</code> * check if updated version avalible. <code>snap search</code> <br> <pre> root@lxd-test:~# snap search lxd Name Version Publisher Notes Summary lxd 5.21.2-34459c8 canonical✓ - LXD - container and VM manager lxd-bgp 0+git.a39f061 stgraber - BGP server that exposes LXD routes lxd-demo-server 0+git.6d54658 tomparrott - Online software demo sessions using LXD lxd-imagebuilder git-22d1484 tomparrott classic System container and VM image builder for LXD lxdmosaic 0+git.c6f53f3f turtle0x1 - A web interface to manage multiple instances of LXD lxd-gitlab-runner 0.1 alexclewontin - GitLab CI/CD runner with built in LXD executor microcloud 1.1-04a1c49 canonical✓ - Automated small-scale cloud deployment prometheus-juju-exporter 3.1.0 canonical✓ - Prometheus exporter for Juju machine statuses ghvmctl 0.4.1 snapcrafters✪ - A utility for manipulating virtual machines during snap testing. fabrica 1.1.0 ogra - Build snaps by simply pointing a web form to a git tree pluto 0.1.0 nuccitheboss - A swiss-army knife for managing HPC clusters built with Ubuntu hon-lxd-toolbox 0.7.40.21-b h350730 - Swiss knife of shell tools distrobuilder 3.0 stgraber classic Image builder for LXC and LXD satellite 0.1.2 alanzanattadev - Advanced scalable Open source intelligence platform </pre> All upto date already, but if was not then * update lxd <code>sudo snap refresh lxd</code> * check version is <code>snap info lxd</code><br> <code>lxd --version</code> <div class="toccolours mw-collapsible mw-collapsed"> Upgrading to Specific Channels (Optional): <div class="mw-collapsible-content"> LXD can be upgraded to specific versions or channels. This allows you to choose between stability and newer features. The available channels are: * '''latest/stable''': The most stable release, recommended for production environments * '''latest/candidate''': Release candidates, for testing before they become stable * '''latest/beta''': Beta versions, may contain bugs but offer newer features * '''latest/edge''': The most recent updates, potentially unstable To upgrade LXD to a specific channel, use the following command: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=CHANNEL_NAME </syntaxhighlight> For example, to upgrade to the stable channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/stable </syntaxhighlight> Or, to switch to the candidate channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/candidate </syntaxhighlight> * Restarting LXD After Updates (Optional) After upgrading LXD, it's sometimes necessary to restart the LXD daemon to apply changes. You can do this with the following command: <syntaxhighlight lang="bash"> sudo systemctl restart snap.lxd.daemon </syntaxhighlight> This ensures that LXD is running the most recently installed version. </div> </div> ==Add user to the lxc group== === Adding a User to the LXC Group === To manage LXC containers without using `sudo`, add your user to the `lxd` group. Add the user to the `lxd` group: <code>sudo adduser $USER lxd</code> ====Check user in group Using <b>id</b> Command==== You can use the <b>id</b> command, which shows the user's identity and associated groups: <code> id $USER </code> This will display something like: <pre> uid=1000(username) gid=1000(username) groups=1000(username),4(adm),27(sudo),109(lxd) </pre> Here, 109(lxd) indicates that the user is part of the lxd group. ==LXD Initialization== Its pretty straight forward:<br> <code>sudo lxd init</code> * [[Ubuntu_24.04_-_LXD_Initialization | If you want a LXD Initialization Guide click this link]] ==Launching First container== <code>lxc launch ubuntu:18.04 cnoobs</code><br> * IF you see: <pre> lxc launch ubuntu:18.04 cnoobs Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * REBOOT to apply changes * OR logout and backin to apply changes <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. Remember, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 cnoobs</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 cnoobs</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''cnoobs''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "cnoobs" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "cnoobs" in the example) must be unique within your LXD installation. </div> </div> == Logging into the Container == === Method 1: Using lxc exec === To log into the container directly: <code> lxc exec cnoobs -- bash </code> This command gives you a bash shell inside the container. === Method 2: Using SSH === If you prefer using SSH: 1. Install SSH in the container: <code> lxc exec cnoobs -- apt update lxc exec cnoobs -- apt install openssh-server -y </code> 2. Set a password for the ubuntu user: <code> lxc exec cnoobs -- passwd ubuntu </code> 3. Get the container's IP address: <code> lxc list cnoobs </code> 4. SSH into the container: <code> ssh ubuntu@<container_ip> </code> == stopping and starting a container == ===Stopping container=== * stop container foo <code>lxc stop foo</code> * Kill - This explicitly kills all tasks in the container instead of requesting a clean shutdown <code>lxc stop foo -k</code> or <code>lxc stop foo --kill</code> * Force - This sends a SIGKILL signal to all processes in the container, bypassing the clean shutdown process <code>lxc stop foo --force</code> * Manually killing processes <pre> ps -ef | grep -i <container_name> kill -9 <pid> </pre> ===start container=== * start container <code>lxc start foo</code> == Running Commands from Host on Container == To run a command in the container from the host system, use: <code> lxc exec cnoobs -- <command> </code> For example, to list files in the container's home directory: <code> lxc exec cnoobs -- ls /home/ubuntu </code> == Moving Files and Directories == === From Host to Container === Use the `lxc file push` command: <code> lxc file push /path/on/host/file.txt cnoobs/path/in/container/ </code> For example, to copy a file to the ubuntu user's home directory: <code> lxc file push ~/myfile.txt cnoobs/home/ubuntu/ </code> === From Container to Host === Use the `lxc file pull` command: <code> lxc file pull cnoobs/path/in/container/file.txt /path/on/host/ </code> For example, to copy a file from the container's home directory to the host's current directory: <code> lxc file pull cnoobs/home/ubuntu/myfile.txt ./ </code> === Moving Directories === To move entire directories, add the -r (recursive) flag: <pre> lxc file push -r ~/mydir cnoobs/home/ubuntu/ lxc file pull -r cnoobs/home/ubuntu/mydir ./ </pre> ==Snapshot and restore containers== ===If ZFS as the underlying storage driver=== ====Snapshot a Container==== To create a snapshot of a container, use the following command: <code> lxc snapshot <container_name> <snapshot_name> </code> * <container_name>: Replace this with the name of the container you want to snapshot. * <snapshot_name>: Replace this with a descriptive name for the snapshot. <b>Example:</b> <code> lxc snapshot cnoobs snapshot1 </code> This command creates a snapshot named snapshot1 of the container cnoobs. ====List Snapshots==== To view the snapshots for a specific container, you can use: <code> lxc info <container_name> </code> or more specifically for snapshots: <code> lxc snapshot list <container_name> </code> ====Restore a Snapshot==== If you need to restore a container to a previous state using a snapshot, use the following command: <code> lxc restore <container_name> <snapshot_name> </code> * <container_name>: The name of the container you want to restore. * <snapshot_name>: The name of the snapshot to which you want to revert. Example: <code> lxc restore cnoobs snapshot1 </code> This command will revert the container cnoobs to the state it was in when the snapshot1 snapshot was taken. ====Delete a Snapshot==== Once you no longer need a snapshot, you can delete it to free up space: <code> lxc delete <container_name>/<snapshot_name> </code> Example: <code> lxc delete cnoobs/snapshot1 </code> This command deletes the snapshot1 snapshot of the cnoobs container. ====Backing Up a Snapshot==== If you want to create a backup of the snapshot outside of LXD (for example, to transfer to another system), you can export it: <code> lxc export <container_name> --instance-only --snapshot <snapshot_name> <output_file.tar.gz> </code> Example: <code> lxc export mycontainer --instance-only --snapshot snapshot1 mycontainer-snapshot1.tar.gz </code> This creates a compressed tarball of the snapshot that you can store elsewhere. ===Clone/Copy a Snapshot=== This section describes how to create an Ubuntu 18.04 build container using LXD, install dependencies, snapshot it, and clone the snapshot into a new container. * Create the Build Container Launch an Ubuntu 18.04 container named `1804build`: <br> <code>lxc launch ubuntu:18.04 1804build</code> * Install Dependencies Access the container and install required packages: <br> <code>lxc exec 1804build bash</code> <br> Inside, run: <br> <code>apt update && apt install build-essential</code> <br> Install all other packages and exit when done. * Stop the Container to prepare for snapshotting <code>lxc stop 1804build</code> * Create a Snapshot named `one` <code>lxc snapshot 1804build one</code> * Clone the Snapshot - Copy the snapshot `one` to a new container called `newbuild1` <code>lxc copy 1804build/one newbuild1</code> * Start and Verify Start the new container: <br> <code>lxc start newbuild1</code> Check it’s running and has the dependencies: <br> <code>lxc exec newbuild1 bash</code> The new container `newbuild1` is now a fully independent copy of the `1804build` state at the `one` snapshot, ready for builds. ====To see snapshot names==== * you should see which containers all ready have snapshots on the right side colume when you <code>lxc ls</code> * to see the snapshot names of the containers: <code>lxc info <container_name></code> ===Compare the snapshots and see what has changed between them=== ====On host <b>zfsutils-linux</b> required==== <code>sudo apt install zfsutils-linux</code> ====Get the ZFS Dataset Names for the Snapshots==== LXD snapshots are stored as ZFS datasets. First, you need to identify the ZFS dataset names associated with your LXD container snapshots. <code> zfs list -t snapshot | grep <container_name> </code> This will list all ZFS snapshots related to your container. ==== Diff the Snapshots Using ZFS ==== Once you have the snapshot names, you can use zfs diff to see the differences between two snapshots. The zfs diff command shows changes such as file creations, deletions, and modifications between two snapshots. <code> zfs diff <snapshot1> <snapshot2> </code> Example Workflow Let's assume your container is named mycontainer, and you have two snapshots snapshot1 and snapshot2. Here's how you would do it: * List the ZFS Snapshots: <code> zfs list -t snapshot | grep mycontainer </code> You might see output like this: <pre> tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </pre> Diff the Snapshots: <code> zfs diff tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </code> This command will output the differences between the two snapshots. The output might look like this: <pre> M /path/to/modified/file - /path/to/deleted/file + /path/to/added/file R /path/to/renamed/file -> /path/to/newname/file M: Modified files -: Deleted files +: Added files R: Renamed files </pre> ====Interpreting the Output==== The output will show you which files have been added, removed, or modified between the two snapshots. If you're comparing entire directories or larger datasets, this can give you a quick overview of what's changed. Notes: * ZFS Tools Required: The zfs diff command is a ZFS feature, so you need to have ZFS installed and configured. * Permissions: Ensure you have sufficient permissions to view and compare the datasets. * Efficiency: zfs diff is generally efficient but might take time depending on the size and number of changes between the snapshots. ==Rename Containers== <code>lxc rename <old-container-name> <new-container-name></code> ==Limit CPU and RAM per container can use== <!-- NOT TESTED clearly flaws In Ubuntu 24.04, you can limit the CPU and RAM usage of an LXC (Linux Containers) container using the built-in resource control features provided by LXC. ===Limiting CPU Usage=== You can limit the CPU usage of an LXC container in two ways: by specifying the number of CPU cores the container can use, and by setting a CPU usage limit as a percentage of the host's total CPU resources. * Limit CPU Cores: You can assign specific CPU cores to a container by editing the container's configuration file. <code>lxc-cgroup -n <container-name> cpuset.cpus <cpu-cores></code> For example, to assign CPU cores 0 and 1 to a container: <code>lxc-cgroup -n my-container cpuset.cpus 0,1</code> Alternatively, you can add the following line to the container’s configuration file (usually found in /var/lib/lxc/<container-name>/config): <code>lxc.cgroup.cpuset.cpus = 0,1</code> * Limit CPU Usage You can limit the CPU usage as a percentage of the host’s total CPU time. <code>lxc-cgroup -n <container-name> cpu.shares <value></code> For example, to limit the CPU usage to 20%: <code>lxc.cgroup.cpu.shares = 204</code> This value is relative to the CPU shares of other containers. The default value is 1024, so 204 is about 20% of one CPU. === Limiting RAM Usage === You can also limit the amount of RAM a container can use. * Limit Memory: To set a hard limit on the maximum amount of RAM a container can use, add the following line to the container’s configuration file: <code>lxc.cgroup.memory.limit_in_bytes = 512M</code> This example limits the container to 512 MB of RAM. * Limit Swap Usage: You can also limit the amount of swap memory a container can use: <code>lxc.cgroup.memory.memsw.limit_in_bytes = 1G</code> This example limits the total memory usage (RAM + swap) to 1 GB. === Applying the Changes === After editing the configuration file, restart the container to apply the changes: <pre> lxc-stop -n <container-name> lxc-start -n <container-name> </pre> --> == References == * [https://linuxcontainers.org/lxc/introduction/ LXC Introduction] * [https://ubuntu.com/server/docs/containers-lxc Ubuntu LXC Documentation] This wiki-formatted tutorial provides a quick start guide for CompleteNoobs to work with LXC containers on Ubuntu. It covers the basics of logging in, running commands, and moving files, which are essential operations for beginners working with containers. 0ow3j5t2ck4l76jb1gr4euvyouy62ac 565 502 2025-06-05T13:27:16Z AwesomO 5 /* Rename Containers */ 565 wikitext text/x-wiki = Quick Start Guide: Ubuntu LXC Containers for CompleteNoobs = NOTES - lost all notes on localwiki when i did bad backup before nuke and pave, starting again. == Introduction == This guide will help you get started with LXC (Linux Containers) on Ubuntu. We'll cover how to login to a container, run commands from the host on the container, and move files between the host and container. == Prerequisites == * Ubuntu system with LXC installed * Basic knowledge of terminal commands ==Installing LXD== lxd comes preinstalled with ubuntu 24.04 * check current version <code>sudo lxd --version</code><br> Output: <pre> root@lxd-test:~# lxd --version 5.21.2 LTS </pre> * update snap package info <code>sudo snap refresh --list</code> * check if updated version avalible. <code>snap search</code> <br> <pre> root@lxd-test:~# snap search lxd Name Version Publisher Notes Summary lxd 5.21.2-34459c8 canonical✓ - LXD - container and VM manager lxd-bgp 0+git.a39f061 stgraber - BGP server that exposes LXD routes lxd-demo-server 0+git.6d54658 tomparrott - Online software demo sessions using LXD lxd-imagebuilder git-22d1484 tomparrott classic System container and VM image builder for LXD lxdmosaic 0+git.c6f53f3f turtle0x1 - A web interface to manage multiple instances of LXD lxd-gitlab-runner 0.1 alexclewontin - GitLab CI/CD runner with built in LXD executor microcloud 1.1-04a1c49 canonical✓ - Automated small-scale cloud deployment prometheus-juju-exporter 3.1.0 canonical✓ - Prometheus exporter for Juju machine statuses ghvmctl 0.4.1 snapcrafters✪ - A utility for manipulating virtual machines during snap testing. fabrica 1.1.0 ogra - Build snaps by simply pointing a web form to a git tree pluto 0.1.0 nuccitheboss - A swiss-army knife for managing HPC clusters built with Ubuntu hon-lxd-toolbox 0.7.40.21-b h350730 - Swiss knife of shell tools distrobuilder 3.0 stgraber classic Image builder for LXC and LXD satellite 0.1.2 alanzanattadev - Advanced scalable Open source intelligence platform </pre> All upto date already, but if was not then * update lxd <code>sudo snap refresh lxd</code> * check version is <code>snap info lxd</code><br> <code>lxd --version</code> <div class="toccolours mw-collapsible mw-collapsed"> Upgrading to Specific Channels (Optional): <div class="mw-collapsible-content"> LXD can be upgraded to specific versions or channels. This allows you to choose between stability and newer features. The available channels are: * '''latest/stable''': The most stable release, recommended for production environments * '''latest/candidate''': Release candidates, for testing before they become stable * '''latest/beta''': Beta versions, may contain bugs but offer newer features * '''latest/edge''': The most recent updates, potentially unstable To upgrade LXD to a specific channel, use the following command: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=CHANNEL_NAME </syntaxhighlight> For example, to upgrade to the stable channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/stable </syntaxhighlight> Or, to switch to the candidate channel: <syntaxhighlight lang="bash"> sudo snap refresh lxd --channel=latest/candidate </syntaxhighlight> * Restarting LXD After Updates (Optional) After upgrading LXD, it's sometimes necessary to restart the LXD daemon to apply changes. You can do this with the following command: <syntaxhighlight lang="bash"> sudo systemctl restart snap.lxd.daemon </syntaxhighlight> This ensures that LXD is running the most recently installed version. </div> </div> ==Add user to the lxc group== === Adding a User to the LXC Group === To manage LXC containers without using `sudo`, add your user to the `lxd` group. Add the user to the `lxd` group: <code>sudo adduser $USER lxd</code> ====Check user in group Using <b>id</b> Command==== You can use the <b>id</b> command, which shows the user's identity and associated groups: <code> id $USER </code> This will display something like: <pre> uid=1000(username) gid=1000(username) groups=1000(username),4(adm),27(sudo),109(lxd) </pre> Here, 109(lxd) indicates that the user is part of the lxd group. ==LXD Initialization== Its pretty straight forward:<br> <code>sudo lxd init</code> * [[Ubuntu_24.04_-_LXD_Initialization | If you want a LXD Initialization Guide click this link]] ==Launching First container== <code>lxc launch ubuntu:18.04 cnoobs</code><br> * IF you see: <pre> lxc launch ubuntu:18.04 cnoobs Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * REBOOT to apply changes * OR logout and backin to apply changes <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. Remember, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 cnoobs</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 cnoobs</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''cnoobs''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "cnoobs" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "cnoobs" in the example) must be unique within your LXD installation. </div> </div> == Logging into the Container == === Method 1: Using lxc exec === To log into the container directly: <code> lxc exec cnoobs -- bash </code> This command gives you a bash shell inside the container. === Method 2: Using SSH === If you prefer using SSH: 1. Install SSH in the container: <code> lxc exec cnoobs -- apt update lxc exec cnoobs -- apt install openssh-server -y </code> 2. Set a password for the ubuntu user: <code> lxc exec cnoobs -- passwd ubuntu </code> 3. Get the container's IP address: <code> lxc list cnoobs </code> 4. SSH into the container: <code> ssh ubuntu@<container_ip> </code> == stopping and starting a container == ===Stopping container=== * stop container foo <code>lxc stop foo</code> * Kill - This explicitly kills all tasks in the container instead of requesting a clean shutdown <code>lxc stop foo -k</code> or <code>lxc stop foo --kill</code> * Force - This sends a SIGKILL signal to all processes in the container, bypassing the clean shutdown process <code>lxc stop foo --force</code> * Manually killing processes <pre> ps -ef | grep -i <container_name> kill -9 <pid> </pre> ===start container=== * start container <code>lxc start foo</code> == Running Commands from Host on Container == To run a command in the container from the host system, use: <code> lxc exec cnoobs -- <command> </code> For example, to list files in the container's home directory: <code> lxc exec cnoobs -- ls /home/ubuntu </code> == Moving Files and Directories == === From Host to Container === Use the `lxc file push` command: <code> lxc file push /path/on/host/file.txt cnoobs/path/in/container/ </code> For example, to copy a file to the ubuntu user's home directory: <code> lxc file push ~/myfile.txt cnoobs/home/ubuntu/ </code> === From Container to Host === Use the `lxc file pull` command: <code> lxc file pull cnoobs/path/in/container/file.txt /path/on/host/ </code> For example, to copy a file from the container's home directory to the host's current directory: <code> lxc file pull cnoobs/home/ubuntu/myfile.txt ./ </code> === Moving Directories === To move entire directories, add the -r (recursive) flag: <pre> lxc file push -r ~/mydir cnoobs/home/ubuntu/ lxc file pull -r cnoobs/home/ubuntu/mydir ./ </pre> ==Snapshot and restore containers== ===If ZFS as the underlying storage driver=== ====Snapshot a Container==== To create a snapshot of a container, use the following command: <code> lxc snapshot <container_name> <snapshot_name> </code> * <container_name>: Replace this with the name of the container you want to snapshot. * <snapshot_name>: Replace this with a descriptive name for the snapshot. <b>Example:</b> <code> lxc snapshot cnoobs snapshot1 </code> This command creates a snapshot named snapshot1 of the container cnoobs. ====List Snapshots==== To view the snapshots for a specific container, you can use: <code> lxc info <container_name> </code> or more specifically for snapshots: <code> lxc snapshot list <container_name> </code> ====Restore a Snapshot==== If you need to restore a container to a previous state using a snapshot, use the following command: <code> lxc restore <container_name> <snapshot_name> </code> * <container_name>: The name of the container you want to restore. * <snapshot_name>: The name of the snapshot to which you want to revert. Example: <code> lxc restore cnoobs snapshot1 </code> This command will revert the container cnoobs to the state it was in when the snapshot1 snapshot was taken. ====Delete a Snapshot==== Once you no longer need a snapshot, you can delete it to free up space: <code> lxc delete <container_name>/<snapshot_name> </code> Example: <code> lxc delete cnoobs/snapshot1 </code> This command deletes the snapshot1 snapshot of the cnoobs container. ====Backing Up a Snapshot==== If you want to create a backup of the snapshot outside of LXD (for example, to transfer to another system), you can export it: <code> lxc export <container_name> --instance-only --snapshot <snapshot_name> <output_file.tar.gz> </code> Example: <code> lxc export mycontainer --instance-only --snapshot snapshot1 mycontainer-snapshot1.tar.gz </code> This creates a compressed tarball of the snapshot that you can store elsewhere. ===Clone/Copy a Snapshot=== This section describes how to create an Ubuntu 18.04 build container using LXD, install dependencies, snapshot it, and clone the snapshot into a new container. * Create the Build Container Launch an Ubuntu 18.04 container named `1804build`: <br> <code>lxc launch ubuntu:18.04 1804build</code> * Install Dependencies Access the container and install required packages: <br> <code>lxc exec 1804build bash</code> <br> Inside, run: <br> <code>apt update && apt install build-essential</code> <br> Install all other packages and exit when done. * Stop the Container to prepare for snapshotting <code>lxc stop 1804build</code> * Create a Snapshot named `one` <code>lxc snapshot 1804build one</code> * Clone the Snapshot - Copy the snapshot `one` to a new container called `newbuild1` <code>lxc copy 1804build/one newbuild1</code> * Start and Verify Start the new container: <br> <code>lxc start newbuild1</code> Check it’s running and has the dependencies: <br> <code>lxc exec newbuild1 bash</code> The new container `newbuild1` is now a fully independent copy of the `1804build` state at the `one` snapshot, ready for builds. ====To see snapshot names==== * you should see which containers all ready have snapshots on the right side colume when you <code>lxc ls</code> * to see the snapshot names of the containers: <code>lxc info <container_name></code> ===Compare the snapshots and see what has changed between them=== ====On host <b>zfsutils-linux</b> required==== <code>sudo apt install zfsutils-linux</code> ====Get the ZFS Dataset Names for the Snapshots==== LXD snapshots are stored as ZFS datasets. First, you need to identify the ZFS dataset names associated with your LXD container snapshots. <code> zfs list -t snapshot | grep <container_name> </code> This will list all ZFS snapshots related to your container. ==== Diff the Snapshots Using ZFS ==== Once you have the snapshot names, you can use zfs diff to see the differences between two snapshots. The zfs diff command shows changes such as file creations, deletions, and modifications between two snapshots. <code> zfs diff <snapshot1> <snapshot2> </code> Example Workflow Let's assume your container is named mycontainer, and you have two snapshots snapshot1 and snapshot2. Here's how you would do it: * List the ZFS Snapshots: <code> zfs list -t snapshot | grep mycontainer </code> You might see output like this: <pre> tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </pre> Diff the Snapshots: <code> zfs diff tank/containers/mycontainer@snapshot1 tank/containers/mycontainer@snapshot2 </code> This command will output the differences between the two snapshots. The output might look like this: <pre> M /path/to/modified/file - /path/to/deleted/file + /path/to/added/file R /path/to/renamed/file -> /path/to/newname/file M: Modified files -: Deleted files +: Added files R: Renamed files </pre> ====Interpreting the Output==== The output will show you which files have been added, removed, or modified between the two snapshots. If you're comparing entire directories or larger datasets, this can give you a quick overview of what's changed. Notes: * ZFS Tools Required: The zfs diff command is a ZFS feature, so you need to have ZFS installed and configured. * Permissions: Ensure you have sufficient permissions to view and compare the datasets. * Efficiency: zfs diff is generally efficient but might take time depending on the size and number of changes between the snapshots. ==Rename Containers== <code>lxc rename <old-container-name> <new-container-name></code> ==Fix Networking Problems When Using Docker with LXC== To resolve networking conflicts between Docker and LXC containers on Ubuntu 24.04, enable IP forwarding on the host system: * Open the sysctl configuration file in your preferred editor <code>sudo $EDITOR /etc/sysctl.conf</code> * Uncomment or add the following line (around line 28): <pre>net.ipv4.ip_forward=1</pre> * Apply the updated configuration to enable IP forwarding: <code>sysctl -p</code><br> * Restart the system to ensure all changes take effect. This should resolve the networking issue for LXC containers when Docker is installed. ==Limit CPU and RAM per container can use== <!-- NOT TESTED clearly flaws In Ubuntu 24.04, you can limit the CPU and RAM usage of an LXC (Linux Containers) container using the built-in resource control features provided by LXC. ===Limiting CPU Usage=== You can limit the CPU usage of an LXC container in two ways: by specifying the number of CPU cores the container can use, and by setting a CPU usage limit as a percentage of the host's total CPU resources. * Limit CPU Cores: You can assign specific CPU cores to a container by editing the container's configuration file. <code>lxc-cgroup -n <container-name> cpuset.cpus <cpu-cores></code> For example, to assign CPU cores 0 and 1 to a container: <code>lxc-cgroup -n my-container cpuset.cpus 0,1</code> Alternatively, you can add the following line to the container’s configuration file (usually found in /var/lib/lxc/<container-name>/config): <code>lxc.cgroup.cpuset.cpus = 0,1</code> * Limit CPU Usage You can limit the CPU usage as a percentage of the host’s total CPU time. <code>lxc-cgroup -n <container-name> cpu.shares <value></code> For example, to limit the CPU usage to 20%: <code>lxc.cgroup.cpu.shares = 204</code> This value is relative to the CPU shares of other containers. The default value is 1024, so 204 is about 20% of one CPU. === Limiting RAM Usage === You can also limit the amount of RAM a container can use. * Limit Memory: To set a hard limit on the maximum amount of RAM a container can use, add the following line to the container’s configuration file: <code>lxc.cgroup.memory.limit_in_bytes = 512M</code> This example limits the container to 512 MB of RAM. * Limit Swap Usage: You can also limit the amount of swap memory a container can use: <code>lxc.cgroup.memory.memsw.limit_in_bytes = 1G</code> This example limits the total memory usage (RAM + swap) to 1 GB. === Applying the Changes === After editing the configuration file, restart the container to apply the changes: <pre> lxc-stop -n <container-name> lxc-start -n <container-name> </pre> --> == References == * [https://linuxcontainers.org/lxc/introduction/ LXC Introduction] * [https://ubuntu.com/server/docs/containers-lxc Ubuntu LXC Documentation] This wiki-formatted tutorial provides a quick start guide for CompleteNoobs to work with LXC containers on Ubuntu. It covers the basics of logging in, running commands, and moving files, which are essential operations for beginners working with containers. 419fravdji2tsiwjmt8c01gu320y1ia 0 142 476 2025-02-17T08:21:38Z AwesomO 5 Created page with "== LXD Initialization Guide for Ubuntu 24.04 == This guide will walk you through the process of initializing LXD on Ubuntu 24.04. LXD is a next-generation system container and virtual machine manager that offers a user experience similar to virtual machines but using Linux containers instead. === Prerequisites === * Ubuntu 24.04 installed on your system * Administrative (sudo) access to your system === Step 1: Install LXD === If LXD is not already installed on your sy..." 476 wikitext text/x-wiki == LXD Initialization Guide for Ubuntu 24.04 == This guide will walk you through the process of initializing LXD on Ubuntu 24.04. LXD is a next-generation system container and virtual machine manager that offers a user experience similar to virtual machines but using Linux containers instead. === Prerequisites === * Ubuntu 24.04 installed on your system * Administrative (sudo) access to your system === Step 1: Install LXD === If LXD is not already installed on your system, you can install it using the following command: <pre> sudo snap install lxd </pre> === Step 2: Start the LXD Initialization === To begin the LXD initialization process, open a terminal and type: <pre> sudo lxd init </pre> === Step 3: Answer the Configuration Questions === The 'lxd init' command will ask you a series of questions to configure your LXD installation. Here's a walkthrough of each question: ==== 1. Would you like to use LXD clustering? (yes/no) [default=no]: ==== * For most users, the default 'no' is sufficient. * Press Enter to accept the default. ==== 2. Do you want to configure a new storage pool? (yes/no) [default=yes]: ==== * It's recommended to create a new storage pool. * Press Enter to accept the default 'yes'. ==== 3. Name of the new storage pool [default=default]: ==== * You can choose a name for your storage pool or use the default. * Press Enter to accept the default name. ==== 4. Name of the storage backend to use (btrfs, dir, lvm, zfs) [default=zfs]: ==== * ZFS is a good choice for most users due to its advanced features. * If you're unsure, press Enter to accept the default 'zfs'. ==== 5. Create a new ZFS pool? (yes/no) [default=yes]: ==== * If you chose ZFS, you'll be asked if you want to create a new pool. * Press Enter to accept the default 'yes'. ==== 6. Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: ==== * If you don't have a dedicated disk or partition for LXD, choose 'no'. * Press Enter to accept the default 'no'. ==== 7. Size in GB of the new loop device (1GB minimum) [default=15GB]: ==== * This sets the size of the ZFS pool. The default is usually sufficient for beginners. * Press Enter to accept the default, or type a larger number if you need more space. ==== 8. Would you like to connect to a MAAS server? (yes/no) [default=no]: ==== * MAAS is for large-scale deployments. Most users don't need this. * Press Enter to accept the default 'no'. ==== 9. Would you like to create a new local network bridge? (yes/no) [default=yes]: ==== * A network bridge allows your containers to connect to the network. * Press Enter to accept the default 'yes'. ==== 10. What should the new bridge be called? [default=lxdbr0]: ==== * This is the name for your network bridge. * Press Enter to accept the default name 'lxdbr0'. ==== 11. What IPv4 address should be used? (CIDR subnet notation, "auto" or "none") [default=auto]: ==== * 'auto' will automatically assign IP addresses to your containers. * Press Enter to accept the default 'auto'. ==== 12. What IPv6 address should be used? (CIDR subnet notation, "auto" or "none") [default=auto]: ==== * Similar to IPv4, 'auto' is a good choice for most users. * Press Enter to accept the default 'auto'. ==== 13. Would you like LXD to be available over the network? (yes/no) [default=no]: ==== * For security reasons, it's best to keep LXD local unless you specifically need remote access. * Press Enter to accept the default 'no'. ==== 14. Would you like stale cached images to be updated automatically? (yes/no) [default=yes]: ==== * This helps keep your container images up-to-date. * Press Enter to accept the default 'yes'. ==== 15. Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: ==== * This is useful for automating LXD setup on other machines. * For now, press Enter to accept the default 'no'. === Step 4: Completion === After answering all the questions, LXD will apply your configuration. You should see a message indicating that LXD has been successfully configured. === Step 5: Verify Installation === To verify that LXD is working correctly, you can run: <pre> lxc list </pre> This should display an empty list of containers, confirming that LXD is operational. You have now successfully initialized LXD on your Ubuntu 24.04 system. You're ready to start creating and managing containers! [[Ubuntu_LXC | Create First container]] For more information on using LXD, you can refer to the [https://linuxcontainers.org/lxd/docs/master/ official LXD documentation]. 5cwqbgeg3dxwmf23rkbno7w1g92mt76 0 143 479 2025-02-19T20:57:10Z AwesomO 5 Created page with "==FreeBSD 13.2 Midnight Commander== ==Errors and fixes== When you ssh into a FreeBSD Server with MC installed you may see the return: <pre> common.c: unimplemented subshell type 1 read (subshell_pty...): No such file or directory (2) </pre> to fix use:<code>mc -u</code>" 479 wikitext text/x-wiki ==FreeBSD 13.2 Midnight Commander== ==Errors and fixes== When you ssh into a FreeBSD Server with MC installed you may see the return: <pre> common.c: unimplemented subshell type 1 read (subshell_pty...): No such file or directory (2) </pre> to fix use:<code>mc -u</code> jhmw3vfj1ddiuz1xcnjnsrl55zwuazt 0 144 480 2025-03-04T02:02:25Z AwesomO 5 Created page with "= Raspberry Pi 2 as a Tailscale Exit Node for Home Network = This tutorial guides you through turning a '''Raspberry Pi 2''' (RPi2) into a '''Tailscale exit node''' for secure remote access to your '''home network'''. With this setup, you can log into your home servers, edit your local wiki, or access devices from anywhere using a headless Raspberry Pi 2. Keywords: '''Raspberry Pi 2 Tailscale setup''', '''headless SSH''', '''home VPN''', '''nmap IP discovery'''. == Ove..." 480 wikitext text/x-wiki = Raspberry Pi 2 as a Tailscale Exit Node for Home Network = This tutorial guides you through turning a '''Raspberry Pi 2''' (RPi2) into a '''Tailscale exit node''' for secure remote access to your '''home network'''. With this setup, you can log into your home servers, edit your local wiki, or access devices from anywhere using a headless Raspberry Pi 2. Keywords: '''Raspberry Pi 2 Tailscale setup''', '''headless SSH''', '''home VPN''', '''nmap IP discovery'''. == Overview == Transform your Raspberry Pi 2 into a Tailscale node to create a DIY VPN for your home network. This guide covers enabling SSH at boot for headless login, finding the Pi’s IP with <code>nmap</code>, and configuring Tailscale as an exit node for remote access to home servers and wikis. == Prerequisites == * Raspberry Pi 2 with power supply and microSD card * Ubuntu laptop (for SSH and scanning) * Internet connection * [https://www.raspberrypi.com/software/ Raspberry Pi Imager] installed on your computer == Step 1: Enable SSH on Boot (Headless Setup) == Set up your Raspberry Pi 2 for '''headless login''' with SSH enabled at boot using the Raspberry Pi Imager. # Download and open the '''Raspberry Pi Imager''' from [https://www.raspberrypi.com/software/ raspberrypi.com/software/]. # Select your OS (e.g., Raspberry Pi OS Lite) and storage (microSD card). # Click the "Edit Settings" button (gear icon or three dots). # In the "General" tab, set a '''username''' and '''password'''. # In the "Services" tab, check '''Enable SSH'''. # Choose "Use password authentication" (or "public-key" if preferred). # Click "Save" and write the image to the SD card. This ensures your RPi2 is SSH-ready without a monitor—perfect for a '''headless Raspberry Pi setup'''. == Step 2: Find the Raspberry Pi IP with nmap == Locate your Raspberry Pi 2’s IP address on your home network using <code>nmap</code> from an Ubuntu laptop. === Install nmap === <pre> sudo apt install nmap </pre> === Identify Your Router IP === <pre> ip route | grep default </pre> Example output: <pre> default via 192.168.0.1 dev wlp3s0 proto dhcp src 192.168.0.40 metric 600 </pre> * Router IP: <code>192.168.0.1</code> * Laptop IP: <code>192.168.0.40</code> === Scan the Network === Scan your network before booting the Pi: <pre> sudo nmap -sn 192.168.0.1/24 </pre> Example output: <pre> Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-03-03 10:07 GMT Nmap scan report for _gateway (192.168.0.1) Host is up (0.0038s latency). MAC Address: AC:F8:CC:DD:EE:FF (Arris Group) Nmap scan report for 192.168.0.40 Host is up. Nmap done: 256 IP addresses (12 hosts up) scanned in 2.68 seconds </pre> Boot your Raspberry Pi 2, wait 2-3 minutes, and scan again: <pre> sudo nmap -sn 192.168.0.1/24 </pre> New device appears: <pre> Nmap scan report for 192.168.0.69 Host is up (0.015s latency). MAC Address: B8:17:CC:DD:CC:BB (Raspberry Pi Foundation) </pre> * RPi2 IP: <code>192.168.0.69</code> (note this for SSH). This '''nmap IP discovery''' method is ideal for headless Raspberry Pi projects. == Step 3: Set Up Tailscale on the Raspberry Pi 2 == Log into your RPi2 and configure it as a '''Tailscale exit node''' for your home network. === SSH into the Pi === <pre> ssh $USER@192.168.0.69 </pre> Replace <code>$USER</code> with the username set in Step 1. === Install Tailscale === Add Tailscale’s repository with these commands (run each line separately): <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null</code><br> <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list</code> Update and install: <pre> sudo apt update </pre> <pre> sudo apt install tailscale </pre> === Enable IP Forwarding === Enable IP forwarding for the exit node (run each line): <code>echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>sudo sysctl -p /etc/sysctl.conf</code> === Start Tailscale as an Exit Node === Run Tailscale and advertise your home network: <pre> sudo tailscale up --accept-routes --advertise-routes=192.168.0.0/24 --advertise-exit-node </pre> Copy the authentication URL output, paste it into a browser, and log in with your Tailscale account. Get the Tailscale IP: <pre> tailscale ip -4 </pre> Example output: <code>100.115.103.24</code> (yours will differ). == Step 4: Connect from Your Laptop == Use your laptop as a Tailscale client to access your home network via the RPi2 exit node. <pre> sudo tailscale up --exit-node=100.115.103.24 --exit-node-allow-lan-access </pre> * Replace <code>100.115.103.24</code> with your Pi’s Tailscale IP. To disconnect: <pre> sudo tailscale down </pre> == Step 5: Test the Setup == Verify the exit node works: <pre> curl ifconfig.me </pre> Compare the IP when connected via your home Wi-Fi vs. a mobile hotspot. You should see your home public IP when using the exit node. Now, you can browse your '''local wiki''', log into '''home servers''', or access devices on <code>192.168.0.0/24</code>. == Troubleshooting == * '''SSH fails:''' Ensure the username/password match Step 1 settings. * '''Tailscale not connecting:''' Check your Tailscale account and re-authenticate. * '''IP not found:''' Re-run <code>nmap</code> or check your router’s DHCP list. == Conclusion == Your Raspberry Pi 2 is now a '''Tailscale exit node''', providing secure remote access to your home network. This '''RPi2 Tailscale tutorial''' is perfect for DIY VPN enthusiasts wanting to access home servers or wikis from anywhere. Keywords: '''Raspberry Pi 2 VPN''', '''Tailscale home network''', '''headless Pi setup''', '''remote access tutorial'''. 6ikeqpcnbj6ayy6l75vy0ysfcxzzv56 484 480 2025-03-19T12:10:09Z Test1 7 /* Step 4: Connect from Your Laptop */ 484 wikitext text/x-wiki = Raspberry Pi 2 as a Tailscale Exit Node for Home Network = This tutorial guides you through turning a '''Raspberry Pi 2''' (RPi2) into a '''Tailscale exit node''' for secure remote access to your '''home network'''. With this setup, you can log into your home servers, edit your local wiki, or access devices from anywhere using a headless Raspberry Pi 2. Keywords: '''Raspberry Pi 2 Tailscale setup''', '''headless SSH''', '''home VPN''', '''nmap IP discovery'''. == Overview == Transform your Raspberry Pi 2 into a Tailscale node to create a DIY VPN for your home network. This guide covers enabling SSH at boot for headless login, finding the Pi’s IP with <code>nmap</code>, and configuring Tailscale as an exit node for remote access to home servers and wikis. == Prerequisites == * Raspberry Pi 2 with power supply and microSD card * Ubuntu laptop (for SSH and scanning) * Internet connection * [https://www.raspberrypi.com/software/ Raspberry Pi Imager] installed on your computer == Step 1: Enable SSH on Boot (Headless Setup) == Set up your Raspberry Pi 2 for '''headless login''' with SSH enabled at boot using the Raspberry Pi Imager. # Download and open the '''Raspberry Pi Imager''' from [https://www.raspberrypi.com/software/ raspberrypi.com/software/]. # Select your OS (e.g., Raspberry Pi OS Lite) and storage (microSD card). # Click the "Edit Settings" button (gear icon or three dots). # In the "General" tab, set a '''username''' and '''password'''. # In the "Services" tab, check '''Enable SSH'''. # Choose "Use password authentication" (or "public-key" if preferred). # Click "Save" and write the image to the SD card. This ensures your RPi2 is SSH-ready without a monitor—perfect for a '''headless Raspberry Pi setup'''. == Step 2: Find the Raspberry Pi IP with nmap == Locate your Raspberry Pi 2’s IP address on your home network using <code>nmap</code> from an Ubuntu laptop. === Install nmap === <pre> sudo apt install nmap </pre> === Identify Your Router IP === <pre> ip route | grep default </pre> Example output: <pre> default via 192.168.0.1 dev wlp3s0 proto dhcp src 192.168.0.40 metric 600 </pre> * Router IP: <code>192.168.0.1</code> * Laptop IP: <code>192.168.0.40</code> === Scan the Network === Scan your network before booting the Pi: <pre> sudo nmap -sn 192.168.0.1/24 </pre> Example output: <pre> Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-03-03 10:07 GMT Nmap scan report for _gateway (192.168.0.1) Host is up (0.0038s latency). MAC Address: AC:F8:CC:DD:EE:FF (Arris Group) Nmap scan report for 192.168.0.40 Host is up. Nmap done: 256 IP addresses (12 hosts up) scanned in 2.68 seconds </pre> Boot your Raspberry Pi 2, wait 2-3 minutes, and scan again: <pre> sudo nmap -sn 192.168.0.1/24 </pre> New device appears: <pre> Nmap scan report for 192.168.0.69 Host is up (0.015s latency). MAC Address: B8:17:CC:DD:CC:BB (Raspberry Pi Foundation) </pre> * RPi2 IP: <code>192.168.0.69</code> (note this for SSH). This '''nmap IP discovery''' method is ideal for headless Raspberry Pi projects. == Step 3: Set Up Tailscale on the Raspberry Pi 2 == Log into your RPi2 and configure it as a '''Tailscale exit node''' for your home network. === SSH into the Pi === <pre> ssh $USER@192.168.0.69 </pre> Replace <code>$USER</code> with the username set in Step 1. === Install Tailscale === Add Tailscale’s repository with these commands (run each line separately): <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null</code><br> <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list</code> Update and install: <pre> sudo apt update </pre> <pre> sudo apt install tailscale </pre> === Enable IP Forwarding === Enable IP forwarding for the exit node (run each line): <code>echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>sudo sysctl -p /etc/sysctl.conf</code> === Start Tailscale as an Exit Node === Run Tailscale and advertise your home network: <pre> sudo tailscale up --accept-routes --advertise-routes=192.168.0.0/24 --advertise-exit-node </pre> Copy the authentication URL output, paste it into a browser, and log in with your Tailscale account. Get the Tailscale IP: <pre> tailscale ip -4 </pre> Example output: <code>100.115.103.24</code> (yours will differ). == Step 4: Connect from Your Laptop == NOTE: you can find your device IP's from <code>https://login.tailscale.com/admin/machines</code> Use your laptop as a Tailscale client to access your home network via the RPi2 exit node. <pre> sudo tailscale up --exit-node=100.115.103.24 --exit-node-allow-lan-access </pre> * Replace <code>100.115.103.24</code> with your Pi’s Tailscale IP. To disconnect: <pre> sudo tailscale down </pre> == Step 5: Test the Setup == Verify the exit node works: <pre> curl ifconfig.me </pre> Compare the IP when connected via your home Wi-Fi vs. a mobile hotspot. You should see your home public IP when using the exit node. Now, you can browse your '''local wiki''', log into '''home servers''', or access devices on <code>192.168.0.0/24</code>. == Troubleshooting == * '''SSH fails:''' Ensure the username/password match Step 1 settings. * '''Tailscale not connecting:''' Check your Tailscale account and re-authenticate. * '''IP not found:''' Re-run <code>nmap</code> or check your router’s DHCP list. == Conclusion == Your Raspberry Pi 2 is now a '''Tailscale exit node''', providing secure remote access to your home network. This '''RPi2 Tailscale tutorial''' is perfect for DIY VPN enthusiasts wanting to access home servers or wikis from anywhere. Keywords: '''Raspberry Pi 2 VPN''', '''Tailscale home network''', '''headless Pi setup''', '''remote access tutorial'''. oh75w9peztyg6yah5wdmtca02sefkl0 485 484 2025-03-19T12:48:27Z Test1 7 /* Install Tailscale */ 485 wikitext text/x-wiki = Raspberry Pi 2 as a Tailscale Exit Node for Home Network = This tutorial guides you through turning a '''Raspberry Pi 2''' (RPi2) into a '''Tailscale exit node''' for secure remote access to your '''home network'''. With this setup, you can log into your home servers, edit your local wiki, or access devices from anywhere using a headless Raspberry Pi 2. Keywords: '''Raspberry Pi 2 Tailscale setup''', '''headless SSH''', '''home VPN''', '''nmap IP discovery'''. == Overview == Transform your Raspberry Pi 2 into a Tailscale node to create a DIY VPN for your home network. This guide covers enabling SSH at boot for headless login, finding the Pi’s IP with <code>nmap</code>, and configuring Tailscale as an exit node for remote access to home servers and wikis. == Prerequisites == * Raspberry Pi 2 with power supply and microSD card * Ubuntu laptop (for SSH and scanning) * Internet connection * [https://www.raspberrypi.com/software/ Raspberry Pi Imager] installed on your computer == Step 1: Enable SSH on Boot (Headless Setup) == Set up your Raspberry Pi 2 for '''headless login''' with SSH enabled at boot using the Raspberry Pi Imager. # Download and open the '''Raspberry Pi Imager''' from [https://www.raspberrypi.com/software/ raspberrypi.com/software/]. # Select your OS (e.g., Raspberry Pi OS Lite) and storage (microSD card). # Click the "Edit Settings" button (gear icon or three dots). # In the "General" tab, set a '''username''' and '''password'''. # In the "Services" tab, check '''Enable SSH'''. # Choose "Use password authentication" (or "public-key" if preferred). # Click "Save" and write the image to the SD card. This ensures your RPi2 is SSH-ready without a monitor—perfect for a '''headless Raspberry Pi setup'''. == Step 2: Find the Raspberry Pi IP with nmap == Locate your Raspberry Pi 2’s IP address on your home network using <code>nmap</code> from an Ubuntu laptop. === Install nmap === <pre> sudo apt install nmap </pre> === Identify Your Router IP === <pre> ip route | grep default </pre> Example output: <pre> default via 192.168.0.1 dev wlp3s0 proto dhcp src 192.168.0.40 metric 600 </pre> * Router IP: <code>192.168.0.1</code> * Laptop IP: <code>192.168.0.40</code> === Scan the Network === Scan your network before booting the Pi: <pre> sudo nmap -sn 192.168.0.1/24 </pre> Example output: <pre> Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-03-03 10:07 GMT Nmap scan report for _gateway (192.168.0.1) Host is up (0.0038s latency). MAC Address: AC:F8:CC:DD:EE:FF (Arris Group) Nmap scan report for 192.168.0.40 Host is up. Nmap done: 256 IP addresses (12 hosts up) scanned in 2.68 seconds </pre> Boot your Raspberry Pi 2, wait 2-3 minutes, and scan again: <pre> sudo nmap -sn 192.168.0.1/24 </pre> New device appears: <pre> Nmap scan report for 192.168.0.69 Host is up (0.015s latency). MAC Address: B8:17:CC:DD:CC:BB (Raspberry Pi Foundation) </pre> * RPi2 IP: <code>192.168.0.69</code> (note this for SSH). This '''nmap IP discovery''' method is ideal for headless Raspberry Pi projects. == Step 3: Set Up Tailscale on the Raspberry Pi 2 == Log into your RPi2 and configure it as a '''Tailscale exit node''' for your home network. === SSH into the Pi === <pre> ssh $USER@192.168.0.69 </pre> Replace <code>$USER</code> with the username set in Step 1. === Install Tailscale === Add Tailscale’s repository with these commands (run each line separately): * <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null</code><br> * <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list</code> Update and install: <pre> sudo apt update </pre> <pre> sudo apt install tailscale </pre> === Enable IP Forwarding === Enable IP forwarding for the exit node (run each line): <code>echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>sudo sysctl -p /etc/sysctl.conf</code> === Start Tailscale as an Exit Node === Run Tailscale and advertise your home network: <pre> sudo tailscale up --accept-routes --advertise-routes=192.168.0.0/24 --advertise-exit-node </pre> Copy the authentication URL output, paste it into a browser, and log in with your Tailscale account. Get the Tailscale IP: <pre> tailscale ip -4 </pre> Example output: <code>100.115.103.24</code> (yours will differ). == Step 4: Connect from Your Laptop == NOTE: you can find your device IP's from <code>https://login.tailscale.com/admin/machines</code> Use your laptop as a Tailscale client to access your home network via the RPi2 exit node. <pre> sudo tailscale up --exit-node=100.115.103.24 --exit-node-allow-lan-access </pre> * Replace <code>100.115.103.24</code> with your Pi’s Tailscale IP. To disconnect: <pre> sudo tailscale down </pre> == Step 5: Test the Setup == Verify the exit node works: <pre> curl ifconfig.me </pre> Compare the IP when connected via your home Wi-Fi vs. a mobile hotspot. You should see your home public IP when using the exit node. Now, you can browse your '''local wiki''', log into '''home servers''', or access devices on <code>192.168.0.0/24</code>. == Troubleshooting == * '''SSH fails:''' Ensure the username/password match Step 1 settings. * '''Tailscale not connecting:''' Check your Tailscale account and re-authenticate. * '''IP not found:''' Re-run <code>nmap</code> or check your router’s DHCP list. == Conclusion == Your Raspberry Pi 2 is now a '''Tailscale exit node''', providing secure remote access to your home network. This '''RPi2 Tailscale tutorial''' is perfect for DIY VPN enthusiasts wanting to access home servers or wikis from anywhere. Keywords: '''Raspberry Pi 2 VPN''', '''Tailscale home network''', '''headless Pi setup''', '''remote access tutorial'''. 7gzpsqttoshy797kecnv8ygtago41hi 486 485 2025-03-19T12:51:24Z Test1 7 /* Step 4: Connect from Your Laptop */ 486 wikitext text/x-wiki = Raspberry Pi 2 as a Tailscale Exit Node for Home Network = This tutorial guides you through turning a '''Raspberry Pi 2''' (RPi2) into a '''Tailscale exit node''' for secure remote access to your '''home network'''. With this setup, you can log into your home servers, edit your local wiki, or access devices from anywhere using a headless Raspberry Pi 2. Keywords: '''Raspberry Pi 2 Tailscale setup''', '''headless SSH''', '''home VPN''', '''nmap IP discovery'''. == Overview == Transform your Raspberry Pi 2 into a Tailscale node to create a DIY VPN for your home network. This guide covers enabling SSH at boot for headless login, finding the Pi’s IP with <code>nmap</code>, and configuring Tailscale as an exit node for remote access to home servers and wikis. == Prerequisites == * Raspberry Pi 2 with power supply and microSD card * Ubuntu laptop (for SSH and scanning) * Internet connection * [https://www.raspberrypi.com/software/ Raspberry Pi Imager] installed on your computer == Step 1: Enable SSH on Boot (Headless Setup) == Set up your Raspberry Pi 2 for '''headless login''' with SSH enabled at boot using the Raspberry Pi Imager. # Download and open the '''Raspberry Pi Imager''' from [https://www.raspberrypi.com/software/ raspberrypi.com/software/]. # Select your OS (e.g., Raspberry Pi OS Lite) and storage (microSD card). # Click the "Edit Settings" button (gear icon or three dots). # In the "General" tab, set a '''username''' and '''password'''. # In the "Services" tab, check '''Enable SSH'''. # Choose "Use password authentication" (or "public-key" if preferred). # Click "Save" and write the image to the SD card. This ensures your RPi2 is SSH-ready without a monitor—perfect for a '''headless Raspberry Pi setup'''. == Step 2: Find the Raspberry Pi IP with nmap == Locate your Raspberry Pi 2’s IP address on your home network using <code>nmap</code> from an Ubuntu laptop. === Install nmap === <pre> sudo apt install nmap </pre> === Identify Your Router IP === <pre> ip route | grep default </pre> Example output: <pre> default via 192.168.0.1 dev wlp3s0 proto dhcp src 192.168.0.40 metric 600 </pre> * Router IP: <code>192.168.0.1</code> * Laptop IP: <code>192.168.0.40</code> === Scan the Network === Scan your network before booting the Pi: <pre> sudo nmap -sn 192.168.0.1/24 </pre> Example output: <pre> Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-03-03 10:07 GMT Nmap scan report for _gateway (192.168.0.1) Host is up (0.0038s latency). MAC Address: AC:F8:CC:DD:EE:FF (Arris Group) Nmap scan report for 192.168.0.40 Host is up. Nmap done: 256 IP addresses (12 hosts up) scanned in 2.68 seconds </pre> Boot your Raspberry Pi 2, wait 2-3 minutes, and scan again: <pre> sudo nmap -sn 192.168.0.1/24 </pre> New device appears: <pre> Nmap scan report for 192.168.0.69 Host is up (0.015s latency). MAC Address: B8:17:CC:DD:CC:BB (Raspberry Pi Foundation) </pre> * RPi2 IP: <code>192.168.0.69</code> (note this for SSH). This '''nmap IP discovery''' method is ideal for headless Raspberry Pi projects. == Step 3: Set Up Tailscale on the Raspberry Pi 2 == Log into your RPi2 and configure it as a '''Tailscale exit node''' for your home network. === SSH into the Pi === <pre> ssh $USER@192.168.0.69 </pre> Replace <code>$USER</code> with the username set in Step 1. === Install Tailscale === Add Tailscale’s repository with these commands (run each line separately): * <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null</code><br> * <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list</code> Update and install: <pre> sudo apt update </pre> <pre> sudo apt install tailscale </pre> === Enable IP Forwarding === Enable IP forwarding for the exit node (run each line): <code>echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>sudo sysctl -p /etc/sysctl.conf</code> === Start Tailscale as an Exit Node === Run Tailscale and advertise your home network: <pre> sudo tailscale up --accept-routes --advertise-routes=192.168.0.0/24 --advertise-exit-node </pre> Copy the authentication URL output, paste it into a browser, and log in with your Tailscale account. Get the Tailscale IP: <pre> tailscale ip -4 </pre> Example output: <code>100.115.103.24</code> (yours will differ). == Step 4: Connect from Your Laptop == NOTE: you can find your device IP's from <code>https://login.tailscale.com/admin/machines</code> * [[Raspberry_Pi_2_as_a_Tailscale_Exit_Node_for_Home_Network#Install_Tailscale| Use same method as PI to install to laptop]] Use your laptop as a Tailscale client to access your home network via the RPi2 exit node. <pre> sudo tailscale up --exit-node=100.115.103.24 --exit-node-allow-lan-access </pre> * Replace <code>100.115.103.24</code> with your Pi’s Tailscale IP. To disconnect: <pre> sudo tailscale down </pre> == Step 5: Test the Setup == Verify the exit node works: <pre> curl ifconfig.me </pre> Compare the IP when connected via your home Wi-Fi vs. a mobile hotspot. You should see your home public IP when using the exit node. Now, you can browse your '''local wiki''', log into '''home servers''', or access devices on <code>192.168.0.0/24</code>. == Troubleshooting == * '''SSH fails:''' Ensure the username/password match Step 1 settings. * '''Tailscale not connecting:''' Check your Tailscale account and re-authenticate. * '''IP not found:''' Re-run <code>nmap</code> or check your router’s DHCP list. == Conclusion == Your Raspberry Pi 2 is now a '''Tailscale exit node''', providing secure remote access to your home network. This '''RPi2 Tailscale tutorial''' is perfect for DIY VPN enthusiasts wanting to access home servers or wikis from anywhere. Keywords: '''Raspberry Pi 2 VPN''', '''Tailscale home network''', '''headless Pi setup''', '''remote access tutorial'''. 7yiq6lzgwaholgtcmu4oad9duy31oo6 488 486 2025-03-19T20:06:16Z Test1 7 /* Conclusion */ 488 wikitext text/x-wiki = Raspberry Pi 2 as a Tailscale Exit Node for Home Network = This tutorial guides you through turning a '''Raspberry Pi 2''' (RPi2) into a '''Tailscale exit node''' for secure remote access to your '''home network'''. With this setup, you can log into your home servers, edit your local wiki, or access devices from anywhere using a headless Raspberry Pi 2. Keywords: '''Raspberry Pi 2 Tailscale setup''', '''headless SSH''', '''home VPN''', '''nmap IP discovery'''. == Overview == Transform your Raspberry Pi 2 into a Tailscale node to create a DIY VPN for your home network. This guide covers enabling SSH at boot for headless login, finding the Pi’s IP with <code>nmap</code>, and configuring Tailscale as an exit node for remote access to home servers and wikis. == Prerequisites == * Raspberry Pi 2 with power supply and microSD card * Ubuntu laptop (for SSH and scanning) * Internet connection * [https://www.raspberrypi.com/software/ Raspberry Pi Imager] installed on your computer == Step 1: Enable SSH on Boot (Headless Setup) == Set up your Raspberry Pi 2 for '''headless login''' with SSH enabled at boot using the Raspberry Pi Imager. # Download and open the '''Raspberry Pi Imager''' from [https://www.raspberrypi.com/software/ raspberrypi.com/software/]. # Select your OS (e.g., Raspberry Pi OS Lite) and storage (microSD card). # Click the "Edit Settings" button (gear icon or three dots). # In the "General" tab, set a '''username''' and '''password'''. # In the "Services" tab, check '''Enable SSH'''. # Choose "Use password authentication" (or "public-key" if preferred). # Click "Save" and write the image to the SD card. This ensures your RPi2 is SSH-ready without a monitor—perfect for a '''headless Raspberry Pi setup'''. == Step 2: Find the Raspberry Pi IP with nmap == Locate your Raspberry Pi 2’s IP address on your home network using <code>nmap</code> from an Ubuntu laptop. === Install nmap === <pre> sudo apt install nmap </pre> === Identify Your Router IP === <pre> ip route | grep default </pre> Example output: <pre> default via 192.168.0.1 dev wlp3s0 proto dhcp src 192.168.0.40 metric 600 </pre> * Router IP: <code>192.168.0.1</code> * Laptop IP: <code>192.168.0.40</code> === Scan the Network === Scan your network before booting the Pi: <pre> sudo nmap -sn 192.168.0.1/24 </pre> Example output: <pre> Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-03-03 10:07 GMT Nmap scan report for _gateway (192.168.0.1) Host is up (0.0038s latency). MAC Address: AC:F8:CC:DD:EE:FF (Arris Group) Nmap scan report for 192.168.0.40 Host is up. Nmap done: 256 IP addresses (12 hosts up) scanned in 2.68 seconds </pre> Boot your Raspberry Pi 2, wait 2-3 minutes, and scan again: <pre> sudo nmap -sn 192.168.0.1/24 </pre> New device appears: <pre> Nmap scan report for 192.168.0.69 Host is up (0.015s latency). MAC Address: B8:17:CC:DD:CC:BB (Raspberry Pi Foundation) </pre> * RPi2 IP: <code>192.168.0.69</code> (note this for SSH). This '''nmap IP discovery''' method is ideal for headless Raspberry Pi projects. == Step 3: Set Up Tailscale on the Raspberry Pi 2 == Log into your RPi2 and configure it as a '''Tailscale exit node''' for your home network. === SSH into the Pi === <pre> ssh $USER@192.168.0.69 </pre> Replace <code>$USER</code> with the username set in Step 1. === Install Tailscale === Add Tailscale’s repository with these commands (run each line separately): * <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null</code><br> * <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list</code> Update and install: <pre> sudo apt update </pre> <pre> sudo apt install tailscale </pre> === Enable IP Forwarding === Enable IP forwarding for the exit node (run each line): <code>echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>sudo sysctl -p /etc/sysctl.conf</code> === Start Tailscale as an Exit Node === Run Tailscale and advertise your home network: <pre> sudo tailscale up --accept-routes --advertise-routes=192.168.0.0/24 --advertise-exit-node </pre> Copy the authentication URL output, paste it into a browser, and log in with your Tailscale account. Get the Tailscale IP: <pre> tailscale ip -4 </pre> Example output: <code>100.115.103.24</code> (yours will differ). == Step 4: Connect from Your Laptop == NOTE: you can find your device IP's from <code>https://login.tailscale.com/admin/machines</code> * [[Raspberry_Pi_2_as_a_Tailscale_Exit_Node_for_Home_Network#Install_Tailscale| Use same method as PI to install to laptop]] Use your laptop as a Tailscale client to access your home network via the RPi2 exit node. <pre> sudo tailscale up --exit-node=100.115.103.24 --exit-node-allow-lan-access </pre> * Replace <code>100.115.103.24</code> with your Pi’s Tailscale IP. To disconnect: <pre> sudo tailscale down </pre> == Step 5: Test the Setup == Verify the exit node works: <pre> curl ifconfig.me </pre> Compare the IP when connected via your home Wi-Fi vs. a mobile hotspot. You should see your home public IP when using the exit node. Now, you can browse your '''local wiki''', log into '''home servers''', or access devices on <code>192.168.0.0/24</code>. == Troubleshooting == * '''SSH fails:''' Ensure the username/password match Step 1 settings. * '''Tailscale not connecting:''' Check your Tailscale account and re-authenticate. * '''IP not found:''' Re-run <code>nmap</code> or check your router’s DHCP list. == SEO: Find This Guide Easily == Looking to '''SSH tunnel into your home network safely''' or set up a '''Raspberry Pi 2 as a Tailscale exit node'''? This guide covers everything you need for secure remote access to your '''home network''' using a '''headless Raspberry Pi 2'''. Key terms to find this page again: '''Raspberry Pi 2 Tailscale setup''', '''Tailscale exit node tutorial''', '''headless SSH home VPN''', '''nmap IP discovery for Pi''', '''DIY VPN with Raspberry Pi''', '''secure home server access''', '''Tailscale remote access'''. Whether you’re editing a '''local wiki''' or managing devices on your '''home LAN''', this '''RPi2 Tailscale guide''' has you covered. nc5bfzp0btkc1jaf8z34q6mipap1xii 490 488 2025-03-19T21:27:47Z Test1 7 /* Step 4: Connect from Your Laptop */ 490 wikitext text/x-wiki = Raspberry Pi 2 as a Tailscale Exit Node for Home Network = This tutorial guides you through turning a '''Raspberry Pi 2''' (RPi2) into a '''Tailscale exit node''' for secure remote access to your '''home network'''. With this setup, you can log into your home servers, edit your local wiki, or access devices from anywhere using a headless Raspberry Pi 2. Keywords: '''Raspberry Pi 2 Tailscale setup''', '''headless SSH''', '''home VPN''', '''nmap IP discovery'''. == Overview == Transform your Raspberry Pi 2 into a Tailscale node to create a DIY VPN for your home network. This guide covers enabling SSH at boot for headless login, finding the Pi’s IP with <code>nmap</code>, and configuring Tailscale as an exit node for remote access to home servers and wikis. == Prerequisites == * Raspberry Pi 2 with power supply and microSD card * Ubuntu laptop (for SSH and scanning) * Internet connection * [https://www.raspberrypi.com/software/ Raspberry Pi Imager] installed on your computer == Step 1: Enable SSH on Boot (Headless Setup) == Set up your Raspberry Pi 2 for '''headless login''' with SSH enabled at boot using the Raspberry Pi Imager. # Download and open the '''Raspberry Pi Imager''' from [https://www.raspberrypi.com/software/ raspberrypi.com/software/]. # Select your OS (e.g., Raspberry Pi OS Lite) and storage (microSD card). # Click the "Edit Settings" button (gear icon or three dots). # In the "General" tab, set a '''username''' and '''password'''. # In the "Services" tab, check '''Enable SSH'''. # Choose "Use password authentication" (or "public-key" if preferred). # Click "Save" and write the image to the SD card. This ensures your RPi2 is SSH-ready without a monitor—perfect for a '''headless Raspberry Pi setup'''. == Step 2: Find the Raspberry Pi IP with nmap == Locate your Raspberry Pi 2’s IP address on your home network using <code>nmap</code> from an Ubuntu laptop. === Install nmap === <pre> sudo apt install nmap </pre> === Identify Your Router IP === <pre> ip route | grep default </pre> Example output: <pre> default via 192.168.0.1 dev wlp3s0 proto dhcp src 192.168.0.40 metric 600 </pre> * Router IP: <code>192.168.0.1</code> * Laptop IP: <code>192.168.0.40</code> === Scan the Network === Scan your network before booting the Pi: <pre> sudo nmap -sn 192.168.0.1/24 </pre> Example output: <pre> Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-03-03 10:07 GMT Nmap scan report for _gateway (192.168.0.1) Host is up (0.0038s latency). MAC Address: AC:F8:CC:DD:EE:FF (Arris Group) Nmap scan report for 192.168.0.40 Host is up. Nmap done: 256 IP addresses (12 hosts up) scanned in 2.68 seconds </pre> Boot your Raspberry Pi 2, wait 2-3 minutes, and scan again: <pre> sudo nmap -sn 192.168.0.1/24 </pre> New device appears: <pre> Nmap scan report for 192.168.0.69 Host is up (0.015s latency). MAC Address: B8:17:CC:DD:CC:BB (Raspberry Pi Foundation) </pre> * RPi2 IP: <code>192.168.0.69</code> (note this for SSH). This '''nmap IP discovery''' method is ideal for headless Raspberry Pi projects. == Step 3: Set Up Tailscale on the Raspberry Pi 2 == Log into your RPi2 and configure it as a '''Tailscale exit node''' for your home network. === SSH into the Pi === <pre> ssh $USER@192.168.0.69 </pre> Replace <code>$USER</code> with the username set in Step 1. === Install Tailscale === Add Tailscale’s repository with these commands (run each line separately): * <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null</code><br> * <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list</code> Update and install: <pre> sudo apt update </pre> <pre> sudo apt install tailscale </pre> === Enable IP Forwarding === Enable IP forwarding for the exit node (run each line): <code>echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>sudo sysctl -p /etc/sysctl.conf</code> === Start Tailscale as an Exit Node === Run Tailscale and advertise your home network: <pre> sudo tailscale up --accept-routes --advertise-routes=192.168.0.0/24 --advertise-exit-node </pre> Copy the authentication URL output, paste it into a browser, and log in with your Tailscale account. Get the Tailscale IP: <pre> tailscale ip -4 </pre> Example output: <code>100.115.103.24</code> (yours will differ). == Step 4: Connect from Your Laptop == NOTE: you can find your device IP's from <code>https://login.tailscale.com/admin/machines</code> * [[Raspberry_Pi_2_as_a_Tailscale_Exit_Node_for_Home_Network#Install_Tailscale| Use same method as PI to install to laptop]] Use your laptop as a Tailscale client to access your home network via the RPi2 exit node. <pre> sudo tailscale up --exit-node=100.115.103.24 --exit-node-allow-lan-access </pre> * Replace <code>100.115.103.24</code> with your Pi’s Tailscale IP. To disconnect: <pre> sudo tailscale down </pre> ===Simple Script=== * Create file name you will remember - or at least know what it is when you see it <code>sudo $EDITOR /usr/local/bin/tailscale_home_pi_connect</code> <pre> #!/bin/bash sudo tailscale up --exit-node=100.115.103.24 --exit-node-allow-lan-access # NOTE: To disconnect: sudo tailscale down </pre> * Make script excutable <code>sudo chmod +x /usr/local/bin/tailscale_home_pi_connect</code> == Step 5: Test the Setup == Verify the exit node works: <pre> curl ifconfig.me </pre> Compare the IP when connected via your home Wi-Fi vs. a mobile hotspot. You should see your home public IP when using the exit node. Now, you can browse your '''local wiki''', log into '''home servers''', or access devices on <code>192.168.0.0/24</code>. == Troubleshooting == * '''SSH fails:''' Ensure the username/password match Step 1 settings. * '''Tailscale not connecting:''' Check your Tailscale account and re-authenticate. * '''IP not found:''' Re-run <code>nmap</code> or check your router’s DHCP list. == SEO: Find This Guide Easily == Looking to '''SSH tunnel into your home network safely''' or set up a '''Raspberry Pi 2 as a Tailscale exit node'''? This guide covers everything you need for secure remote access to your '''home network''' using a '''headless Raspberry Pi 2'''. Key terms to find this page again: '''Raspberry Pi 2 Tailscale setup''', '''Tailscale exit node tutorial''', '''headless SSH home VPN''', '''nmap IP discovery for Pi''', '''DIY VPN with Raspberry Pi''', '''secure home server access''', '''Tailscale remote access'''. Whether you’re editing a '''local wiki''' or managing devices on your '''home LAN''', this '''RPi2 Tailscale guide''' has you covered. 772xwatfhf7ayhzpq3ftarzsk05nt4e 491 490 2025-03-19T21:31:37Z Test1 7 491 wikitext text/x-wiki = Raspberry Pi 2 as a Tailscale Exit Node for Home Network = This tutorial guides you through turning a '''Raspberry Pi 2''' (RPi2) into a '''Tailscale exit node''' for secure remote access to your '''home network'''. With this setup, you can log into your home servers, edit your local wiki, or access devices from anywhere using a headless Raspberry Pi 2. Keywords: '''Raspberry Pi 2 Tailscale setup''', '''headless SSH''', '''home VPN''', '''nmap IP discovery'''. == Overview == Transform your Raspberry Pi 2 into a Tailscale node to create a DIY VPN for your home network. This guide covers enabling SSH at boot for headless login, finding the Pi’s IP with <code>nmap</code>, and configuring Tailscale as an exit node for remote access to home servers and wikis. == Prerequisites == * Raspberry Pi 2 with power supply and microSD card * Ubuntu laptop (for SSH and scanning) * Internet connection * [https://www.raspberrypi.com/software/ Raspberry Pi Imager] installed on your computer == Step 1: Enable SSH on Boot (Headless Setup) == Set up your Raspberry Pi 2 for '''headless login''' with SSH enabled at boot using the Raspberry Pi Imager. # Download and open the '''Raspberry Pi Imager''' from [https://www.raspberrypi.com/software/ raspberrypi.com/software/]. # Select your OS (e.g., Raspberry Pi OS Lite) and storage (microSD card). # Click the "Edit Settings" button (gear icon or three dots). # In the "General" tab, set a '''username''' and '''password'''. # In the "Services" tab, check '''Enable SSH'''. # Choose "Use password authentication" (or "public-key" if preferred). # Click "Save" and write the image to the SD card. This ensures your RPi2 is SSH-ready without a monitor—perfect for a '''headless Raspberry Pi setup'''. == Step 2: Find the Raspberry Pi IP with nmap == Locate your Raspberry Pi 2’s IP address on your home network using <code>nmap</code> from an Ubuntu laptop. === Install nmap === <pre> sudo apt install nmap </pre> === Identify Your Router IP === <pre> ip route | grep default </pre> Example output: <pre> default via 192.168.0.1 dev wlp3s0 proto dhcp src 192.168.0.40 metric 600 </pre> * Router IP: <code>192.168.0.1</code> * Laptop IP: <code>192.168.0.40</code> === Scan the Network === Scan your network before booting the Pi: <pre> sudo nmap -sn 192.168.0.1/24 </pre> Example output: <pre> Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-03-03 10:07 GMT Nmap scan report for _gateway (192.168.0.1) Host is up (0.0038s latency). MAC Address: AC:F8:CC:DD:EE:FF (Arris Group) Nmap scan report for 192.168.0.40 Host is up. Nmap done: 256 IP addresses (12 hosts up) scanned in 2.68 seconds </pre> Boot your Raspberry Pi 2, wait 2-3 minutes, and scan again: <pre> sudo nmap -sn 192.168.0.1/24 </pre> New device appears: <pre> Nmap scan report for 192.168.0.69 Host is up (0.015s latency). MAC Address: B8:17:CC:DD:CC:BB (Raspberry Pi Foundation) </pre> * RPi2 IP: <code>192.168.0.69</code> (note this for SSH). This '''nmap IP discovery''' method is ideal for headless Raspberry Pi projects. == Step 3: Set Up Tailscale on the Raspberry Pi 2 == Log into your RPi2 and configure it as a '''Tailscale exit node''' for your home network. === SSH into the Pi === <pre> ssh $USER@192.168.0.69 </pre> Replace <code>$USER</code> with the username set in Step 1. === Install Tailscale === Add Tailscale’s repository with these commands (run each line separately): * <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null</code><br> * <code>curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list</code> Update and install: <pre> sudo apt update </pre> <pre> sudo apt install tailscale </pre> === Enable IP Forwarding === Enable IP forwarding for the exit node (run each line): <code>echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf</code><br> <code>sudo sysctl -p /etc/sysctl.conf</code> === Start Tailscale as an Exit Node === Run Tailscale and advertise your home network: <pre> sudo tailscale up --accept-routes --advertise-routes=192.168.0.0/24 --advertise-exit-node </pre> Copy the authentication URL output, paste it into a browser, and log in with your Tailscale account. Get the Tailscale IP: <pre> tailscale ip -4 </pre> Example output: <code>100.115.103.24</code> (yours will differ). == Step 4: Connect from Your Laptop == NOTE: you can find your device IP's from <code>https://login.tailscale.com/admin/machines</code> * [[Raspberry_Pi_2_as_a_Tailscale_Exit_Node_for_Home_Network#Install_Tailscale| Use same method as PI to install to laptop]] Use your laptop as a Tailscale client to access your home network via the RPi2 exit node. <pre> sudo tailscale up --exit-node=100.115.103.24 --exit-node-allow-lan-access </pre> * Replace <code>100.115.103.24</code> with your Pi’s Tailscale IP. To disconnect: <pre> sudo tailscale down </pre> ===Simple Script=== * Create file name you will remember - or at least know what it is when you see it <code>sudo $EDITOR /usr/local/bin/tailscale_home_pi_connect</code> <div class="toccolours mw-collapsible mw-collapsed"> '''Why /usr/local/bin/?''' <div class="mw-collapsible-content"> Putting your script in <code>/usr/local/bin/</code> is smart because:<br> * '''System-Wide Access:''' It’s in the system’s PATH by default on Ubuntu and Raspberry Pi OS, so you can run <code>tailscale_home_pi_connect</code> from anywhere in the terminal without typing the full path.<br> * '''Standard Location:''' It’s the conventional spot for user-added scripts or binaries, keeping your system organized and separate from OS-provided tools (like <code>/usr/bin/</code>).<br> * '''Root Privileges Match:''' Since your script uses <code>sudo</code>, placing it in a system directory like <code>/usr/local/bin/</code> (with <code>sudo chmod +x</code>) aligns with needing elevated permissions, making it feel like a proper system command.<br> * '''Avoid Clutter:''' Unlike your home directory (e.g., <code>/home/$USER/</code>), it won’t get lost among personal files, and it’s accessible to all users if needed.<br> Other places like <code>/bin/</code> or <code>/usr/bin/</code> are reserved for OS packages, and random directories might require extra PATH setup—<code>/usr/local/bin/</code> is the sweet spot for custom scripts like this! </div> </div> <pre> #!/bin/bash sudo tailscale up --exit-node=100.115.103.24 --exit-node-allow-lan-access # NOTE: To disconnect: sudo tailscale down </pre> * Make script excutable <code>sudo chmod +x /usr/local/bin/tailscale_home_pi_connect</code> == Step 5: Test the Setup == Verify the exit node works: <pre> curl ifconfig.me </pre> Compare the IP when connected via your home Wi-Fi vs. a mobile hotspot. You should see your home public IP when using the exit node. Now, you can browse your '''local wiki''', log into '''home servers''', or access devices on <code>192.168.0.0/24</code>. == Troubleshooting == * '''SSH fails:''' Ensure the username/password match Step 1 settings. * '''Tailscale not connecting:''' Check your Tailscale account and re-authenticate. * '''IP not found:''' Re-run <code>nmap</code> or check your router’s DHCP list. == SEO: Find This Guide Easily == Looking to '''SSH tunnel into your home network safely''' or set up a '''Raspberry Pi 2 as a Tailscale exit node'''? This guide covers everything you need for secure remote access to your '''home network''' using a '''headless Raspberry Pi 2'''. Key terms to find this page again: '''Raspberry Pi 2 Tailscale setup''', '''Tailscale exit node tutorial''', '''headless SSH home VPN''', '''nmap IP discovery for Pi''', '''DIY VPN with Raspberry Pi''', '''secure home server access''', '''Tailscale remote access'''. Whether you’re editing a '''local wiki''' or managing devices on your '''home LAN''', this '''RPi2 Tailscale guide''' has you covered. 0iial66pyrq933zoo3y1t8iyof8nxtr 0 145 481 2025-03-07T00:13:59Z AwesomO 5 Created page with " == RAM and Swap Info == To display memory (RAM) and swap usage in a human-readable format with totals in megabytes: <code>free -m -h</code> * '''-m''': Shows output in megabytes. * '''-h''': Makes the output human-readable (e.g., GB, MB). Example output might look like: <pre> total used free shared buff/cache available Mem: 7.8Gi 2.1Gi 3.5Gi 0.2Gi 2.2Gi 5.4Gi Swap: 2.0Gi 0.0Gi..." 481 wikitext text/x-wiki == RAM and Swap Info == To display memory (RAM) and swap usage in a human-readable format with totals in megabytes: <code>free -m -h</code> * '''-m''': Shows output in megabytes. * '''-h''': Makes the output human-readable (e.g., GB, MB). Example output might look like: <pre> total used free shared buff/cache available Mem: 7.8Gi 2.1Gi 3.5Gi 0.2Gi 2.2Gi 5.4Gi Swap: 2.0Gi 0.0Gi 2.0Gi </pre> == Hard Drive Space Info == To check disk space usage for mounted filesystems: <code>df -h</code> * '''-h''': Displays sizes in human-readable format (e.g., GB, MB). Example output: <pre> Filesystem Size Used Avail Use% Mounted on /dev/sda1 100G 25G 75G 25% / </pre> == CPU Info == To display detailed information about the CPU: <code>lscpu</code> This shows architecture, number of cores, clock speed, etc. Example output snippet: <pre> Architecture: x86_64 CPU(s): 4 Model name: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz CPU MHz: 2400.000 </pre> For a more concise CPU summary, use: <code>cat /proc/cpuinfo</code> Look for lines like "model name" and "cpu cores" in the output. == Motherboard Info == To get motherboard details (vendor, product name, version), use: <code>sudo dmidecode -t baseboard</code> * Requires sudo privileges. * Example output: <pre> Base Board Information Manufacturer: Dell Inc. Product Name: 0F6X5P Version: A00 </pre> Alternatively, for a broader system overview (including motherboard): <code>sudo dmidecode -t system</code> == Additional Useful Hardware Info == Here are more commands to round out your hardware info page: === List Block Devices (Disks and Partitions) === Shows all block devices like hard drives and SSDs: <code>lsblk</code> Example: <pre> NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 120G 0 disk ├─sda1 8:1 0 100G 0 part / ├─sda2 8:2 0 1K 0 part └─sda5 8:5 0 20G 0 part [SWAP] </pre> === GPU/Graphics Card Info === To check graphics hardware: <code>lspci | grep -i vga</code> Example: <pre> 00:02.0 VGA compatible controller: Intel Corporation UHD Graphics 620 (rev 07) </pre> For detailed driver info, use: <code>glxinfo | grep "OpenGL renderer"</code> * Requires `mesa-utils` package (`sudo apt install mesa-utils`). === Network Hardware === List network interfaces and hardware: <code>lshw -C network</code> * Requires `lshw` package (`sudo apt install lshw`). * Use sudo for full details. === Full Hardware Summary === For a complete hardware overview in one go: <code>sudo lshw</code> * Outputs everything: CPU, memory, disks, network, etc. * Pipe to `less` for easier reading: `sudo lshw | less`. == Notes == * Some commands (e.g., `dmidecode`, `lshw`) require root privileges via `sudo`. * Install missing tools with `sudo apt install <package>` if a command isn’t found. * Tested on Ubuntu 24.04 as of March 06, 2025. ==SEO== SEO Keywords if searching for this page. How do I check how much free RAM I have in Linux? How do I see swap space usage in Linux? How do I know what hard drive space I have left? How can I find CPU details in Linux? How do I get motherboard info on Linux? How do I list disks and partitions in Linux? How do I check my graphics card in Linux? How do I see network hardware in Linux? How do I get a full hardware summary in Linux? What command shows memory usage in megabytes? How do I view human-readable disk space in Linux? How do I install tools to check system info in Linux? 4p6w1zy4f9rvkp05000mjdl364egkvy 0 146 483 2025-03-08T20:20:22Z AwesomO 5 Created page with "== FreeBSD 13.2 Find Hardware Info == This page details how to retrieve hardware information on FreeBSD 13.2 using built-in commands and optional tools from the ports collection. Tested as of March 08, 2025. == RAM and Swap Info == To check memory (RAM) and swap usage: * '''Total RAM:''' Display total physical memory in bytes: <code>sysctl hw.physmem</code> Example output (8GB in bytes): <pre> hw.physmem: 8589934592 </pre> * '''Memory Statistics:''' Show active..." 483 wikitext text/x-wiki == FreeBSD 13.2 Find Hardware Info == This page details how to retrieve hardware information on FreeBSD 13.2 using built-in commands and optional tools from the ports collection. Tested as of March 08, 2025. == RAM and Swap Info == To check memory (RAM) and swap usage: * '''Total RAM:''' Display total physical memory in bytes: <code>sysctl hw.physmem</code> Example output (8GB in bytes): <pre> hw.physmem: 8589934592 </pre> * '''Memory Statistics:''' Show active, inactive, wired, and free memory: <code>vmstat -m</code> Example output: <pre> procs memory page disks faults cpu r b w avm fre flt re pi po fr sr da0 cd0 in sy cs us sy id 0 0 0 2.0G 710M 143 0 0 0 216 147 0 0 93 842 701 1 1 98 </pre> * '''Swap Usage:''' Display swap space in human-readable format: <code>swapinfo -h</code> Example output: <pre> Device 1K-blocks Used Avail Capacity /dev/ada0s1b 1048540 736K 1.0G 0% </pre> == Hard Drive Space Info == To check disk space usage for mounted filesystems: <code>df -h</code> * '''-h''': Displays sizes in human-readable format (e.g., GB, MB). Example output: <pre> Filesystem Size Used Avail Use% Mounted on /dev/ada0s1a 20G 5G 15G 25% / </pre> == CPU Info == To display CPU details: * '''Basic CPU Info:''' Show CPU model and core count: <code>sysctl hw.model</code><br> <code>sysctl hw.ncpu</code><br> Example output: <pre> hw.model: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz hw.ncpu: 4 </pre> * '''Detailed CPU Info:''' Extract CPU data from boot messages: <code>dmesg | grep CPU</code> Example output snippet: <pre> CPU: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz (1600.00-MHz K8-class CPU) </pre> == Motherboard Info == To get motherboard details (vendor, product name, version): <code>sudo dmidecode -t baseboard</code> * Requires installation: <code>sudo pkg install dmidecode</code>. * Example output: <pre> Base Board Information Manufacturer: Dell Inc. Product Name: 0F6X5P Version: A00 </pre> == Additional Useful Hardware Info == Here are more commands for a complete hardware overview: === List Block Devices (Disks and Partitions) === Shows all block devices like hard drives and SSDs: <code>camcontrol devlist</code> Example: <pre> <Samsung SSD 860 EVO mSATA 1TB RVT41B6Q> at scbus1 target 0 lun 0 (ada0,pass0) </pre> Alternatively: <code>geom disk list</code> === GPU/Graphics Card Info === To check graphics hardware: <code>pciconf -lvc | grep -i vga</code> Example: <pre> vgapci0@pci0:0:2:0: class=0x030000 card=0x12345678 chip=0x12345678 rev=0x02 hdr=0x00 </pre> === Network Hardware === List network interfaces and hardware: <code>pciconf -lvc | grep -i network</code> Example: <pre> em0@pci0:3:0:0: class=0x020000 card=0x12345678 chip=0x12345678 rev=0x01 hdr=0x00 </pre> === Full Hardware Summary === For a complete hardware overview: <code>dmesg | less</code> * Shows boot-time hardware detection. Alternatively: <code>sysctl -a | less</code> * Lists all system parameters, including hardware. == Notes == * Commands like <code>dmidecode</code> require installation via <code>sudo pkg install dmidecode</code>. * Some tools (e.g., <code>lshw</code>, <code>lscpu</code>) are available in the ports collection but not installed by default. * Use <code>sudo</code> for commands needing root privileges. * Tested on FreeBSD 13.2 as of March 08, 2025. == Citations == * [https://www.cyberciti.biz/faq/freebsd-command-to-get-ram-information/ FreeBSD find out RAM size Including Total Amount of Free and Used Memory Size] * [https://networking.ringofsaturn.com/Unix/freebsd-free-mem.php Memory Utilization on FreeBSD] * [https://www.cyberciti.biz/faq/df-command-examples-in-linux-unix/ df command examples in Linux/Unix] * [https://www.cyberciti.biz/faq/howto-find-out-freebsd-cpuinfo/ FreeBSD CPU Information Command] * [https://forums.freebsd.org/threads/easy-way-to-get-cpu-features.10553/ Easy way to get cpu features] * [https://www.freshports.org/sysutils/lscpu/ FreshPorts -- sysutils/lscpu] * [https://www.cyberciti.biz/tips/freebsd-display-information-about-the-system.html FreeBSD Display Information About The System Hardware] * [https://forums.freebsd.org/threads/motherboard-serial-number.20997/ motherboard serial number] * [https://forums.freebsd.org/threads/list-block-devices-on-freebsd-lsblk-8-style.72447/ List Block Devices on FreeBSD lsblk(8) Style] * [https://unix.stackexchange.com/questions/175814/list-connected-storage-devices-in-freebsd List connected storage devices in FreeBSD] * [https://rubenerd.com/linux-to-freebsd-lspci-to-pciconf/ Linux to FreeBSD: lspci to pciconf] * [https://klarasystems.com/articles/easily-migrate-from-linux-to-freebsd/ Easily Migrate from Linux to FreeBSD] == SEO == SEO Keywords if searching for this page: How do I check RAM usage in FreeBSD? How do I see swap space in FreeBSD? How do I find disk space in FreeBSD? How can I get CPU details in FreeBSD? How do I check motherboard info on FreeBSD? How do I list disks and partitions in FreeBSD? How do I find graphics card info in FreeBSD? How do I see network hardware in FreeBSD? How do I get a full hardware summary in FreeBSD? What command shows memory in FreeBSD? How do I view human-readable disk space in FreeBSD? How do I install tools to check hardware in FreeBSD? 57xpzxup1h6qq28yk7amxoryz13lph5 0 147 489 2025-03-19T20:37:54Z Test1 7 Created page with "== Ubuntu 24.04 Processes and Services == Ubuntu 24.04 introduces updated tools and enhancements for managing processes and services. This guide covers how to monitor, control, and optimize processes and services on your Ubuntu 24.04 system, including practical examples like running applications in the background and managing system services with <code>systemd</code>. == Introduction == Processes and services are fundamental to the operation of any Linux system, inclu..." 489 wikitext text/x-wiki == Ubuntu 24.04 Processes and Services == Ubuntu 24.04 introduces updated tools and enhancements for managing processes and services. This guide covers how to monitor, control, and optimize processes and services on your Ubuntu 24.04 system, including practical examples like running applications in the background and managing system services with <code>systemd</code>. == Introduction == Processes and services are fundamental to the operation of any Linux system, including Ubuntu 24.04. A '''process''' is an instance of a running program, while a '''service''' is a background process that provides system functionality, often starting at boot. This page will guide you through understanding, managing, and troubleshooting processes and services in Ubuntu 24.04, with a focus on tools and features specific to this release. == Understanding Processes in Ubuntu 24.04 == === Process Basics === In Ubuntu 24.04, each process has a unique '''Process ID (PID)''' and exists in one of several states: * '''Running''': The process is executing or waiting to execute. * '''Sleeping''': The process is waiting for an event (e.g., user input). * '''Stopped''': The process is paused, often by user action. * '''Zombie''': The process has terminated but remains in the process table. Processes are hierarchical, with parent processes creating child processes. The root of this hierarchy is the '''init''' process (PID 1), managed by <code>systemd</code> in Ubuntu 24.04. === Tools for Process Management === Ubuntu 24.04 provides several tools to monitor and manage processes: * <code>ps</code>: Lists processes. Use <code>ps aux</code> for a detailed view. * <code>top</code>: Displays real-time process information, sorted by CPU usage. * <code>htop</code>: An enhanced version of <code>top</code> with a user-friendly interface. Install it with <code>sudo apt install htop</code>. * <code>pgrep</code>: Finds processes by name or other attributes. For example, <code>pgrep -f keepassxc</code> finds processes matching "keepassxc". Ubuntu 24.04 also includes improvements in process scheduling and resource management, optimizing performance for both desktop and server environments. == Background and Foreground Processes == Processes in Ubuntu 24.04 can run in the '''foreground''' or '''background'''. Understanding how to manage them is key to efficient multitasking in the terminal. === Foreground Processes === Foreground processes run interactively in the terminal, blocking further commands until they complete or are paused. For example, launching <code>nano</code> to edit a file ties up the terminal until you exit the editor. === Background Processes === Background processes run independently of the terminal, allowing you to continue using it for other tasks. This is ideal for long-running applications like downloads or running a KeePassXC AppImage. === Managing Background and Foreground Processes === * '''Starting a Process in the Background''': Add an ampersand (<code>&</code>) to the command. For example: <pre>./keepassxc.appimage &</pre> This launches KeePassXC in the background, displaying a job number (e.g., <code>[1]</code>) and PID (e.g., <code>12345</code>). * '''Moving a Foreground Process to the Background''': If a process is already running in the foreground: ** Pause it with <code>Ctrl + Z</code> (e.g., <code>[1]+ Stopped ./keepassxc.appimage</code>). ** Resume it in the background with: <pre>bg</pre> * '''Checking Background Processes''': List all background jobs in the current terminal session: <pre>jobs</pre> Output might look like: <pre>[1]+ Running ./keepassxc.appimage &</pre> To see all processes (including those not tied to the terminal), use: <pre>ps aux | grep keepassxc</pre> * '''Bringing a Background Process to the Foreground''': Use the <code>fg</code> command with the job number: <pre>fg %1</pre> Replace <code>%1</code> with the job number from the <code>jobs</code> output. * '''Closing a Background Process''': To terminate a specific background process: ** Find its PID: <pre>pgrep -f keepassxc.appimage</pre> This might return <code>12345</code>. ** Kill it: <pre>kill 12345</pre> Use <code>kill -9 12345</code> if it doesn’t close gracefully. * '''Persistent Background Processes''': Closing the terminal ends background jobs. To keep them running, use <code>nohup</code>: <pre>nohup ./keepassxc.appimage &</pre> Or run them in a <code>tmux</code> or <code>screen</code> session. === Example: Running KeePassXC in the Background === Let’s run a KeePassXC AppImage in the background, check it, and close it: * '''Start KeePassXC''': <pre>./keepassxc.appimage &</pre> Output: <code>[1] 12345</code>. KeePassXC runs, and the terminal is free. * '''Check Background Jobs''': <pre>jobs</pre> Output: <code>[1]+ Running ./keepassxc.appimage &</code>. * '''Verify with PID''': <pre>pgrep -f keepassxc.appimage</pre> Output: <code>12345</code>. * '''Close KeePassXC''': <pre>kill 12345</pre> Verify it’s gone with <code>jobs</code> (empty output) or <code>ps aux | grep keepassxc</code>. This approach lets you run KeePassXC without tying up your terminal, check its status, and stop it when needed. == System Services in Ubuntu 24.04 == === Systemd Overview === Ubuntu 24.04 uses <code>systemd</code> as its default init system, managing system services and boot processes. <code>systemd</code> provides better performance and advanced features compared to older init systems. === Managing Services with systemctl === The <code>systemctl</code> command is used to manage services. Common commands include: * '''Start a service''': <pre>sudo systemctl start service_name</pre> * '''Stop a service''': <pre>sudo systemctl stop service_name</pre> * '''Enable a service''' (start at boot): <pre>sudo systemctl enable service_name</pre> * '''Disable a service''' (don’t start at boot): <pre>sudo systemctl disable service_name</pre> * '''Check service status''': <pre>systemctl status service_name</pre> === Common Services in Ubuntu 24.04 === Some essential services include: * <code>ssh</code>: Allows secure remote access. * <code>apache2</code>: Serves web pages. * <code>snapd</code>: Manages Snap packages, a key feature in Ubuntu. === Creating Custom Services === You can create your own services with <code>systemd</code>. For example, to start the IPFS daemon at boot: * '''Create a service file''': <pre>sudo nano /etc/systemd/system/ipfs.service</pre> * '''Add the following content''': <pre> [Unit] Description=Start IPFS daemon [Service] Type=simple ExecStart=/usr/local/bin/ipfs daemon [Install] WantedBy=multi-user.target </pre> # '''Enable and start the service''': <pre>sudo systemctl enable ipfs.service</pre> <pre>sudo systemctl start ipfs</pre> == Monitoring and Troubleshooting == === Real-Time Monitoring === Use <code>top</code> or <code>htop</code> to monitor processes in real-time: * <code>top</code>: Default tool, press <code>q</code> to quit. * <code>htop</code>: More interactive, with color-coding and easier navigation. === Viewing Logs === Use <code>journalctl</code> to access service logs: * '''View logs for a service''': <pre>journalctl -u service_name</pre> * '''Follow live logs''': <pre>journalctl -f</pre> === Finding Process Issues === To identify resource-heavy processes: * Use <code>top</code> or <code>htop</code> and sort by CPU or memory usage. * Alternatively, use <code>ps aux | sort -nk 3</code> to sort by CPU usage. 2w1vh8q1esz4imppbc9sq020ulk68if 0 148 492 2025-03-20T14:30:07Z AwesomO 5 Created page with "== Ubuntu 24.04 kpcli How-To: A Noob’s Guide to KeePass CLI == Welcome to this beginner-friendly guide on using `kpcli`—a command-line tool to manage your KeePass password databases on Ubuntu 24.04! Whether you’re new to the terminal or just want a simple way to handle passwords, this walkthrough will get you up and running. We’ll cover installing `kpcli`, creating a database, adding entries, searching, exporting, and more—all step-by-step, with tips to keep yo..." 492 wikitext text/x-wiki == Ubuntu 24.04 kpcli How-To: A Noob’s Guide to KeePass CLI == Welcome to this beginner-friendly guide on using `kpcli`—a command-line tool to manage your KeePass password databases on Ubuntu 24.04! Whether you’re new to the terminal or just want a simple way to handle passwords, this walkthrough will get you up and running. We’ll cover installing `kpcli`, creating a database, adding entries, searching, exporting, and more—all step-by-step, with tips to keep you safe and organized. == What is kpcli? == `kpcli` (KeePass Command Line Interface) is a tool written in Perl that lets you work with KeePass password files (`.kdb` for v1, `.kdbx` for v2) right from your terminal. No need for a fancy GUI—just type commands to store, edit, and find your passwords securely. It’s perfect for Ubuntu 24.04 users who love the command line or run headless systems. == Step 1: Install kpcli == Let’s get `kpcli` on your system. Ubuntu 24.04 makes it easy with its package manager. *'''Update Your System:''' Open a terminal (Ctrl+Alt+T) and type: <pre>sudo apt update</pre> This refreshes your package list so you get the latest stuff. *'''Install kpcli:''' Run: <pre>sudo apt install kpcli</pre> This grabs `kpcli` and its must-have Perl bits (like `File::KeePass` and `Term::ShellUI`). Enter your password when asked. *'''Check It Worked:''' Type: <pre>kpcli --version</pre> You’ll see something like `kpcli-3.8.1`. If it shows up, you’re golden! <div class="toccolours mw-collapsible mw-collapsed"> '''Want the Latest Version?''' <div class="mw-collapsible-content"> If the Ubuntu version feels old, grab the latest from [https://sourceforge.net/projects/kpcli/files/ SourceForge]: <pre>wget https://sourceforge.net/projects/kpcli/files/kpcli-4.1.3.pl</pre> Then install extra Perl modules: <pre>sudo apt install libfile-keepass-perl libterm-readkey-perl libsort-naturally-perl libterm-shellui-perl libcrypt-rijndael-perl libterm-readline-gnu-perl</pre> <pre>sudo apt install cpanminus && sudo cpanm Crypt::Argon2</pre> Run it with: <code>perl kpcli-4.1.3.pl</code>. But for noobs, stick with `apt`—it’s simpler! </div> </div> == Step 2: Create Your First Database == Time to make a secure spot for your passwords! *'''Start kpcli:''' Type: <pre>kpcli</pre> You’ll see a prompt like `kpcli:/>`—that’s your workspace. *'''Create a New Database:''' At the prompt, type: <pre>saveas mypasswords.kdbx</pre> *mypasswords.kdbx` is your new file (change the name if you want). *It’ll ask for a master password—make it strong (e.g., `My$3cretP@ss123`) and type it twice to confirm. *`.kdbx` is for KeePass 2.x, which is newer and safer. *'''Where’s My File?''' It’s saved in your home directory (e.g., `/home/noob/mypasswords.kdbx`). Copy it somewhere safe as a backup: <pre>cp mypasswords.kdbx ~/Documents/backup/</pre> == Step 3: Open a Database == Got a database already? Let’s open it. *'''Launch kpcli:''' <pre>kpcli</pre> *'''Open Your File:''' <pre>open mypasswords.kdbx</pre> *Type your master password when asked. *If it works, you’re in! If not, check your password—there’s no “forgot password” here. == Step 4: Add and Manage Entries == * <code>ls</code> will list directories * <code>mkdir test</code> will create dir * <code>pwd</code> will show current path * <code>cd</code> will change directory ( just like unix ) Now, let’s store some passwords! *'''Add a New Entry:''' <pre>new eMail/ example.com</pre> *`eMail/` is a group (like a folder) to keep things tidy. *`example.com` is the entry title. *It’ll ask for: **Username (e.g., `noob@example.com`) **Password (e.g., `P@ssw0rd123`) **URL (e.g., `https://example.com`) **Notes (optional, like “Main email”). *Hit Enter on each to save. *'''Edit an Entry:''' <pre>edit eMail/example.com</pre> *Change anything (e.g., a new password). Follow the prompts—super easy! *'''Delete an Entry:''' <pre>delete eMail/example.com</pre> *Poof, it’s gone! Be sure you mean it—no undo button. *'''Save Changes:''' After adding or editing, save with: <pre>save</pre> *Keeps your database updated. == Step 5: List and Search Entries == Find what you’ve stored! *'''List Everything:''' <pre>ls</pre> *Shows groups (e.g., `eMail/`) and entries. *Dive into a group: <pre>cd eMail</pre> <pre>ls</pre> *See numbered entries like `0. example www.example.com`. *'''Search for Stuff:''' <pre>find example</pre> *Finds entries with “example” in the title or username. Matches go to `/_found/`: <pre>cd /_found</pre> <pre>ls</pre> *Want more? Use: <pre>find -a example</pre> *Searches all fields (notes, URLs, etc.). *'''See Details:''' <pre>show 0</pre> *Shows entry 0’s info. Add `-f` to reveal the password: <pre>show -f 0</pre> == Step 6: Export and Import Data == Share or back up your passwords! *'''Export Entries:''' <pre>export backup.kdbx</pre> *Creates a new database with selected entries. Follow prompts to pick what to export. *Great for backups or splitting your database. *'''Import (Sort Of):''' `kpcli` doesn’t have a direct import, but here’s a trick: <pre>open oldpasswords.kdbx</pre> <pre>saveas mypasswords.kdbx</pre> *Merges `oldpasswords.kdbx` into `mypasswords.kdbx`. Watch for duplicates—check with `ls` first. == Step 7: Extra Cool Stuff == `kpcli` has more tricks up its sleeve! *'''Help Me!''' <pre>help</pre> *Lists all commands. Try `help ls` for details on one. *'''Clear the Screen:''' <pre>cls</pre> *Cleans up your terminal—nice when it’s messy. *'''Lock It Up:''' <pre>lock</pre> *Adds a lock file to prevent multiple users messing with the database at once. *'''Check Version:''' <pre>version</pre> *Shows your `kpcli` version—handy for troubleshooting. == Tips for Noobs == *'''Stay Safe:''' Use a strong master password and back up your `.kdbx` file (e.g., USB drive or cloud with encryption). *'''Get Organized:''' Groups like `eMail/`, `Work/`, or `Games/` make finding stuff easier. *'''Key File Bonus:''' Add a key file for extra security: <pre>open mypasswords.kdbx --keyfile mykey.key</pre> *Create one in KeePass GUI first. *'''Test First:''' Play with a dummy database before your real one—mistakes happen! *'''Online Wisdom:''' Forums say `find -a` is a lifesaver for lost entries, and `export` before big edits saves headaches. == Troubleshooting == *'''“Can’t Open File” Error:''' *Wrong path? Check with `ls ~/mypasswords.kdbx`. Wrong password? Double-check caps and symbols. *'''“Module Missing” Error:''' *Run: <pre>sudo apt install libfile-keepass-perl libterm-readkey-perl libsort-naturally-perl libterm-shellui-perl libcrypt-rijndael-perl</pre> *'''KDBX v4 Issues:''' *Ensure your database uses AES encryption (not ChaCha20) in KeePass settings—`kpcli` needs this for v2+ files. == Support the Creator == Love `kpcli`? Support its author at [https://github.com/sponsors/hightowe GitHub Sponsors]—a little thanks goes a long way! thl5mhhoam19zjz4zdt4kw1k12byw8j 0 149 493 2025-03-20T16:51:30Z AwesomO 5 Created page with "== Ubuntu 24.04 kpcli Perl How-To == This guide shows how to set up `kpcli`, a Perl script for managing KeePass databases, on Ubuntu 24.04. * This Page is if you want to run the '''perl script''' * [[Ubuntu_24.04_kpcli_How-To:_A_Noob’s_Guide_to_KeePass_CLI| '''If you want an easy way to run kpcli please use apt or snap - Click here for more info''']] We’ll download `kpcli-4.1.3.pl`, install its Perl dependencies, and get it running—all step-by-step. == What i..." 493 wikitext text/x-wiki == Ubuntu 24.04 kpcli Perl How-To == This guide shows how to set up `kpcli`, a Perl script for managing KeePass databases, on Ubuntu 24.04. * This Page is if you want to run the '''perl script''' * [[Ubuntu_24.04_kpcli_How-To:_A_Noob’s_Guide_to_KeePass_CLI| '''If you want an easy way to run kpcli please use apt or snap - Click here for more info''']] We’ll download `kpcli-4.1.3.pl`, install its Perl dependencies, and get it running—all step-by-step. == What is kpcli? == `kpcli` (KeePass CLI) is a Perl script that lets you manage KeePass `.kdb` or `.kdbx` files from the terminal. It’s great for quick password access without a GUI, and it’s lightweight for systems like Ubuntu 24.04. == Prerequisites == * Ubuntu 24.04 system (e.g., a ThinkPad X270). * Internet connection. * Terminal access. * A KeePass database file (optional, for testing). == Step 1: Check Perl == Ubuntu 24.04 comes with Perl, but let’s confirm: <pre> perl -v </pre> * Look for something like `v5.38.2`. If it’s missing, install it: <pre> sudo apt install perl </pre> == Step 2: Download kpcli == Get the latest version from SourceForge: # Visit [https://sourceforge.net/projects/kpcli/files/ kpcli SourceForge]. # Download `kpcli-4.1.3.pl` (or the latest `.pl` file). # Save it to your Downloads folder: <pre> cd ~/Downloads wget https://sourceforge.net/projects/kpcli/files/kpcli-4.1.3.pl </pre> * '''Verify the File:''' Check the SHA256 checksum to ensure it’s legit: <pre> sha256sum kpcli-4.1.3.pl </pre> * Expected output: <pre> c91363e4e07f3521a867f68db602c95b53dc167e4366ee7ff254252b4176c62f kpcli-4.1.3.pl </pre> * If it matches, you’re good! == Step 3: Install Perl Dependencies == `kpcli` needs several Perl modules. Let’s install them with `apt` and `cpanm`. === Core Modules === Run this to grab most dependencies: <pre> sudo apt install libfile-keepass-perl libterm-readkey-perl libsort-naturally-perl libterm-shellui-perl libcrypt-rijndael-perl libterm-readline-gnu-perl </pre> * What these do: - `libfile-keepass-perl`: Reads KeePass files. - `libterm-readkey-perl`: Handles keyboard input. - `libsort-naturally-perl`: Sorts entries nicely. - `libterm-shellui-perl`: Powers the CLI interface. - `libcrypt-rijndael-perl`: AES encryption for KeePass v1. - `libterm-readline-gnu-perl`: Interactive terminal support (fixes “No usable Term::ReadLine” error). === Extra Module (Argon2) === For KeePass v2+ files with Argon2 encryption, install `Crypt::Argon2`: <pre> sudo apt install cpanminus sudo cpanm Crypt::Argon2 </pre> * `cpanminus` (or `cpanm`) is a lightweight Perl module installer. * This might take a minute—it pulls in some extra Perl goodies. == Step 4: Run kpcli == Now, launch the script: <pre> cd ~/Downloads perl kpcli-4.1.3.pl </pre> * You should see: <pre> KeePass CLI (kpcli-4.1.3) v4.1.3 is ready for operation. kpcli-4.1.3:/> </pre> === Make It Executable (Optional) === For easier running: <pre> chmod +x kpcli-4.1.3.pl ./kpcli-4.1.3.pl </pre> == Step 5: Test It == Try some commands: * <code>help</code>: Lists available commands. * <code>open mypasswords.kdb</code>: Opens a KeePass file (replace with your file’s name). * <code>exit</code>: Quits the tool. == Troubleshooting == * '''“No usable Term::ReadLine::*” Error:''' Install `libterm-readline-gnu-perl` (Step 3). If it persists, try: <pre> sudo apt install libterm-readline-perl-perl </pre> * '''“Can’t locate Crypt/Rijndael.pm” Error:''' Fixed by `libcrypt-rijndael-perl` (Step 3). * '''Still Stuck?''' Install the pre-packaged version: <pre> sudo apt install kpcli kpcli </pre> This skips the Perl script hassles. == Notes == * Run from `~/Downloads` for now—move it to `/usr/local/bin/` later if you want system-wide access (e.g., `sudo mv kpcli-4.1.3.pl /usr/local/bin/kpcli`). * Back up your KeePass files before editing! * Tested on Ubuntu 24.04 as of March 19, 2025. == Support the Author == Consider sponsoring `kpcli`’s development at [https://github.com/sponsors/hightowe GitHub Sponsors]. fznl6cedwyd626rqjx1e3pwqmrfeme6 0 150 494 2025-03-20T20:41:51Z AwesomO 5 Created page with " [[Ubuntu_24.04_kpcli_How-To:_A_Noob’s_Guide_to_KeePass_CLI| Kpcli Basics Tut page]] So you forgotten your keepass password, well ..... there is no one to call. If you really want to try and force it open, here is a simple tut for completenoobs: ==Step 1 - creating a kpcli database with password == ===Install Kpcli=== <code>sudo apt install kpcli</code> ===Open Kpcli=== <code>kpcli</code> ===Create passworded database on kpcli=== * Will be Prompted for a mast..." 494 wikitext text/x-wiki [[Ubuntu_24.04_kpcli_How-To:_A_Noob’s_Guide_to_KeePass_CLI| Kpcli Basics Tut page]] So you forgotten your keepass password, well ..... there is no one to call. If you really want to try and force it open, here is a simple tut for completenoobs: ==Step 1 - creating a kpcli database with password == ===Install Kpcli=== <code>sudo apt install kpcli</code> ===Open Kpcli=== <code>kpcli</code> ===Create passworded database on kpcli=== * Will be Prompted for a master password <code>saveas noobs.kdbx</code> * You should now have a file called <code>noobs.kdbx</code> in same directory you run the <code>kpcli</code> command: * You can save find in another path: <code>saveas /home/$USER/Documents/mepasswords.encrypted</code> * NOTE: extension can be called anything, does not have to be <code>name.kdbx</code> ==Step 2 - install john the ripper == * Ubuntu’s package might be slim—let’s grab the latest “jumbo” version from source, which includes `keepass2john`. The `john` package in Ubuntu’s repositories (like 1.9.0-jumbo-1 in 24.04) includes John the Ripper, but `keepass2john`—a helper tool to pull hashes from KeePass `.kdbx` files—might be missing or not linked properly. Older versions or slimmed-down installs skip these extras. We’ll either find it or build a full version! *'''Install Build Tools:''' You’ll need these to compile: <pre>sudo apt install git build-essential libssl-dev</pre> *'''Clone the Repo:''' Get the latest from GitHub: <pre>git clone https://github.com/openwall/john -b bleeding-jumbo ~/john</pre> *This downloads it to `~/john` (your home folder). *'''Build It:''' Go there and compile: <pre>cd ~/john/src</pre> <pre>./configure && make -s clean && make -sj4</pre> *Takes a minute—grab a snack! `-sj4` uses 4 CPU cores for speed. *'''Find keepass2john:''' It’s in the `run` folder: <pre>ls ~/john/run/keepass2john</pre> *If it’s there, you’re golden! ==Step 3 - get hash of kdbx file== Now, extract that hash: *'''Test It:''' From your testdb folder (e.g., `~/Downloads`): <pre>~/john/run/keepass2john noobs.kdbx > myhash.txt</pre> *Check the output: <pre>cat myhash.txt</pre> *See a `$keepass$` line? Awesome—it worked! My OutPut: <pre> noobs:$keepass$*2*6000*0*aac404cda6fa0ea22da21cef0de9ca2f592be89f1441dd3a05315d7d43db62ef*11aef515929792aaa2e0f045749527bfef04d9ebcd874835a8d4a687b638b592*3b218e2cde618500ef223aaee6383290*9fbc2e6a830db09d6007816335b08ef25d045afdba50b50f10a85a9e3f07258b*c2c2e65427d5bb09a3d3e80b6dbcd6f4cffd2b35e3f3c219e00f2a95b33f0756 </pre> * NOTE: If using <code>hashcat</code> you need to remove <code>noobs:</code> (database_name:) from front of line, or you will get error. ==Step 4 - create/download a list of passwords file== ===Download a names list=== Install some Wordlists or create your own.<br> * https://github.com/brannondorsey/naive-hashcat/releases <code>sudo mkdir -p /usr/share/wordlists</code><br> <code>sudo wget -O /usr/share/wordlists/rockyou.txt https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt</code> * NOTE: john already comes with a very good password list <code>password.lst</code> which i found in <code>~/john/run/password.lst</code> ===Create a list=== <div class="toccolours mw-collapsible mw-collapsed"> '''make_wordlist.sh''' Bash script for Ubuntu 24.04 creates a `.txt` file with password guesses based on your choices: <div class="mw-collapsible-content"> <code>$EDITOR make_wordlist.sh</code> <pre> #!/bin/bash # Custom Password List Generator for Ubuntu 24.04 with Max Limit # Function to check if input is a positive integer is_positive_integer() { [[ $1 =~ ^[0-9]+$ ]] && [ "$1" -gt 0 ] } # Ask what to include echo "Let’s build your password list!" read -p "Include lowercase letters (a-z)? (y/n): " lower read -p "Include uppercase letters (A-Z)? (y/n): " upper read -p "Include numbers (0-9)? (y/n): " nums read -p "Include special chars (!@#$%^&*)? (y/n): " special # Get password length with validation while true; do read -p "How long should each password be? (e.g., 8): " length if is_positive_integer "$length"; then break else echo "Please enter a positive integer." fi done # Set character sets and count size chars="" charset_size=0 if [ "$lower" = "y" ]; then chars="${chars}a-z" charset_size=$((charset_size + 26)) fi if [ "$upper" = "y" ]; then chars="${chars}A-Z" charset_size=$((charset_size + 26)) fi if [ "$nums" = "y" ]; then chars="${chars}0-9" charset_size=$((charset_size + 10)) fi if [ "$special" = "y" ]; then chars="${chars}!@#$%^&*" charset_size=$((charset_size + 8)) fi # Check if any chars were selected if [ $charset_size -eq 0 ]; then echo "Oops! Pick at least one character type." exit 1 fi # Calculate max possible passwords (charset_size^length) max_passwords=$(echo "$charset_size ^ $length" | bc) echo "With $charset_size chars and length $length, max possible passwords: $max_passwords" # Calculate file size (bytes = max_passwords * (length + 1 for newline)) bytes_per_line=$((length + 1)) total_bytes=$(echo "$max_passwords * $bytes_per_line" | bc) mb_size=$(echo "scale=2; $total_bytes / 1048576" | bc) # Bytes to MB gb_size=$(echo "scale=2; $total_bytes / 1073741824" | bc) # Bytes to GB # Show size warning echo "Full list size: $mb_size MB ($gb_size GB)" # Set a practical max (e.g., 1 billion or disk space) disk_free=$(df -B1 ~ | tail -1 | awk '{print $4}') # Free bytes in home dir max_by_disk=$(echo "$disk_free / $bytes_per_line" | bc) practical_max=$((1000000000)) # 1 billion default cap if [ $max_by_disk -lt $practical_max ]; then practical_max=$max_by_disk fi if [ $max_passwords -lt $practical_max ]; then practical_max=$max_passwords fi echo "Practical max for your disk: $practical_max passwords" # Get number of passwords with validation and capping while true; do read -p "How many passwords to generate? (max $practical_max, e.g., 100): " count if is_positive_integer "$count"; then if [ "$count" -gt "$practical_max" ]; then echo "Whoa! That’s too many—capping at $practical_max." count=$practical_max fi break else echo "Please enter a positive integer." fi done read -p "Output file name (e.g., mylist.txt): " outfile # Generate the list echo "Generating $count passwords of length $length into $outfile..." for ((i=1; i<=count; i++)); do tr -dc "$chars" < /dev/urandom | head -c "$length" >> "$outfile" echo "" >> "$outfile" # New line for each password done echo "Done! Check $outfile for your custom list." </pre> * How to Use It: <code>bash make_wordlist.sh</code> * Answer the prompts—e.g., y/n for options, 8 for length, and up to the max shown for count. '''Example Run:''' <pre> Let’s build your password list! Include lowercase letters (a-z)? (y/n): y Include uppercase letters (A-Z)? (y/n): n Include numbers (0-9)? (y/n): n Include special chars (!@#$%^&*)? (y/n): n How long should each password be? (e.g., 8): 4 With 26 chars and length 4, max possible passwords: 456976 Full list size: 2.17 MB (0.00 GB) Practical max for your disk: 456976 passwords How many passwords to generate? (max 456976, e.g., 100): 5 Output file name (e.g., mylist.txt): testlist.txt Generating 5 passwords of length 4 into testlist.txt... Done! Check testlist.txt for your custom list. </pre> '''Output (testlist.txt):'''<br> <pre> abcd kjmn pqrs wxyz efgh </pre> '''How the Max Works:'''<br> *The script counts your character set (e.g., lowercase = 26, uppercase = 26, numbers = 10, special = 8).<br> *Max passwords = `charset_size ^ length` (e.g., 26^4 = 456,976).<br> *Size = `max * (length + 1)` bytes, shown in MB/GB (e.g., 456,976 * 5 = ~2.17 MB).<br> *Caps at 1 billion or your free disk space, whichever’s smaller—keeps it safe!<br> '''Tips for Noobs:'''<br> *Small counts (e.g., 1000) are quick—big ones (millions) take time and space!<br> *Check disk space first: <pre>df -h ~</pre> *If “bc” fails, install it: <pre>sudo apt install bc</pre> *Tweak special chars in the script (e.g., add `+-=` to `!@#$%^&*`) if you recall using others!<br> * '''WARNING File sizes can be VERY LARGE.''' </div> </div> * The password i selected/created for this tut is just three numbers, so i just made a list containing numbers 0 to 999. * The file is called <code>mylist.txt</code> ==Step 5 - run list against your hash== * Syntax <code>/path/to/john --wordlist=/path/to/wordlist.txt /path/to/myhash.txt</code> <pre>~/john/run/john --wordlist=mylist.txt myhash.txt</pre> * OUTPUT <pre> noob@noob-ThinkPad-X270:~/kpcli$ ~/john/run/john --wordlist=mylist.txt myhash.txt Using default input encoding: UTF-8 Loaded 1 password hash (KeePass [AES/Argon2 256/256 AVX2]) Cost 1 (t (rounds)) is 6000 for all loaded hashes Cost 2 (m) is 0 for all loaded hashes Cost 3 (p) is 0 for all loaded hashes Cost 4 (KDF [0=Argon2d 2=Argon2id 3=AES]) is 3 for all loaded hashes Will run 4 OpenMP threads Note: Passwords longer than 41 [worst case UTF-8] to 124 [ASCII] rejected Press 'q' or Ctrl-C to abort, 'h' for help, almost any other key for status 333 (noobs) 1g 0:00:00:00 DONE (2025-03-20 18:06) 16.67g/s 12400p/s 12400c/s 12400C/s 057..438 Use the "--show" option to display all of the cracked passwords reliably Session completed. </pre> * It found my password <code>333</code> === .pot file === * john will keep this passwd in a file called <code>john.pot</code> in dir <code>~/john/run/john.pot</code>: or dir where john bin is. <code>cat ~/john/run/john.pot</code> ** john uses the .pot file to avoid re-cracking already-cracked passwords. * Use <code>/path/to/john --show myhash.txt</code> to see password for your hash * Delete <code>john.pot</code> to try cracking your password again <code>rm ~/john/run/john.pot</code> ==No Room For Large List File - try piping== Could not get piping to work - turned out it was using password.lst in the john/run/password.lst directory If you know how to pipe into john, please inform me - mine atempt is <nowiki><!-- hidden --></nowiki> <!-- <div class="toccolours mw-collapsible mw-collapsed"> '''<code>genwords.sh</code>''' Script to gen passwords to pipe into john: <div class="mw-collapsible-content"> <code>$EDITOR genwords.sh</code> <pre> #!/bin/bash # Configuration Section (Edit these variables) LOWERCASE="y" # Include lowercase letters (a-z)? (y/n) UPPERCASE="y" # Include uppercase letters (A-Z)? (y/n) NUMBERS="y" # Include numbers (0-9)? (y/n) SPECIAL="y" # Include special chars (!@#$%^&*)? (y/n) PASSWORD_LENGTH_RANGE="1-8" # How long should each password be? (e.g., 8 or 1-8) START_COUNTER=0 # Start from counter (default 0) # Function to check if input is a positive integer is_positive_integer() { [[ $1 =~ ^[0-9]+$ ]] && [ "$1" -ge 0 ] } # Function to generate password from counter generate_password() { local counter=$1 local N=$2 local L=$3 local charset=$4 local password="" for ((pos=0; pos<L; pos++)); do local divisor=$(( N ** (L - pos - 1) )) local digit=$(( (counter / divisor) % N )) local char=${charset:$digit:1} password="$password$char" done echo "$password" } # Build character set charset="" if [ "$LOWERCASE" = "y" ]; then charset="${charset}abcdefghijklmnopqrstuvwxyz" fi if [ "$UPPERCASE" = "y" ]; then charset="${charset}ABCDEFGHIJKLMNOPQRSTUVWXYZ" fi if [ "$NUMBERS" = "y" ]; then charset="${charset}0123456789" fi if [ "$SPECIAL" = "y" ]; then charset="${charset}!@#$%^&*" fi # Check if any chars were selected if [ -z "$charset" ]; then echo "Oops! Pick at least one character type." >&2 exit 1 fi # Parse password length range read -r start_length end_length <<< "$(echo "$PASSWORD_LENGTH_RANGE" | tr '-' ' ')" if ! is_positive_integer "$start_length" || ! is_positive_integer "$end_length" || [ "$start_length" -gt "$end_length" ]; then echo "Invalid password length range. Use 'N' or 'N-M' (e.g., 8 or 1-8)." >&2 exit 1 fi # Dry run option if [ "$1" = "--dry-run" ]; then total_combinations=0 for ((L=start_length; L<=end_length; L++)); do N=${#charset} total_combinations=$(( total_combinations + (N ** L) )) done echo "Total combinations: $total_combinations" >&2 echo "Dry run: Measuring performance..." >&2 test_duration=60 test_start_time=$(date +%s) test_end_time=$(( test_start_time + test_duration )) test_counter=$START_COUNTER test_counter_max=10000000 while [ "$(date +%s)" -lt "$test_end_time" ] && [ $test_counter -lt $test_counter_max ]; do for ((L=start_length; L<=end_length; L++)); do N=${#charset} if [ $test_counter -lt $((N**L)) ]; then generate_password $test_counter $N $L "$charset" > /dev/null fi done test_counter=$(( test_counter + 1 )) done test_elapsed=$(( $(date +%s) - test_start_time )) test_processed=$(( test_counter - START_COUNTER )) if [ $test_elapsed -gt 0 ] && [ $test_processed -gt 0 ]; then measured_rate=$(echo "scale=2; $test_processed / $test_elapsed" | bc) eta_seconds=$(echo "scale=0; $total_combinations / $measured_rate" | bc) days=$((eta_seconds / 86400)) hours=$(( (eta_seconds % 86400) / 3600 )) minutes=$(( (eta_seconds % 3600) / 60 )) seconds=$((eta_seconds % 60 )) eta=$(printf "%d days %02d:%02d:%02d" $days $hours $minutes $seconds) echo "Measured Rate: $measured_rate passwords/second" >&2 echo "Estimated ETA: $eta" >&2 else echo "Could not measure performance. Please try again." >&2 fi exit 0 fi # Generate passwords and pipe to cracker for ((L=start_length; L<=end_length; L++)); do N=${#charset} total=$(( N ** L )) for ((counter=$START_COUNTER; counter<$total; counter++)); do password=$(generate_password $counter $N $L "$charset") echo "$password" done done echo "Finished generating all combinations." >&2 </pre> * NOTE: you need to edit the config section: <pre> # Configuration Section (Edit these variables) LOWERCASE="y" # Include lowercase letters (a-z)? (y/n) UPPERCASE="y" # Include uppercase letters (A-Z)? (y/n) NUMBERS="y" # Include numbers (0-9)? (y/n) SPECIAL="y" # Include special chars (!@#$%^&*)? (y/n) PASSWORD_LENGTH_RANGE="1-8" # How long should each password be? (e.g., 8 or 1-8) START_COUNTER=0 # Start from counter (default 0) </pre> * I just want number and i know its three numbers in passwd so <pre> # Configuration Section (Edit these variables) LOWERCASE="n" # Include lowercase letters (a-z)? (y/n) UPPERCASE="n" # Include uppercase letters (A-Z)? (y/n) NUMBERS="y" # Include numbers (0-9)? (y/n) SPECIAL="n" # Include special chars (!@#$%^&*)? (y/n) PASSWORD_LENGTH_RANGE="3" # How long should each password be? (e.g., 8 or 1-8) START_COUNTER=0 # Start from counter (default 0) </pre> * Dry Run to see ETA <code>bash passgen.sh --dry-run</code> * Pipe into john <code>bash passgen.sh | ~/john/run/john myhash.txt</code> * ETA examples: <pre> # Configuration Section (Edit these variables) LOWERCASE="n" # Include lowercase letters (a-z)? (y/n) UPPERCASE="n" # Include uppercase letters (A-Z)? (y/n) NUMBERS="y" # Include numbers (0-9)? (y/n) SPECIAL="n" # Include special chars (!@#$%^&*)? (y/n) PASSWORD_LENGTH_RANGE="1-8" # How long should each password be? (e.g., 8 or 1-8) START_COUNTER=0 # Start from counter (default 0) </pre> = <pre> noob@noob-HP-EliteDesk-800-G1-DM:~$ bash genpassdry.sh --dry-run Total combinations: 111111110 Dry run: Measuring performance... Measured Rate: 508.88 passwords/second Estimated ETA: 2 days 12:39:04 </pre> </div> </div> ===edit config in genwords.sh=== * at the top of the file you will see <pre> # Configuration Section (Edit these variables) LOWERCASE="y" # Include lowercase letters (a-z)? (y/n) UPPERCASE="y" # Include uppercase letters (A-Z)? (y/n) NUMBERS="y" # Include numbers (0-9)? (y/n) SPECIAL="y" # Include special chars (!@#$%^&*)? (y/n) PASSWORD_LENGTH_RANGE="1-8" # How long should each password be? (e.g., 8 or 1-8) START_COUNTER=0 # Start from counter (default 0) </pre> now i know are password is three numbers, so gonna change this to suit. <pre> # Configuration Section (Edit these variables) LOWERCASE="n" # Include lowercase letters (a-z)? (y/n) UPPERCASE="n" # Include uppercase letters (A-Z)? (y/n) NUMBERS="y" # Include numbers (0-9)? (y/n) SPECIAL="n" # Include special chars (!@#$%^&*)? (y/n) PASSWORD_LENGTH_RANGE="1-3" # How long should each password be? (e.g., 8 or 1-8) START_COUNTER=0 # Start from counter (default 0) </pre> * Dry run to see how long it will take <code>bash genwords.sh --dry-run</code><br> Output: <pre> Total combinations: 1110 Dry run: Measuring performance... Measured Rate: 952.35 passwords/second Estimated ETA: 0 days 00:00:01 </pre> * Normal run <code>bash genwords.sh | ~/john/run/john myhash.txt</code> Return output: <pre> Using default input encoding: UTF-8 Loaded 1 password hash (KeePass [AES/Argon2 256/256 AVX2]) Cost 1 (t (rounds)) is 6000 for all loaded hashes Cost 2 (m) is 0 for all loaded hashes Cost 3 (p) is 0 for all loaded hashes Cost 4 (KDF [0=Argon2d 2=Argon2id 3=AES]) is 3 for all loaded hashes Will run 4 OpenMP threads Note: Passwords longer than 41 [worst case UTF-8] to 124 [ASCII] rejected Proceeding with single, rules:Single Press Ctrl-C to abort, or send SIGUSR1 to john process for status Warning: Only 4 candidates buffered for the current salt, minimum 8 needed for performance. Almost done: Processing the remaining buffered candidate passwords, if any. 0g 0:00:00:00 DONE 1/3 (2025-03-20 20:08) 0g/s 9950p/s 9950c/s 9950C/s Noobs1901..Noobs1900 Proceeding with wordlist:/home/noob/john/run/password.lst Enabling duplicate candidate password suppressor 333 (noobs) 1g 0:00:00:00 DONE 2/3 (2025-03-20 20:08) 1.389g/s 5209p/s 5209c/s 5209C/s 2020..333 Use the "--show" option to display all of the cracked passwords reliably Session completed. </pre> * to see password <code> ~/john/run/john --show myhash.txt</code> Output: <pre> noobs:333 1 password hash cracked, 0 left </pre> * NOTE: If you wish to try cracking again delete <code>~/john/run/john.pot</code> --> 3z7qnj6cdqa5kbsf9tvq4d1ot2q96md 0 151 495 2025-03-20T23:45:47Z AwesomO 5 Created page with "==scp only account key and path== ===Create Account on Server=== Create user account you are going to use:<br> <code>adduser rscp</code> Make sure user has a '''.ssh''' directory to send public key to:<br> * TIP: If logged in as '''root''' for permissions reasons you may want to run as user: <code>su - <username> -c "<command>"</code> <code>mkdir /home/rscp/.ssh</code> Make a Directory to transfer files to:<br> <code>mkdir /home/rscp/media</code> Note: If you see err..." 495 wikitext text/x-wiki ==scp only account key and path== ===Create Account on Server=== Create user account you are going to use:<br> <code>adduser rscp</code> Make sure user has a '''.ssh''' directory to send public key to:<br> * TIP: If logged in as '''root''' for permissions reasons you may want to run as user: <code>su - <username> -c "<command>"</code> <code>mkdir /home/rscp/.ssh</code> Make a Directory to transfer files to:<br> <code>mkdir /home/rscp/media</code> Note: If you see error <code>scp: /home/rscp/media/test.txt: Permission denied</code> If you created directory '''media''' when logged in as '''root''' then check directory permissions and if need [[Linux_Users_and_Groups#File_Ownership_and_Permissions|assign ownership to '''user''' account.]]<br> Example:<code>chown rscp:rscp /home/rscp/media</code> [[Ubuntu_22.04_SSH_Guide#Copying_public_keys_to_the_remote_server| Send your public key to server]] After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> <pre> command="/usr/bin/scp -t /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... </pre> If from remote server you are sending a Directory include the '''-r''' flag in command:<br> After public_key/authorized_key is on server, edit authorized_keys and at the start before ssh-rsa <KEY> <pre> command="/usr/bin/scp -t -r /home/rscp/media/" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... </pre> This entry in the authorized_keys file uses the command option to restrict the SSH command that can be run with the associated SSH key. The command option specifies that the scp command should be used to transfer files to the '''/home/rscp/media/''' directory on the server. Here's a breakdown of the entry: :* '''command="/usr/bin/scp -t /home/rscp/"''': This specifies that the scp command should be used as the SSH command for this key, with the '''-t''' option to specify that the remote end is a file (in this case, a directory), and the destination directory on the server is /home/rscp/. This means that the user can only use the SSH key to transfer files to the /home/rscp/ directory on the server. :* '''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC...''': This is the public key associated with the private key that is used for authentication. By using the command option in this way, you can restrict the actions that the user can perform with the SSH key, which can help to improve security. In this case, the user can only transfer files to the specified directory on the server using the scp command. * Full example '''authorized_keys''': <pre> command="/usr/bin/scp -t -r /home/rscp/media" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCvDsXsJJwp065xHBD01+HpIwmENxruZQpecTzKAhIt+OkHxrvG4v1gxaW9WxSD78yE0gyrgJ+DHz5jEn/z0ERuTSIEVAmPWl15k4Wa1kLwUA+Vg+rgtDSGr6oIYwqj2LmK+6kXwW5iUZdM1QvzpQHa868XRabEpMAEzK1o3wARzhffz4qZRhpUj8asBvnDF5SgoOMAqtuWjjvYXjfL8g42trmsQi+0ADd2KxroB7ggYC31WP4Y+14zGlW2LHC0Po7XbM+2t4peFpyl0nSejMeVuyZB7V6FIzJs6gBN9fdLAPYgv74Ihhb2+VDevnS+t874ZQHwAlUf2bjo3zS4i4QEJSCM2TtJuUIc64LqMwvHX05BMUjc1WHyzGomDjtOuQdejf3gMcyXufIYWfBhMIa03xtC/J4M1ECJDlQqqgouHoZh+3z19LjvXr+3xU14E2DxCWkK9e/mo8gacviapZZCEye6nNq+89LL9LQhJyzG0gSYyUnMNwfrqd4fkUY16s4w/yMF4hKnMvEIUmsgXKl3rvhHUpWxGQHBZMI3hk11gcD7maEsuXW+2U+dvcK6bC/eRjg2Lk6wiBEF6XAfWE9p72jmALbS6wHqGsg6gA81bqB/Od0kOzCDl5nsIVVidSoSOru+QISwQ2byxvQAsldMTMQfxRyjBbPytHhkDJM5UQ== XML_Server </pre> ==Tip - transfer file to a path your USER does not have permissions for== You can write a shell script to check the '''/home/rscp/media''' directory every minute using a while loop and the sleep command. If any files are found in the directory, the script can move them to the '''/var/www/media''' directory using the mv command. Here's an example script: <syntaxhighlight lang="bash" line> #!/bin/bash while true do if [ "$(ls -A /home/rscp/media/)" ]; then mv /home/rscp/media/* /var/www/media/ fi sleep 60 done </syntaxhighlight> In this script, the while loop runs indefinitely ('''while true''') and sleeps for 60 seconds at the end of each iteration ('''sleep 60'''). The '''if''' statement checks if the '''/home/rscp/media''' directory is not empty ('''[ "$(ls -A /home/rscp/media/)" ]'''). If it is not empty, the '''mv''' command is used to move all files and directories from the '''/home/rscp/media/''' directory to the '''/var/www/media/''' directory. Save this script to a file (e.g. '''move-files.sh''') and make it executable using the '''chmod +x move-files.sh''' command. You can then run the script using '''./move-files.sh &''' to start it in the background and allow it to run indefinitely. The & symbol is used to run the script in the background so that you can continue using the terminal. Note that running this script indefinitely can consume system resources, so you may want to consider setting up a scheduled task (e.g. using '''[[Cron_ubuntu_22.04|cron]]''') to run the script at a specific interval instead of running it indefinitely. pb7a2o5p4dgptdv4w9k9bn174hailrp 2 152 496 2025-03-27T18:08:43Z PoppySpillman0 10 Created page with "I'm Poppy (31) from Skollenborg, Norway. <br>I'm learning Chinese literature at a local university and I'm just about to graduate.<br>I have a part time job in a post office.<br><br>my website: [https://denemebonusuverensitemi.com deneme bonusu veren siteler]" 496 wikitext text/x-wiki I'm Poppy (31) from Skollenborg, Norway. <br>I'm learning Chinese literature at a local university and I'm just about to graduate.<br>I have a part time job in a post office.<br><br>my website: [https://denemebonusuverensitemi.com deneme bonusu veren siteler] 09ls16l31arkj49o7zngg2q4t9vzk4m 2 153 497 2025-03-27T22:31:00Z Patti3778420 11 Created page with "I'm Patti (21) from Kitzingen, Germany. <br>I'm learning Vietnamese literature at a local high school and I'm just about to graduate.<br>I have a part time job in a the office.<br><br>Look into my site :: [https://denemebonususite2025.com deneme bonusu 2025]" 497 wikitext text/x-wiki I'm Patti (21) from Kitzingen, Germany. <br>I'm learning Vietnamese literature at a local high school and I'm just about to graduate.<br>I have a part time job in a the office.<br><br>Look into my site :: [https://denemebonususite2025.com deneme bonusu 2025] 772jy5mbdda6dhwa1e5pdmq8u62frxu 0 154 504 2025-04-16T22:07:49Z AwesomO 5 Created page with " * Been wasting a whole day following tuts on how to create a windows install usb using linux and running into non stop errors, best method so far booted windows, but had media driver issue. * '''Working method''', install windows on virtual box and passthrough usb to use windows ''Media Creation Tool''' to create working USB. ==Install windows in VirtualBOX and pass through usb== * Need license key now just to install windows in VBox - using win10pro '''Windows_10_..." 504 wikitext text/x-wiki * Been wasting a whole day following tuts on how to create a windows install usb using linux and running into non stop errors, best method so far booted windows, but had media driver issue. * '''Working method''', install windows on virtual box and passthrough usb to use windows ''Media Creation Tool''' to create working USB. ==Install windows in VirtualBOX and pass through usb== * Need license key now just to install windows in VBox - using win10pro '''[[Windows_10_Product_Key| All way backup your windows product key before deleting windows from your system]] ===Install VirtualBox the Easy way=== * Ubuntu - mate 24,04 - Just install from the build-in '''App Center''' ===Install VirtualBox_Extension_Pack=== * Download VirtualBox Extension Pack ** <code>https://download.virtualbox.org/virtualbox/7.1.8/Oracle_VirtualBox_Extension_Pack-7.1.8.vbox-extpack</code> * Add user and '''log out and log backin''' for effects to take place <code>sudo adduser $USER vboxusers</code> * can do /path/to/Oracle_VirtualBox_Extension_Pack-7.1.8.vbox-extpack <code>sudo VBoxManage extpack install Oracle_VirtualBox_Extension_Pack-7.1.8.vbox-extpack</code> * In '''VirtualBox''': '''File''' > '''Tools''' > '''Extension_Pack_Manager''' or <code>CTRL+t</code> On the right hand side click '''Install''' and select '''Oracle_VirtualBox_Extension_Pack-7.1.8.vbox-extpack''' * To Pass in your USB , plug in the USB and then: * If turned off. '''Settings''' > '''USB''' , Click the usb with plus + icon on right hand side and select your USB. * If machine running, on the virtualbox window. '''Devices''' > '''USB''', then select your USB drive. * In virtualbox downlod and install '''Media Creation Tool''' <code>https://support.microsoft.com/en-us/windows/create-installation-media-for-windows-99a58364-8c02-206f-aa6f-40c3b507420d</code> p1pign9xkipctdnsl7g2kv3r67whs1s 2 155 512 2025-04-19T01:24:24Z JaquelineMaconoc 12 Created page with "I'm Isabell and I live in a seaside city in northern Australia, Warringah Mall. I'm 27 and I'm will soon finish my study at Continuing Education and Summer Sessions." 512 wikitext text/x-wiki I'm Isabell and I live in a seaside city in northern Australia, Warringah Mall. I'm 27 and I'm will soon finish my study at Continuing Education and Summer Sessions. gz62tvk5glef3rtt9o06g2lg00ia7wb 0 156 513 2025-04-20T15:16:24Z AwesomO 5 Created page with "{{:LICENCE_HEADER_APACHE2}}" 513 wikitext text/x-wiki {{:LICENCE_HEADER_APACHE2}} a88h2jfc8w40rv324g0guvjcy5uhqkj 514 513 2025-04-20T15:17:05Z AwesomO 5 514 wikitext text/x-wiki {{:LICENCE_HEADER_APACHE2}} * https://github.com/lhartikk/GenesisH0 * https://github.com/lhartikk/GenesisH0/blob/master/LICENSE * This script is under the Apache Version 2.0 License <pre> import hashlib, binascii, struct, array, os, time, sys, optparse import scrypt from construct import * def main(): options = get_args() algorithm = get_algorithm(options) input_script = create_input_script(options.timestamp) output_script = create_output_script(options.pubkey) # hash merkle root is the double sha256 hash of the transaction(s) tx = create_transaction(input_script, output_script,options) hash_merkle_root = hashlib.sha256(hashlib.sha256(tx).digest()).digest() print_block_info(options, hash_merkle_root) block_header = create_block_header(hash_merkle_root, options.time, options.bits, options.nonce) genesis_hash, nonce = generate_hash(block_header, algorithm, options.nonce, options.bits) announce_found_genesis(genesis_hash, nonce) def get_args(): parser = optparse.OptionParser() parser.add_option("-t", "--time", dest="time", default=int(time.time()), type="int", help="the (unix) time when the genesisblock is created") parser.add_option("-z", "--timestamp", dest="timestamp", default="The Times 03/Jan/2009 Chancellor on brink of second bailout for banks", type="string", help="the pszTimestamp found in the coinbase of the genesisblock") parser.add_option("-n", "--nonce", dest="nonce", default=0, type="int", help="the first value of the nonce that will be incremented when searching the genesis hash") parser.add_option("-a", "--algorithm", dest="algorithm", default="SHA256", help="the PoW algorithm: [SHA256|scrypt|X11|X13|X15]") parser.add_option("-p", "--pubkey", dest="pubkey", default="04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f", type="string", help="the pubkey found in the output script") parser.add_option("-v", "--value", dest="value", default=5000000000, type="int", help="the value in coins for the output, full value (exp. in bitcoin 5000000000 - To get other coins value: Block Value * 100000000)") parser.add_option("-b", "--bits", dest="bits", type="int", help="the target in compact representation, associated to a difficulty of 1") (options, args) = parser.parse_args() if not options.bits: if options.algorithm == "scrypt" or options.algorithm == "X11" or options.algorithm == "X13" or options.algorithm == "X15": options.bits = 0x1e0ffff0 else: options.bits = 0x1d00ffff return options def get_algorithm(options): supported_algorithms = ["SHA256", "scrypt", "X11", "X13", "X15"] if options.algorithm in supported_algorithms: return options.algorithm else: sys.exit("Error: Given algorithm must be one of: " + str(supported_algorithms)) def create_input_script(psz_timestamp): psz_prefix = "" #use OP_PUSHDATA1 if required if len(psz_timestamp) > 76: psz_prefix = '4c' script_prefix = '04ffff001d0104' + psz_prefix + chr(len(psz_timestamp)).encode('hex') print (script_prefix + psz_timestamp.encode('hex')) return (script_prefix + psz_timestamp.encode('hex')).decode('hex') def create_output_script(pubkey): script_len = '41' OP_CHECKSIG = 'ac' return (script_len + pubkey + OP_CHECKSIG).decode('hex') def create_transaction(input_script, output_script,options): transaction = Struct("transaction", Bytes("version", 4), Byte("num_inputs"), StaticField("prev_output", 32), UBInt32('prev_out_idx'), Byte('input_script_len'), Bytes('input_script', len(input_script)), UBInt32('sequence'), Byte('num_outputs'), Bytes('out_value', 8), Byte('output_script_len'), Bytes('output_script', 0x43), UBInt32('locktime')) tx = transaction.parse('\x00'*(127 + len(input_script))) tx.version = struct.pack('<I', 1) tx.num_inputs = 1 tx.prev_output = struct.pack('<qqqq', 0,0,0,0) tx.prev_out_idx = 0xFFFFFFFF tx.input_script_len = len(input_script) tx.input_script = input_script tx.sequence = 0xFFFFFFFF tx.num_outputs = 1 tx.out_value = struct.pack('<q' ,options.value)#0x000005f5e100)#012a05f200) #50 coins #tx.out_value = struct.pack('<q' ,0x000000012a05f200) #50 coins tx.output_script_len = 0x43 tx.output_script = output_script tx.locktime = 0 return transaction.build(tx) def create_block_header(hash_merkle_root, time, bits, nonce): block_header = Struct("block_header", Bytes("version",4), Bytes("hash_prev_block", 32), Bytes("hash_merkle_root", 32), Bytes("time", 4), Bytes("bits", 4), Bytes("nonce", 4)) genesisblock = block_header.parse('\x00'*80) genesisblock.version = struct.pack('<I', 1) genesisblock.hash_prev_block = struct.pack('<qqqq', 0,0,0,0) genesisblock.hash_merkle_root = hash_merkle_root genesisblock.time = struct.pack('<I', time) genesisblock.bits = struct.pack('<I', bits) genesisblock.nonce = struct.pack('<I', nonce) return block_header.build(genesisblock) # https://en.bitcoin.it/wiki/Block_hashing_algorithm def generate_hash(data_block, algorithm, start_nonce, bits): print 'Searching for genesis hash..' nonce = start_nonce last_updated = time.time() # https://en.bitcoin.it/wiki/Difficulty target = (bits & 0xffffff) * 2**(8*((bits >> 24) - 3)) while True: sha256_hash, header_hash = generate_hashes_from_block(data_block, algorithm) last_updated = calculate_hashrate(nonce, last_updated) if is_genesis_hash(header_hash, target): if algorithm == "X11" or algorithm == "X13" or algorithm == "X15": return (header_hash, nonce) return (sha256_hash, nonce) else: nonce = nonce + 1 data_block = data_block[0:len(data_block) - 4] + struct.pack('<I', nonce) def generate_hashes_from_block(data_block, algorithm): sha256_hash = hashlib.sha256(hashlib.sha256(data_block).digest()).digest()[::-1] header_hash = "" if algorithm == 'scrypt': header_hash = scrypt.hash(data_block,data_block,1024,1,1,32)[::-1] elif algorithm == 'SHA256': header_hash = sha256_hash elif algorithm == 'X11': try: exec('import %s' % "xcoin_hash") except ImportError: sys.exit("Cannot run X11 algorithm: module xcoin_hash not found") header_hash = xcoin_hash.getPoWHash(data_block)[::-1] elif algorithm == 'X13': try: exec('import %s' % "x13_hash") except ImportError: sys.exit("Cannot run X13 algorithm: module x13_hash not found") header_hash = x13_hash.getPoWHash(data_block)[::-1] elif algorithm == 'X15': try: exec('import %s' % "x15_hash") except ImportError: sys.exit("Cannot run X15 algorithm: module x15_hash not found") header_hash = x15_hash.getPoWHash(data_block)[::-1] return sha256_hash, header_hash def is_genesis_hash(header_hash, target): return int(header_hash.encode('hex_codec'), 16) < target def calculate_hashrate(nonce, last_updated): if nonce % 1000000 == 999999: now = time.time() hashrate = round(1000000/(now - last_updated)) generation_time = round(pow(2, 32) / hashrate / 3600, 1) sys.stdout.write("\r%s hash/s, estimate: %s h"%(str(hashrate), str(generation_time))) sys.stdout.flush() return now else: return last_updated def print_block_info(options, hash_merkle_root): print "algorithm: " + (options.algorithm) print "merkle hash: " + hash_merkle_root[::-1].encode('hex_codec') print "pszTimestamp: " + options.timestamp print "pubkey: " + options.pubkey print "time: " + str(options.time) print "bits: " + str(hex(options.bits)) def announce_found_genesis(genesis_hash, nonce): print "genesis hash found!" print "nonce: " + str(nonce) print "genesis hash: " + genesis_hash.encode('hex_codec') # GOGOGO! main() </pre> dperzbn0a02mahoip8m26wp0jfkx1e0 0 157 515 2025-04-20T15:19:26Z AwesomO 5 Created page with "{{:LICENCE_HEADER_APACHE2}} * Append same license to page containing script * https://github.com/lhartikk/GenesisH0 ** [[GenesisH0_Python_Script| The Script is under the Apache Version 2 License]] * Due to the age of the script, the best way i found to get it working was in a LXC container with python2.5 and some depends installed, this way your main system remains clean. ==Create container== <code>lxc launch ubuntu:24.04 pygen</code> <code>lxc exec pygen bash</cod..." 515 wikitext text/x-wiki {{:LICENCE_HEADER_APACHE2}} * Append same license to page containing script * https://github.com/lhartikk/GenesisH0 ** [[GenesisH0_Python_Script| The Script is under the Apache Version 2 License]] * Due to the age of the script, the best way i found to get it working was in a LXC container with python2.5 and some depends installed, this way your main system remains clean. ==Create container== <code>lxc launch ubuntu:24.04 pygen</code> <code>lxc exec pygen bash</code> <code>su - ubuntu</code> ===Install Python 2.5 === <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential zlib1g-dev libssl-dev</code> <code>wget http://www.python.org/ftp/python/2.5.2/Python-2.5.2.tgz</code> * sha256sum Python-2.5.2.tgz <code>834afe8a88adaf623b05ac5dd6700dd5bb5d0d5553fc74ad529359a3496e4ae3</code> <code>tar -zxvf Python-2.5.2.tgz</code> <code>cd Python-2.5.2</code> <code>./configure --with-zlib=/usr/include</code> * After running the ./configure command a file called 'Setup' will appear in the 'Python-2.5.2/Modules' Directory. <code>$EDITOR Modules/Setup</code> * Uncomment the line 454 and save and exit the file. <pre> 451 # Andrew Kuchling's zlib module. 452 # This require zlib 1.1.3 (or later). 453 # See http://www.gzip.org/zlib/ 454 #zlib zlibmodule.c -I$(prefix)/include -L$(exec_prefix)/lib -lz </pre> <code>make</code> <code>sudo make install</code> * python2.5 shold now be installed in /usr/local/bin/python2.5 * This is clean ubuntu 24.04 container with no python2 installed so going to link name to just python2 with symlink <code>sudo ln -s /usr/local/bin/python2.5 /usr/local/bin/python2</code> * If you skip this step it just means you will use <code>sudo python2.5 setup.py install</code> instead of <code>sudo python2 setup.py install</code> ===Install setuptools for easy_install=== * archive pip - https://pypi.org/project/setuptools/#history <code>wget https://files.pythonhosted.org/packages/8b/62/baf1e2c2b02de7898dcacd1d1a41e323b79d25be5c88d2805c89fb424835/setuptools-0.6c11.tar.gz</code> * sha256sum setuptools-0.6c11.tar.gz <code>630fea9b726320b73ee3ca6ff61732cb32675b0389be658080fe46383b87a1d3</code> <code>tar -xvzf setuptools-0.6c11.tar.gz</code> <code>cd setuptools-0.6c11</code> <code>sudo python2 setup.py install</code> ===Install six 1.6.1=== * This package is required by construct 2.5.2 <code>wget https://files.pythonhosted.org/packages/e8/70/b9c441d8c02b70eb3bf923c49944b8fc656f78a43c084d2a98534d7404e2/six-1.6.1.tar.gz</code> * sha256sum six-1.6.1.tar.gz <code>d4392a7c8d91b005c002568a85faf617c67241c8cd8399cc395e8f1005aff80d</code> <code>sudo easy_install six-1.6.1.tar.gz</code> <div class="toccolours mw-collapsible mw-collapsed"> If you did NOT install easy_install and would like to do manually: <div class="mw-collapsible-content"> Its pretty easy, same way you installed setuptools and will be the same method to install the other packages as well. * extract file with tar <code>tar -zxvf six-1.6.1.tar.gz</code> * enter directory <code>cd six-1.6.1</code> * and install with python <code>sudo python2 setup.py install</code> </div> </div> ===Install construct 2.5.2=== <code>wget https://files.pythonhosted.org/packages/fd/5a/e3105c79b3b0bbf7a80dc8218d7416df6551f9f2fe389c9ce6690a621c00/construct-2.5.2.tar.gz</code> * sha256sum construct-2.5.2.tar.gz <code>665b6271eeadf15219c726b180c8d7a641d026784d72ca3dad90a20aae009020</code> <code>sudo easy_install construct-2.5.2.tar.gz</code> <div class="toccolours mw-collapsible mw-collapsed"> Output from command: <code>sudo easy_install construct-2.5.2.tar.gz</code> <div class="mw-collapsible-content"> * This happened on mine, but script and keys worked fine, so no worries be mateys <pre> ubuntu@pygen:~$ sudo easy_install construct-2.5.2.tar.gz Processing construct-2.5.2.tar.gz Running construct-2.5.2/setup.py -q bdist_egg --dist-dir /tmp/easy_install-GXHk0j/construct-2.5.2/egg-dist-tmp-JXx8gl build/bdist.linux-x86_64/egg/construct/formats/filesystem/fat16.py:215: Warning: 'with' will become a reserved keyword in Python 2.6 File "build/bdist.linux-x86_64/egg/construct/formats/filesystem/fat16.py", line 215 with BytesIO() as mem: ^ SyntaxError: invalid syntax zip_safe flag not set; analyzing archive contents... construct.debug: module MAY be using inspect.stack /usr/local/lib/python2.5/site-packages/construct-2.5.2-py2.5.egg/construct/formats/filesystem/fat16.py:215: Warning: 'with' will become a reserved keyword in Python 2.6 File "/usr/local/lib/python2.5/site-packages/construct-2.5.2-py2.5.egg/construct/formats/filesystem/fat16.py", line 215 with BytesIO() as mem: ^ SyntaxError: invalid syntax Adding construct 2.5.2 to easy-install.pth file Installed /usr/local/lib/python2.5/site-packages/construct-2.5.2-py2.5.egg Processing dependencies for construct==2.5.2 Finished processing dependencies for construct==2.5.2 </pre> </div> </div> ===Install scrypt-0.6.1=== * required by GenesisH0 <code>wget https://pypi.python.org/packages/source/s/scrypt/scrypt-0.6.1.tar.gz</code> * sha256sum scrypt-0.6.1.tar.gz <code>6142bb9f786649bd2a51f47e61dff91bf8315fd8989188003c3c61c05834a07b</code> <code>sudo easy_install scrypt-0.6.1.tar.gz</code> <div class="toccolours mw-collapsible mw-collapsed"> Install output: <div class="mw-collapsible-content"> <pre> ubuntu@pygen:~$ sudo easy_install scrypt-0.6.1.tar.gz Processing scrypt-0.6.1.tar.gz Running scrypt-0.6.1/setup.py -q bdist_egg --dist-dir /tmp/easy_install-QSGJ2P/scrypt-0.6.1/egg-dist-tmp-DG_d1K scrypt-1.1.6/lib/crypto/crypto_aesctr.c: In function ‘crypto_aesctr_stream’: scrypt-1.1.6/lib/crypto/crypto_aesctr.c:97:25: warning: ‘AES_encrypt’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 97 | AES_encrypt(pblk, stream->buf, stream->key); | ^~~~~~~~~~~ In file included from scrypt-1.1.6/lib/crypto/crypto_aesctr.c:34: /usr/include/openssl/aes.h:57:6: note: declared here 57 | void AES_encrypt(const unsigned char *in, unsigned char *out, | ^~~~~~~~~~~ scrypt-1.1.6/lib/scryptenc/scryptenc.c: In function ‘scryptenc_buf’: scrypt-1.1.6/lib/scryptenc/scryptenc.c:365:9: warning: ‘AES_set_encrypt_key’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 365 | if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) | ^~ In file included from scrypt-1.1.6/lib/scryptenc/scryptenc.c:38: /usr/include/openssl/aes.h:51:5: note: declared here 51 | int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | ^~~~~~~~~~~~~~~~~~~ scrypt-1.1.6/lib/scryptenc/scryptenc.c: In function ‘scryptdec_buf’: scrypt-1.1.6/lib/scryptenc/scryptenc.c:428:9: warning: ‘AES_set_encrypt_key’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 428 | if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) | ^~ /usr/include/openssl/aes.h:51:5: note: declared here 51 | int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | ^~~~~~~~~~~~~~~~~~~ scrypt-1.1.6/lib/scryptenc/scryptenc.c: In function ‘scryptenc_file’: scrypt-1.1.6/lib/scryptenc/scryptenc.c:489:9: warning: ‘AES_set_encrypt_key’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 489 | if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) | ^~ /usr/include/openssl/aes.h:51:5: note: declared here 51 | int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | ^~~~~~~~~~~~~~~~~~~ scrypt-1.1.6/lib/scryptenc/scryptenc.c: In function ‘scryptdec_file’: scrypt-1.1.6/lib/scryptenc/scryptenc.c:587:9: warning: ‘AES_set_encrypt_key’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 587 | if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) | ^~ /usr/include/openssl/aes.h:51:5: note: declared here 51 | int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | ^~~~~~~~~~~~~~~~~~~ zip_safe flag not set; analyzing archive contents... Adding scrypt 0.6.1 to easy-install.pth file Installed /usr/local/lib/python2.5/site-packages/scrypt-0.6.1-py2.5-linux-x86_64.egg Processing dependencies for scrypt==0.6.1 Finished processing dependencies for scrypt==0.6.1 </pre> </div> </div> * After just installing with <code>easy_install</code> i had an error with: <pre> Traceback (most recent call last): File "genesis.py", line 2, in <module> import scrypt File "build/bdist.linux-x86_64/egg/scrypt.py", line 11, in <module> ImportError: No module named _scrypt </pre> Tried installing the manual way and it worked on second try! <div class="toccolours mw-collapsible mw-collapsed"> The manual way to install scrypt: <div class="mw-collapsible-content"> <code>tar xvf scrypt-0.6.1.tar.gz</code> <code>cd scrypt-0.6.1/</code> <code>sudo python2 setup.py install</code> </div> </div> ===Install the GenesisH0 script and run=== <code>git clone https://github.com/lhartikk/GenesisH0.git</code> * sha256sum GenesisH0/genesis.py <code>7120909579283fd715ae3167b456fe3e23cbd9c280b1a2e2ce89b47830bf96f4</code> <code>cd GenesisH0</code> ===Run GenesisH0=== <pre> Usage: genesis.py [options] Options: -h, --help show this help message and exit -t TIME, --time=TIME the (unix) time when the genesisblock is created -z TIMESTAMP, --timestamp=TIMESTAMP the pszTimestamp found in the coinbase of the genesisblock -n NONCE, --nonce=NONCE the first value of the nonce that will be incremented when searching the genesis hash -a ALGORITHM, --algorithm=ALGORITHM the PoW algorithm: [SHA256|scrypt|X11|X13|X15] -p PUBKEY, --pubkey=PUBKEY the pubkey found in the output script -v VALUE, --value=VALUE the value in coins for the output, full value (exp. in bitcoin 5000000000 - To get other coins value: Block Value * 100000000) -b BITS, --bits=BITS the target in compact representation, associated to a difficulty of 1 </pre> =====Test ===== * Lets recreate the Litecoin Genesis Hash and Merkel Hash (its way quicker than bitcoin) <code>python2.5 genesis.py -a scrypt -z "NY Times 05/Oct/2011 Steve Jobs, Apple’s Visionary, Dies at 56" -p "040184710fa689ad5023690c80f3a49c8f13f8d45b8c857fbcbc8bc4a8e4d3eb4b10f4d4604fa08dce601aaf0f470216fe1b51850b4acf21b179c45070ac7b03a9" -t 1317972665 -n 2084524493</code> * Check your '''Nonce'''number ,'''Merkel''' and '''Genesis''' hash with litecoins: *https://github.com/litecoin-project/litecoin/blob/master/src/chainparams.cpp ** Nonce: Line 116 ** hashGenesisBlock Line 118 ** hashMerkelRoot Line 119 ====MainNet==== * This is for N33Bcoin sha256 <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000</code> * This can take a while <pre> ubuntu@pygen:~/GenesisH0$ python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000 04ffff001d0104264e333342277320666f72204e6f6f62277320617420436f6d706c6574654e6f6f62732e636f6d algorithm: SHA256 merkle hash: 6cc697f6a9806aee97a71c01c41e9084c0b38c2042b2a3eef741e1ae47586f89 pszTimestamp: N33B's for Noob's at CompleteNoobs.com pubkey: 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 time: 1733333333 bits: 0x1d00ffff Searching for genesis hash.. 298871.0 hash/s, estimate: 4.0 hgenesis hash found! nonce: 3926490992 genesis hash: 000000003af8bb03eaa894f998df439eba70ff19c25705fc695bff6553252ae6 </pre> As you can see we have the details we need for chainpararms.cpp: * '''nonce''': <code>3926490992</code> * '''merkle hash''': <code>6cc697f6a9806aee97a71c01c41e9084c0b38c2042b2a3eef741e1ae47586f89</code> * '''genesis hash''': <code>000000003af8bb03eaa894f998df439eba70ff19c25705fc695bff6553252ae6</code> ====TestNet==== * nBits <code>-b 0x1e0ffff0</code> has been made less difficult. * TimeStamp <code>-t 1733333334</code> has been changed so i know which one is main - test - reg, nets later on. There is no requirement to change unixtimestamp for each one. <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000</code> <pre> ubuntu@pygen:~/GenesisH0$ python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000 04ffff001d0104264e333342277320666f72204e6f6f62277320617420436f6d706c6574654e6f6f62732e636f6d algorithm: SHA256 merkle hash: 6cc697f6a9806aee97a71c01c41e9084c0b38c2042b2a3eef741e1ae47586f89 pszTimestamp: N33B's for Noob's at CompleteNoobs.com pubkey: 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 time: 1733333334 bits: 0x1e0ffff0 Searching for genesis hash.. genesis hash found! nonce: 105904 genesis hash: 00000d490951764bb9dc0b882e69bd908781f208267c61c330bc88f825ec87d9 </pre> ====RegNet==== * <code>-b 0x207fffff</code> '''difficultly''' has been changed. * <code>-t 1733333335</code> '''Time Stamp''' has been changed. <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000</code> <pre> ubuntu@pygen:~/GenesisH0$ python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000 04ffff001d0104264e333342277320666f72204e6f6f62277320617420436f6d706c6574654e6f6f62732e636f6d algorithm: SHA256 merkle hash: 6cc697f6a9806aee97a71c01c41e9084c0b38c2042b2a3eef741e1ae47586f89 pszTimestamp: N33B's for Noob's at CompleteNoobs.com pubkey: 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 time: 1733333335 bits: 0x207fffff Searching for genesis hash.. genesis hash found! nonce: 0 genesis hash: 3b8c1255a0fb1f5db478fec6b585fc2a5c1dcdc429e9a05d7e246c97e80a7c35 </pre> ===Litecoin - scrypt=== * Could not get working litecoin keys? will look into later. <code>python2.5 genesis.py -a scrypt -z "N3WB's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> jmsh01ddyhx3t0oaw1698dn8bqcfuyf 595 515 2025-06-26T13:43:28Z AwesomO 5 /* MainNet */ 595 wikitext text/x-wiki {{:LICENCE_HEADER_APACHE2}} * Append same license to page containing script * https://github.com/lhartikk/GenesisH0 ** [[GenesisH0_Python_Script| The Script is under the Apache Version 2 License]] * Due to the age of the script, the best way i found to get it working was in a LXC container with python2.5 and some depends installed, this way your main system remains clean. ==Create container== <code>lxc launch ubuntu:24.04 pygen</code> <code>lxc exec pygen bash</code> <code>su - ubuntu</code> ===Install Python 2.5 === <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential zlib1g-dev libssl-dev</code> <code>wget http://www.python.org/ftp/python/2.5.2/Python-2.5.2.tgz</code> * sha256sum Python-2.5.2.tgz <code>834afe8a88adaf623b05ac5dd6700dd5bb5d0d5553fc74ad529359a3496e4ae3</code> <code>tar -zxvf Python-2.5.2.tgz</code> <code>cd Python-2.5.2</code> <code>./configure --with-zlib=/usr/include</code> * After running the ./configure command a file called 'Setup' will appear in the 'Python-2.5.2/Modules' Directory. <code>$EDITOR Modules/Setup</code> * Uncomment the line 454 and save and exit the file. <pre> 451 # Andrew Kuchling's zlib module. 452 # This require zlib 1.1.3 (or later). 453 # See http://www.gzip.org/zlib/ 454 #zlib zlibmodule.c -I$(prefix)/include -L$(exec_prefix)/lib -lz </pre> <code>make</code> <code>sudo make install</code> * python2.5 shold now be installed in /usr/local/bin/python2.5 * This is clean ubuntu 24.04 container with no python2 installed so going to link name to just python2 with symlink <code>sudo ln -s /usr/local/bin/python2.5 /usr/local/bin/python2</code> * If you skip this step it just means you will use <code>sudo python2.5 setup.py install</code> instead of <code>sudo python2 setup.py install</code> ===Install setuptools for easy_install=== * archive pip - https://pypi.org/project/setuptools/#history <code>wget https://files.pythonhosted.org/packages/8b/62/baf1e2c2b02de7898dcacd1d1a41e323b79d25be5c88d2805c89fb424835/setuptools-0.6c11.tar.gz</code> * sha256sum setuptools-0.6c11.tar.gz <code>630fea9b726320b73ee3ca6ff61732cb32675b0389be658080fe46383b87a1d3</code> <code>tar -xvzf setuptools-0.6c11.tar.gz</code> <code>cd setuptools-0.6c11</code> <code>sudo python2 setup.py install</code> ===Install six 1.6.1=== * This package is required by construct 2.5.2 <code>wget https://files.pythonhosted.org/packages/e8/70/b9c441d8c02b70eb3bf923c49944b8fc656f78a43c084d2a98534d7404e2/six-1.6.1.tar.gz</code> * sha256sum six-1.6.1.tar.gz <code>d4392a7c8d91b005c002568a85faf617c67241c8cd8399cc395e8f1005aff80d</code> <code>sudo easy_install six-1.6.1.tar.gz</code> <div class="toccolours mw-collapsible mw-collapsed"> If you did NOT install easy_install and would like to do manually: <div class="mw-collapsible-content"> Its pretty easy, same way you installed setuptools and will be the same method to install the other packages as well. * extract file with tar <code>tar -zxvf six-1.6.1.tar.gz</code> * enter directory <code>cd six-1.6.1</code> * and install with python <code>sudo python2 setup.py install</code> </div> </div> ===Install construct 2.5.2=== <code>wget https://files.pythonhosted.org/packages/fd/5a/e3105c79b3b0bbf7a80dc8218d7416df6551f9f2fe389c9ce6690a621c00/construct-2.5.2.tar.gz</code> * sha256sum construct-2.5.2.tar.gz <code>665b6271eeadf15219c726b180c8d7a641d026784d72ca3dad90a20aae009020</code> <code>sudo easy_install construct-2.5.2.tar.gz</code> <div class="toccolours mw-collapsible mw-collapsed"> Output from command: <code>sudo easy_install construct-2.5.2.tar.gz</code> <div class="mw-collapsible-content"> * This happened on mine, but script and keys worked fine, so no worries be mateys <pre> ubuntu@pygen:~$ sudo easy_install construct-2.5.2.tar.gz Processing construct-2.5.2.tar.gz Running construct-2.5.2/setup.py -q bdist_egg --dist-dir /tmp/easy_install-GXHk0j/construct-2.5.2/egg-dist-tmp-JXx8gl build/bdist.linux-x86_64/egg/construct/formats/filesystem/fat16.py:215: Warning: 'with' will become a reserved keyword in Python 2.6 File "build/bdist.linux-x86_64/egg/construct/formats/filesystem/fat16.py", line 215 with BytesIO() as mem: ^ SyntaxError: invalid syntax zip_safe flag not set; analyzing archive contents... construct.debug: module MAY be using inspect.stack /usr/local/lib/python2.5/site-packages/construct-2.5.2-py2.5.egg/construct/formats/filesystem/fat16.py:215: Warning: 'with' will become a reserved keyword in Python 2.6 File "/usr/local/lib/python2.5/site-packages/construct-2.5.2-py2.5.egg/construct/formats/filesystem/fat16.py", line 215 with BytesIO() as mem: ^ SyntaxError: invalid syntax Adding construct 2.5.2 to easy-install.pth file Installed /usr/local/lib/python2.5/site-packages/construct-2.5.2-py2.5.egg Processing dependencies for construct==2.5.2 Finished processing dependencies for construct==2.5.2 </pre> </div> </div> ===Install scrypt-0.6.1=== * required by GenesisH0 <code>wget https://pypi.python.org/packages/source/s/scrypt/scrypt-0.6.1.tar.gz</code> * sha256sum scrypt-0.6.1.tar.gz <code>6142bb9f786649bd2a51f47e61dff91bf8315fd8989188003c3c61c05834a07b</code> <code>sudo easy_install scrypt-0.6.1.tar.gz</code> <div class="toccolours mw-collapsible mw-collapsed"> Install output: <div class="mw-collapsible-content"> <pre> ubuntu@pygen:~$ sudo easy_install scrypt-0.6.1.tar.gz Processing scrypt-0.6.1.tar.gz Running scrypt-0.6.1/setup.py -q bdist_egg --dist-dir /tmp/easy_install-QSGJ2P/scrypt-0.6.1/egg-dist-tmp-DG_d1K scrypt-1.1.6/lib/crypto/crypto_aesctr.c: In function ‘crypto_aesctr_stream’: scrypt-1.1.6/lib/crypto/crypto_aesctr.c:97:25: warning: ‘AES_encrypt’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 97 | AES_encrypt(pblk, stream->buf, stream->key); | ^~~~~~~~~~~ In file included from scrypt-1.1.6/lib/crypto/crypto_aesctr.c:34: /usr/include/openssl/aes.h:57:6: note: declared here 57 | void AES_encrypt(const unsigned char *in, unsigned char *out, | ^~~~~~~~~~~ scrypt-1.1.6/lib/scryptenc/scryptenc.c: In function ‘scryptenc_buf’: scrypt-1.1.6/lib/scryptenc/scryptenc.c:365:9: warning: ‘AES_set_encrypt_key’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 365 | if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) | ^~ In file included from scrypt-1.1.6/lib/scryptenc/scryptenc.c:38: /usr/include/openssl/aes.h:51:5: note: declared here 51 | int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | ^~~~~~~~~~~~~~~~~~~ scrypt-1.1.6/lib/scryptenc/scryptenc.c: In function ‘scryptdec_buf’: scrypt-1.1.6/lib/scryptenc/scryptenc.c:428:9: warning: ‘AES_set_encrypt_key’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 428 | if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) | ^~ /usr/include/openssl/aes.h:51:5: note: declared here 51 | int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | ^~~~~~~~~~~~~~~~~~~ scrypt-1.1.6/lib/scryptenc/scryptenc.c: In function ‘scryptenc_file’: scrypt-1.1.6/lib/scryptenc/scryptenc.c:489:9: warning: ‘AES_set_encrypt_key’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 489 | if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) | ^~ /usr/include/openssl/aes.h:51:5: note: declared here 51 | int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | ^~~~~~~~~~~~~~~~~~~ scrypt-1.1.6/lib/scryptenc/scryptenc.c: In function ‘scryptdec_file’: scrypt-1.1.6/lib/scryptenc/scryptenc.c:587:9: warning: ‘AES_set_encrypt_key’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 587 | if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) | ^~ /usr/include/openssl/aes.h:51:5: note: declared here 51 | int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | ^~~~~~~~~~~~~~~~~~~ zip_safe flag not set; analyzing archive contents... Adding scrypt 0.6.1 to easy-install.pth file Installed /usr/local/lib/python2.5/site-packages/scrypt-0.6.1-py2.5-linux-x86_64.egg Processing dependencies for scrypt==0.6.1 Finished processing dependencies for scrypt==0.6.1 </pre> </div> </div> * After just installing with <code>easy_install</code> i had an error with: <pre> Traceback (most recent call last): File "genesis.py", line 2, in <module> import scrypt File "build/bdist.linux-x86_64/egg/scrypt.py", line 11, in <module> ImportError: No module named _scrypt </pre> Tried installing the manual way and it worked on second try! <div class="toccolours mw-collapsible mw-collapsed"> The manual way to install scrypt: <div class="mw-collapsible-content"> <code>tar xvf scrypt-0.6.1.tar.gz</code> <code>cd scrypt-0.6.1/</code> <code>sudo python2 setup.py install</code> </div> </div> ===Install the GenesisH0 script and run=== <code>git clone https://github.com/lhartikk/GenesisH0.git</code> * sha256sum GenesisH0/genesis.py <code>7120909579283fd715ae3167b456fe3e23cbd9c280b1a2e2ce89b47830bf96f4</code> <code>cd GenesisH0</code> ===Run GenesisH0=== <pre> Usage: genesis.py [options] Options: -h, --help show this help message and exit -t TIME, --time=TIME the (unix) time when the genesisblock is created -z TIMESTAMP, --timestamp=TIMESTAMP the pszTimestamp found in the coinbase of the genesisblock -n NONCE, --nonce=NONCE the first value of the nonce that will be incremented when searching the genesis hash -a ALGORITHM, --algorithm=ALGORITHM the PoW algorithm: [SHA256|scrypt|X11|X13|X15] -p PUBKEY, --pubkey=PUBKEY the pubkey found in the output script -v VALUE, --value=VALUE the value in coins for the output, full value (exp. in bitcoin 5000000000 - To get other coins value: Block Value * 100000000) -b BITS, --bits=BITS the target in compact representation, associated to a difficulty of 1 </pre> =====Test ===== * Lets recreate the Litecoin Genesis Hash and Merkel Hash (its way quicker than bitcoin) <code>python2.5 genesis.py -a scrypt -z "NY Times 05/Oct/2011 Steve Jobs, Apple’s Visionary, Dies at 56" -p "040184710fa689ad5023690c80f3a49c8f13f8d45b8c857fbcbc8bc4a8e4d3eb4b10f4d4604fa08dce601aaf0f470216fe1b51850b4acf21b179c45070ac7b03a9" -t 1317972665 -n 2084524493</code> * Check your '''Nonce'''number ,'''Merkel''' and '''Genesis''' hash with litecoins: *https://github.com/litecoin-project/litecoin/blob/master/src/chainparams.cpp ** Nonce: Line 116 ** hashGenesisBlock Line 118 ** hashMerkelRoot Line 119 ====MainNet==== * This is for N33Bcoin sha256 ** SYNTAX: <code>python2 genesis.py -a <algo> -z "<time_stamp_message>" -t <unix_time_stamp> -b <difficulty_target> -p <huge_public_key> -v <coin_rewards_plus_8_zeros></code> <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000</code> * This can take a while <pre> ubuntu@pygen:~/GenesisH0$ python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000 04ffff001d0104264e333342277320666f72204e6f6f62277320617420436f6d706c6574654e6f6f62732e636f6d algorithm: SHA256 merkle hash: 6cc697f6a9806aee97a71c01c41e9084c0b38c2042b2a3eef741e1ae47586f89 pszTimestamp: N33B's for Noob's at CompleteNoobs.com pubkey: 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 time: 1733333333 bits: 0x1d00ffff Searching for genesis hash.. 298871.0 hash/s, estimate: 4.0 hgenesis hash found! nonce: 3926490992 genesis hash: 000000003af8bb03eaa894f998df439eba70ff19c25705fc695bff6553252ae6 </pre> As you can see we have the details we need for chainpararms.cpp: * '''nonce''': <code>3926490992</code> * '''merkle hash''': <code>6cc697f6a9806aee97a71c01c41e9084c0b38c2042b2a3eef741e1ae47586f89</code> * '''genesis hash''': <code>000000003af8bb03eaa894f998df439eba70ff19c25705fc695bff6553252ae6</code> ====TestNet==== * nBits <code>-b 0x1e0ffff0</code> has been made less difficult. * TimeStamp <code>-t 1733333334</code> has been changed so i know which one is main - test - reg, nets later on. There is no requirement to change unixtimestamp for each one. <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000</code> <pre> ubuntu@pygen:~/GenesisH0$ python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000 04ffff001d0104264e333342277320666f72204e6f6f62277320617420436f6d706c6574654e6f6f62732e636f6d algorithm: SHA256 merkle hash: 6cc697f6a9806aee97a71c01c41e9084c0b38c2042b2a3eef741e1ae47586f89 pszTimestamp: N33B's for Noob's at CompleteNoobs.com pubkey: 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 time: 1733333334 bits: 0x1e0ffff0 Searching for genesis hash.. genesis hash found! nonce: 105904 genesis hash: 00000d490951764bb9dc0b882e69bd908781f208267c61c330bc88f825ec87d9 </pre> ====RegNet==== * <code>-b 0x207fffff</code> '''difficultly''' has been changed. * <code>-t 1733333335</code> '''Time Stamp''' has been changed. <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000</code> <pre> ubuntu@pygen:~/GenesisH0$ python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000 04ffff001d0104264e333342277320666f72204e6f6f62277320617420436f6d706c6574654e6f6f62732e636f6d algorithm: SHA256 merkle hash: 6cc697f6a9806aee97a71c01c41e9084c0b38c2042b2a3eef741e1ae47586f89 pszTimestamp: N33B's for Noob's at CompleteNoobs.com pubkey: 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 time: 1733333335 bits: 0x207fffff Searching for genesis hash.. genesis hash found! nonce: 0 genesis hash: 3b8c1255a0fb1f5db478fec6b585fc2a5c1dcdc429e9a05d7e246c97e80a7c35 </pre> ===Litecoin - scrypt=== * Could not get working litecoin keys? will look into later. <code>python2.5 genesis.py -a scrypt -z "N3WB's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> mlsetwrofrxwoas3t41yfvhvwl521cz 596 595 2025-06-26T13:43:51Z AwesomO 5 /* MainNet */ 596 wikitext text/x-wiki {{:LICENCE_HEADER_APACHE2}} * Append same license to page containing script * https://github.com/lhartikk/GenesisH0 ** [[GenesisH0_Python_Script| The Script is under the Apache Version 2 License]] * Due to the age of the script, the best way i found to get it working was in a LXC container with python2.5 and some depends installed, this way your main system remains clean. ==Create container== <code>lxc launch ubuntu:24.04 pygen</code> <code>lxc exec pygen bash</code> <code>su - ubuntu</code> ===Install Python 2.5 === <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential zlib1g-dev libssl-dev</code> <code>wget http://www.python.org/ftp/python/2.5.2/Python-2.5.2.tgz</code> * sha256sum Python-2.5.2.tgz <code>834afe8a88adaf623b05ac5dd6700dd5bb5d0d5553fc74ad529359a3496e4ae3</code> <code>tar -zxvf Python-2.5.2.tgz</code> <code>cd Python-2.5.2</code> <code>./configure --with-zlib=/usr/include</code> * After running the ./configure command a file called 'Setup' will appear in the 'Python-2.5.2/Modules' Directory. <code>$EDITOR Modules/Setup</code> * Uncomment the line 454 and save and exit the file. <pre> 451 # Andrew Kuchling's zlib module. 452 # This require zlib 1.1.3 (or later). 453 # See http://www.gzip.org/zlib/ 454 #zlib zlibmodule.c -I$(prefix)/include -L$(exec_prefix)/lib -lz </pre> <code>make</code> <code>sudo make install</code> * python2.5 shold now be installed in /usr/local/bin/python2.5 * This is clean ubuntu 24.04 container with no python2 installed so going to link name to just python2 with symlink <code>sudo ln -s /usr/local/bin/python2.5 /usr/local/bin/python2</code> * If you skip this step it just means you will use <code>sudo python2.5 setup.py install</code> instead of <code>sudo python2 setup.py install</code> ===Install setuptools for easy_install=== * archive pip - https://pypi.org/project/setuptools/#history <code>wget https://files.pythonhosted.org/packages/8b/62/baf1e2c2b02de7898dcacd1d1a41e323b79d25be5c88d2805c89fb424835/setuptools-0.6c11.tar.gz</code> * sha256sum setuptools-0.6c11.tar.gz <code>630fea9b726320b73ee3ca6ff61732cb32675b0389be658080fe46383b87a1d3</code> <code>tar -xvzf setuptools-0.6c11.tar.gz</code> <code>cd setuptools-0.6c11</code> <code>sudo python2 setup.py install</code> ===Install six 1.6.1=== * This package is required by construct 2.5.2 <code>wget https://files.pythonhosted.org/packages/e8/70/b9c441d8c02b70eb3bf923c49944b8fc656f78a43c084d2a98534d7404e2/six-1.6.1.tar.gz</code> * sha256sum six-1.6.1.tar.gz <code>d4392a7c8d91b005c002568a85faf617c67241c8cd8399cc395e8f1005aff80d</code> <code>sudo easy_install six-1.6.1.tar.gz</code> <div class="toccolours mw-collapsible mw-collapsed"> If you did NOT install easy_install and would like to do manually: <div class="mw-collapsible-content"> Its pretty easy, same way you installed setuptools and will be the same method to install the other packages as well. * extract file with tar <code>tar -zxvf six-1.6.1.tar.gz</code> * enter directory <code>cd six-1.6.1</code> * and install with python <code>sudo python2 setup.py install</code> </div> </div> ===Install construct 2.5.2=== <code>wget https://files.pythonhosted.org/packages/fd/5a/e3105c79b3b0bbf7a80dc8218d7416df6551f9f2fe389c9ce6690a621c00/construct-2.5.2.tar.gz</code> * sha256sum construct-2.5.2.tar.gz <code>665b6271eeadf15219c726b180c8d7a641d026784d72ca3dad90a20aae009020</code> <code>sudo easy_install construct-2.5.2.tar.gz</code> <div class="toccolours mw-collapsible mw-collapsed"> Output from command: <code>sudo easy_install construct-2.5.2.tar.gz</code> <div class="mw-collapsible-content"> * This happened on mine, but script and keys worked fine, so no worries be mateys <pre> ubuntu@pygen:~$ sudo easy_install construct-2.5.2.tar.gz Processing construct-2.5.2.tar.gz Running construct-2.5.2/setup.py -q bdist_egg --dist-dir /tmp/easy_install-GXHk0j/construct-2.5.2/egg-dist-tmp-JXx8gl build/bdist.linux-x86_64/egg/construct/formats/filesystem/fat16.py:215: Warning: 'with' will become a reserved keyword in Python 2.6 File "build/bdist.linux-x86_64/egg/construct/formats/filesystem/fat16.py", line 215 with BytesIO() as mem: ^ SyntaxError: invalid syntax zip_safe flag not set; analyzing archive contents... construct.debug: module MAY be using inspect.stack /usr/local/lib/python2.5/site-packages/construct-2.5.2-py2.5.egg/construct/formats/filesystem/fat16.py:215: Warning: 'with' will become a reserved keyword in Python 2.6 File "/usr/local/lib/python2.5/site-packages/construct-2.5.2-py2.5.egg/construct/formats/filesystem/fat16.py", line 215 with BytesIO() as mem: ^ SyntaxError: invalid syntax Adding construct 2.5.2 to easy-install.pth file Installed /usr/local/lib/python2.5/site-packages/construct-2.5.2-py2.5.egg Processing dependencies for construct==2.5.2 Finished processing dependencies for construct==2.5.2 </pre> </div> </div> ===Install scrypt-0.6.1=== * required by GenesisH0 <code>wget https://pypi.python.org/packages/source/s/scrypt/scrypt-0.6.1.tar.gz</code> * sha256sum scrypt-0.6.1.tar.gz <code>6142bb9f786649bd2a51f47e61dff91bf8315fd8989188003c3c61c05834a07b</code> <code>sudo easy_install scrypt-0.6.1.tar.gz</code> <div class="toccolours mw-collapsible mw-collapsed"> Install output: <div class="mw-collapsible-content"> <pre> ubuntu@pygen:~$ sudo easy_install scrypt-0.6.1.tar.gz Processing scrypt-0.6.1.tar.gz Running scrypt-0.6.1/setup.py -q bdist_egg --dist-dir /tmp/easy_install-QSGJ2P/scrypt-0.6.1/egg-dist-tmp-DG_d1K scrypt-1.1.6/lib/crypto/crypto_aesctr.c: In function ‘crypto_aesctr_stream’: scrypt-1.1.6/lib/crypto/crypto_aesctr.c:97:25: warning: ‘AES_encrypt’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 97 | AES_encrypt(pblk, stream->buf, stream->key); | ^~~~~~~~~~~ In file included from scrypt-1.1.6/lib/crypto/crypto_aesctr.c:34: /usr/include/openssl/aes.h:57:6: note: declared here 57 | void AES_encrypt(const unsigned char *in, unsigned char *out, | ^~~~~~~~~~~ scrypt-1.1.6/lib/scryptenc/scryptenc.c: In function ‘scryptenc_buf’: scrypt-1.1.6/lib/scryptenc/scryptenc.c:365:9: warning: ‘AES_set_encrypt_key’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 365 | if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) | ^~ In file included from scrypt-1.1.6/lib/scryptenc/scryptenc.c:38: /usr/include/openssl/aes.h:51:5: note: declared here 51 | int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | ^~~~~~~~~~~~~~~~~~~ scrypt-1.1.6/lib/scryptenc/scryptenc.c: In function ‘scryptdec_buf’: scrypt-1.1.6/lib/scryptenc/scryptenc.c:428:9: warning: ‘AES_set_encrypt_key’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 428 | if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) | ^~ /usr/include/openssl/aes.h:51:5: note: declared here 51 | int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | ^~~~~~~~~~~~~~~~~~~ scrypt-1.1.6/lib/scryptenc/scryptenc.c: In function ‘scryptenc_file’: scrypt-1.1.6/lib/scryptenc/scryptenc.c:489:9: warning: ‘AES_set_encrypt_key’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 489 | if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) | ^~ /usr/include/openssl/aes.h:51:5: note: declared here 51 | int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | ^~~~~~~~~~~~~~~~~~~ scrypt-1.1.6/lib/scryptenc/scryptenc.c: In function ‘scryptdec_file’: scrypt-1.1.6/lib/scryptenc/scryptenc.c:587:9: warning: ‘AES_set_encrypt_key’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 587 | if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) | ^~ /usr/include/openssl/aes.h:51:5: note: declared here 51 | int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | ^~~~~~~~~~~~~~~~~~~ zip_safe flag not set; analyzing archive contents... Adding scrypt 0.6.1 to easy-install.pth file Installed /usr/local/lib/python2.5/site-packages/scrypt-0.6.1-py2.5-linux-x86_64.egg Processing dependencies for scrypt==0.6.1 Finished processing dependencies for scrypt==0.6.1 </pre> </div> </div> * After just installing with <code>easy_install</code> i had an error with: <pre> Traceback (most recent call last): File "genesis.py", line 2, in <module> import scrypt File "build/bdist.linux-x86_64/egg/scrypt.py", line 11, in <module> ImportError: No module named _scrypt </pre> Tried installing the manual way and it worked on second try! <div class="toccolours mw-collapsible mw-collapsed"> The manual way to install scrypt: <div class="mw-collapsible-content"> <code>tar xvf scrypt-0.6.1.tar.gz</code> <code>cd scrypt-0.6.1/</code> <code>sudo python2 setup.py install</code> </div> </div> ===Install the GenesisH0 script and run=== <code>git clone https://github.com/lhartikk/GenesisH0.git</code> * sha256sum GenesisH0/genesis.py <code>7120909579283fd715ae3167b456fe3e23cbd9c280b1a2e2ce89b47830bf96f4</code> <code>cd GenesisH0</code> ===Run GenesisH0=== <pre> Usage: genesis.py [options] Options: -h, --help show this help message and exit -t TIME, --time=TIME the (unix) time when the genesisblock is created -z TIMESTAMP, --timestamp=TIMESTAMP the pszTimestamp found in the coinbase of the genesisblock -n NONCE, --nonce=NONCE the first value of the nonce that will be incremented when searching the genesis hash -a ALGORITHM, --algorithm=ALGORITHM the PoW algorithm: [SHA256|scrypt|X11|X13|X15] -p PUBKEY, --pubkey=PUBKEY the pubkey found in the output script -v VALUE, --value=VALUE the value in coins for the output, full value (exp. in bitcoin 5000000000 - To get other coins value: Block Value * 100000000) -b BITS, --bits=BITS the target in compact representation, associated to a difficulty of 1 </pre> =====Test ===== * Lets recreate the Litecoin Genesis Hash and Merkel Hash (its way quicker than bitcoin) <code>python2.5 genesis.py -a scrypt -z "NY Times 05/Oct/2011 Steve Jobs, Apple’s Visionary, Dies at 56" -p "040184710fa689ad5023690c80f3a49c8f13f8d45b8c857fbcbc8bc4a8e4d3eb4b10f4d4604fa08dce601aaf0f470216fe1b51850b4acf21b179c45070ac7b03a9" -t 1317972665 -n 2084524493</code> * Check your '''Nonce'''number ,'''Merkel''' and '''Genesis''' hash with litecoins: *https://github.com/litecoin-project/litecoin/blob/master/src/chainparams.cpp ** Nonce: Line 116 ** hashGenesisBlock Line 118 ** hashMerkelRoot Line 119 ====MainNet==== * This is for N33Bcoin sha256 ** <b>SYNTAX</b>: <code>python2 genesis.py -a <algo> -z "<time_stamp_message>" -t <unix_time_stamp> -b <difficulty_target> -p <huge_public_key> -v <coin_rewards_plus_8_zeros></code> <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000</code> * This can take a while <pre> ubuntu@pygen:~/GenesisH0$ python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000 04ffff001d0104264e333342277320666f72204e6f6f62277320617420436f6d706c6574654e6f6f62732e636f6d algorithm: SHA256 merkle hash: 6cc697f6a9806aee97a71c01c41e9084c0b38c2042b2a3eef741e1ae47586f89 pszTimestamp: N33B's for Noob's at CompleteNoobs.com pubkey: 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 time: 1733333333 bits: 0x1d00ffff Searching for genesis hash.. 298871.0 hash/s, estimate: 4.0 hgenesis hash found! nonce: 3926490992 genesis hash: 000000003af8bb03eaa894f998df439eba70ff19c25705fc695bff6553252ae6 </pre> As you can see we have the details we need for chainpararms.cpp: * '''nonce''': <code>3926490992</code> * '''merkle hash''': <code>6cc697f6a9806aee97a71c01c41e9084c0b38c2042b2a3eef741e1ae47586f89</code> * '''genesis hash''': <code>000000003af8bb03eaa894f998df439eba70ff19c25705fc695bff6553252ae6</code> ====TestNet==== * nBits <code>-b 0x1e0ffff0</code> has been made less difficult. * TimeStamp <code>-t 1733333334</code> has been changed so i know which one is main - test - reg, nets later on. There is no requirement to change unixtimestamp for each one. <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000</code> <pre> ubuntu@pygen:~/GenesisH0$ python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000 04ffff001d0104264e333342277320666f72204e6f6f62277320617420436f6d706c6574654e6f6f62732e636f6d algorithm: SHA256 merkle hash: 6cc697f6a9806aee97a71c01c41e9084c0b38c2042b2a3eef741e1ae47586f89 pszTimestamp: N33B's for Noob's at CompleteNoobs.com pubkey: 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 time: 1733333334 bits: 0x1e0ffff0 Searching for genesis hash.. genesis hash found! nonce: 105904 genesis hash: 00000d490951764bb9dc0b882e69bd908781f208267c61c330bc88f825ec87d9 </pre> ====RegNet==== * <code>-b 0x207fffff</code> '''difficultly''' has been changed. * <code>-t 1733333335</code> '''Time Stamp''' has been changed. <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000</code> <pre> ubuntu@pygen:~/GenesisH0$ python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 -v 33300000000 04ffff001d0104264e333342277320666f72204e6f6f62277320617420436f6d706c6574654e6f6f62732e636f6d algorithm: SHA256 merkle hash: 6cc697f6a9806aee97a71c01c41e9084c0b38c2042b2a3eef741e1ae47586f89 pszTimestamp: N33B's for Noob's at CompleteNoobs.com pubkey: 041e82b1b4f244d71815b5919ef91e20c44928031230bd4442ce38bf597ab92abab2a2f9542463cd515b5cd3ea0e215258fa28f36a8c968926beb6ae6e9ea41ea4 time: 1733333335 bits: 0x207fffff Searching for genesis hash.. genesis hash found! nonce: 0 genesis hash: 3b8c1255a0fb1f5db478fec6b585fc2a5c1dcdc429e9a05d7e246c97e80a7c35 </pre> ===Litecoin - scrypt=== * Could not get working litecoin keys? will look into later. <code>python2.5 genesis.py -a scrypt -z "N3WB's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> 9j72xiqw2377hvyu9769qiho5kvjyjk 0 158 516 2025-04-20T18:31:44Z AwesomO 5 Created page with "== Script Depends - Install == <code>sudo apt install python3-ecdsa</code> == Generating a Genesis private and public key == <code>$EDITOR GenPub.py</code> <pre> import ecdsa import hashlib # sudo apt install python3-ecdsa # required def generate_key_pair(): sk = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1) vk = sk.get_verifying_key() x_coord = vk.pubkey.point.x() y_coord = vk.pubkey.point.y() if y_coord % 2 == 0: compressed_pub_key..." 516 wikitext text/x-wiki == Script Depends - Install == <code>sudo apt install python3-ecdsa</code> == Generating a Genesis private and public key == <code>$EDITOR GenPub.py</code> <pre> import ecdsa import hashlib # sudo apt install python3-ecdsa # required def generate_key_pair(): sk = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1) vk = sk.get_verifying_key() x_coord = vk.pubkey.point.x() y_coord = vk.pubkey.point.y() if y_coord % 2 == 0: compressed_pub_key = b'\x02' + x_coord.to_bytes(32, 'big') else: compressed_pub_key = b'\x03' + x_coord.to_bytes(32, 'big') genesis_pub_key = b'\x04' + vk.to_string() return { 'private_key': sk.to_string().hex(), 'public_key': vk.to_string().hex(), 'compressed_public_key': compressed_pub_key.hex(), 'genesis_public_key': genesis_pub_key.hex() } key_pair = generate_key_pair() print("Private Key:", key_pair['private_key']) print("Public Key:", key_pair['public_key']) print("Compressed Public Key:", key_pair['compressed_public_key']) print("Genesis Public Key:", key_pair['genesis_public_key']) with open('genesis_pub_key.txt', 'w') as file: file.write(f"Genesis Public Key = {key_pair['genesis_public_key']}\n") file.write(f"Compressed Public Key = {key_pair['compressed_public_key']}\n") file.write(f"Public Key = {key_pair['public_key']}\n") file.write(f"Private Key = {key_pair['private_key']}\n") print("All keys have been written to 'genesis_pub_key.txt'") </pre> <code>python3 GenPub.py</code> <div class="toccolours mw-collapsible mw-collapsed"> python3 GenPub.py Output: <div class="mw-collapsible-content"> <pre> Private Key: 37fb2a2e212790874147f642e92959ea2a3d491269ffe89e389c09a741583f5d Public Key: b2795d3e9e5d6d3069d4b8bcb0104ee5b771e3d57bb95fc379dba06683864fba32e2ee0bab0bbab352a3e5e7de57f5dffafbf3181c5ad1bc62d580a8034240be Compressed Public Key: 02b2795d3e9e5d6d3069d4b8bcb0104ee5b771e3d57bb95fc379dba06683864fba Genesis Public Key: 04b2795d3e9e5d6d3069d4b8bcb0104ee5b771e3d57bb95fc379dba06683864fba32e2ee0bab0bbab352a3e5e7de57f5dffafbf3181c5ad1bc62d580a8034240be All keys have been written to 'genesis_pub_key.txt' </pre> </div> </div> e9ggtemtxgqdtmgn84mzoc2kszc20sr 0 159 517 2025-04-20T19:21:14Z AwesomO 5 Created page with "Note: Should work on Bitcoin - Untested on Bitcoin - developed by Noob's do not trust, you been warned. * This script does the following: ** It takes user input as a seed (which can be 12 words or any random input). ** It generates a deterministic seed by hashing the input. ** It uses this seed to create an ECDSA private key on the secp256k1 curve (used by Bitcoin and n33bcoin). ** It derives the public key from the private key. ** It generates a N33B coin address from..." 517 wikitext text/x-wiki Note: Should work on Bitcoin - Untested on Bitcoin - developed by Noob's do not trust, you been warned. * This script does the following: ** It takes user input as a seed (which can be 12 words or any random input). ** It generates a deterministic seed by hashing the input. ** It uses this seed to create an ECDSA private key on the secp256k1 curve (used by Bitcoin and n33bcoin). ** It derives the public key from the private key. ** It generates a N33B coin address from the public key. ** It creates a WIF (Wallet Import Format) version of the private key. *** Install the required libraries '''<code>sudo apt install python3-ecdsa python3-base58</code>''' ==Script== <code>$EDITOR add_bit_gen.py</code> <pre> import hashlib import ecdsa import base58 # Python3 - this script depends on 'ecdsa', 'base58'. # sudo apt install python3-ecdsa python3-base58 def generate_n33bcoin_keypair(seed): # Generate a deterministic seed from the input seed_hash = hashlib.sha256(seed.encode()).digest() # Use the seed to generate a private key signing_key = ecdsa.SigningKey.from_string(seed_hash, curve=ecdsa.SECP256k1) private_key = signing_key.to_string().hex() # Generate the public key verifying_key = signing_key.get_verifying_key() public_key = '04' + verifying_key.to_string().hex() # Generate n33bcoin address (same as Bitcoin mainnet) public_key_bytes = bytes.fromhex(public_key) sha256_hash = hashlib.sha256(public_key_bytes).digest() ripemd160_hash = hashlib.new('ripemd160', sha256_hash).digest() # n33bcoin mainnet address (version byte 0x00, starts with '1') version_byte = b'\x00' # Decimal 0, Bitcoin-like mainnet full_hash = version_byte + ripemd160_hash checksum = hashlib.sha256(hashlib.sha256(full_hash).digest()).digest()[:4] n33bcoin_address = base58.b58encode(full_hash + checksum).decode('utf-8') # n33bcoin WIF private key (version byte 0x80, Bitcoin-like mainnet) version_byte_wif = b'\x80' # Decimal 128 extended_key = version_byte_wif + bytes.fromhex(private_key) checksum = hashlib.sha256(hashlib.sha256(extended_key).digest()).digest()[:4] wif_private_key = base58.b58encode(extended_key + checksum).decode('utf-8') return { 'private_key': private_key, 'public_key': public_key, 'n33bcoin_address': n33bcoin_address, 'wif_private_key': wif_private_key } def main(): print("Enter your seed (12 words or any random input):") seed = input().strip() keypair = generate_n33bcoin_keypair(seed) print("\nGenerated n33bcoin Key Pair:") print(f"Private Key: {keypair['private_key']}") print(f"Public Key: {keypair['public_key']}") print(f"n33bcoin Address: {keypair['n33bcoin_address']}") print(f"WIF Private Key: {keypair['wif_private_key']}") if __name__ == "__main__": main() </pre> * If saved as <code>add_bit_gen.py</code> * Then run as so: <code>pyhon3 add_bit_gen.py</code> * Enter your seed when prompted. * The script will output the private key, public key, N33Bcoin address, and WIF private key. ==Note's== Important notes: * This script generates reproducible results, meaning the same input will always produce the same key pair. * The security of your keys depends on the randomness and secrecy of your input seed. * Use a strong, unique seed for real-world use. * This is a simplified implementation and should not be used for managing real funds without further security measures. * Always keep your private keys secret and secure. ==Results== * Sample output - using seed 'hithere' <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> * Reproduced usig: 'hithere' <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> * a space between words: 'hi there' <pre> noob@CompleteNoobs:~/testin$ python3 add_bit_gen.py Enter your seed (12 words or any random input): hi there Generated N33Bcoin Key Pair: Private Key: 9b96a1fe1d548cbbc960cc6a0286668fd74a763667b06366fb2324269fcabaa4 Public Key: 04c20346f8bca6852b432ebd1317d58f616bd9bdcb094d6b563712dfbc820ffcd8a2325459cc2909ea4f2a982c65ba4688c0de5538d679249d25d91dcb8878c7e3 N33Bcoin Address: 1CTLQdpSqKE27fJcykm3BEVkWZdfN9888w WIF Private Key: 5JzosusicGeVVxbzsmu2uKpJjNPtni2ARvW7L5bdVy9Dyyo4Jfb </pre> * reproduced on diff box - with same script: <pre> ubuntu@py2:~/key_script$ python3 add_bit_gen.py Enter your seed (12 words or any random input): hi there Generated N33Bcoin Key Pair: Private Key: 9b96a1fe1d548cbbc960cc6a0286668fd74a763667b06366fb2324269fcabaa4 Public Key: 04c20346f8bca6852b432ebd1317d58f616bd9bdcb094d6b563712dfbc820ffcd8a2325459cc2909ea4f2a982c65ba4688c0de5538d679249d25d91dcb8878c7e3 N33Bcoin Address: 1CTLQdpSqKE27fJcykm3BEVkWZdfN9888w WIF Private Key: 5JzosusicGeVVxbzsmu2uKpJjNPtni2ARvW7L5bdVy9Dyyo4Jfb </pre> fcfvutik9dqflpff5gm8bpgr9ips2qz 609 517 2025-07-07T15:26:13Z AwesomO 5 /* Note's */ 609 wikitext text/x-wiki Note: Should work on Bitcoin - Untested on Bitcoin - developed by Noob's do not trust, you been warned. * This script does the following: ** It takes user input as a seed (which can be 12 words or any random input). ** It generates a deterministic seed by hashing the input. ** It uses this seed to create an ECDSA private key on the secp256k1 curve (used by Bitcoin and n33bcoin). ** It derives the public key from the private key. ** It generates a N33B coin address from the public key. ** It creates a WIF (Wallet Import Format) version of the private key. *** Install the required libraries '''<code>sudo apt install python3-ecdsa python3-base58</code>''' ==Script== <code>$EDITOR add_bit_gen.py</code> <pre> import hashlib import ecdsa import base58 # Python3 - this script depends on 'ecdsa', 'base58'. # sudo apt install python3-ecdsa python3-base58 def generate_n33bcoin_keypair(seed): # Generate a deterministic seed from the input seed_hash = hashlib.sha256(seed.encode()).digest() # Use the seed to generate a private key signing_key = ecdsa.SigningKey.from_string(seed_hash, curve=ecdsa.SECP256k1) private_key = signing_key.to_string().hex() # Generate the public key verifying_key = signing_key.get_verifying_key() public_key = '04' + verifying_key.to_string().hex() # Generate n33bcoin address (same as Bitcoin mainnet) public_key_bytes = bytes.fromhex(public_key) sha256_hash = hashlib.sha256(public_key_bytes).digest() ripemd160_hash = hashlib.new('ripemd160', sha256_hash).digest() # n33bcoin mainnet address (version byte 0x00, starts with '1') version_byte = b'\x00' # Decimal 0, Bitcoin-like mainnet full_hash = version_byte + ripemd160_hash checksum = hashlib.sha256(hashlib.sha256(full_hash).digest()).digest()[:4] n33bcoin_address = base58.b58encode(full_hash + checksum).decode('utf-8') # n33bcoin WIF private key (version byte 0x80, Bitcoin-like mainnet) version_byte_wif = b'\x80' # Decimal 128 extended_key = version_byte_wif + bytes.fromhex(private_key) checksum = hashlib.sha256(hashlib.sha256(extended_key).digest()).digest()[:4] wif_private_key = base58.b58encode(extended_key + checksum).decode('utf-8') return { 'private_key': private_key, 'public_key': public_key, 'n33bcoin_address': n33bcoin_address, 'wif_private_key': wif_private_key } def main(): print("Enter your seed (12 words or any random input):") seed = input().strip() keypair = generate_n33bcoin_keypair(seed) print("\nGenerated n33bcoin Key Pair:") print(f"Private Key: {keypair['private_key']}") print(f"Public Key: {keypair['public_key']}") print(f"n33bcoin Address: {keypair['n33bcoin_address']}") print(f"WIF Private Key: {keypair['wif_private_key']}") if __name__ == "__main__": main() </pre> * If saved as <code>add_bit_gen.py</code> * Then run as so: <code>pyhon3 add_bit_gen.py</code> * Enter your seed when prompted. * The script will output the private key, public key, N33Bcoin address, and WIF private key. ==Note's== Important notes: * This script generates reproducible results, meaning the same input will always produce the same key pair. * The security of your keys depends on the randomness and secrecy of your input seed. * Use a strong, unique seed for real-world use. * This is a simplified implementation and should not be used for managing real funds without further security measures. * Always keep your private keys secret and secure. == Address Prefix == Blockchain currencies like Bitcoin use special encoded strings to represent addresses. <br> These strings typically follow a format called Base58Check, where a prefix (a single byte) determines the first character of the address.<br> * Line 129 (of bitcoin 0.14.3): Chainparams.cpp - this is bitcoins default and the leading symbol for the public adddress is <b>1</b> <code>base58Prefixes[PUBKEY_ADDRESS] = std::vector<unsigned char>(1,0);</code> * In LiteCoin this was changed to start with an <b>L</b> by using the prefix <b>48</b> <code>base58Prefixes[PUBKEY_ADDRESS] = std::vector<unsigned char>(1,48);</code> * To start the Leading symbol of the Public Address with an <b>N</b> we change the prefix to <b>53</b> <code>base58Prefixes[PUBKEY_ADDRESS] = std::vector<unsigned char>(1,53);</code> * [[NoobCoin_List_of_address_prefixes| You can Find/See the the Starting Symbol for each prefix here]] ===Changes required on script if you change Leading Symbol === <div class="toccolours mw-collapsible mw-collapsed"> Line Numbered Script: <div class="mw-collapsible-content"> <pre> 1 import hashlib 2 import ecdsa 3 import base58 4 5 # Python3 - this script depends on 'ecdsa', 'base58'. 6 # sudo apt install python3-ecdsa python3-base58 7 8 def generate_n33bcoin_keypair(seed): 9 # Generate a deterministic seed from the input 10 seed_hash = hashlib.sha256(seed.encode()).digest() 11 12 # Use the seed to generate a private key 13 signing_key = ecdsa.SigningKey.from_string(seed_hash, curve=ecdsa.SECP256k1) 14 private_key = signing_key.to_string().hex() 15 16 # Generate the public key 17 verifying_key = signing_key.get_verifying_key() 18 public_key = '04' + verifying_key.to_string().hex() 19 20 # Generate n33bcoin address (same as Bitcoin mainnet) 21 public_key_bytes = bytes.fromhex(public_key) 22 sha256_hash = hashlib.sha256(public_key_bytes).digest() 23 ripemd160_hash = hashlib.new('ripemd160', sha256_hash).digest() 24 25 # n33bcoin mainnet address (version byte 0x00, starts with '1') 26 version_byte = b'\x00' # Decimal 0, Bitcoin-like mainnet 27 full_hash = version_byte + ripemd160_hash 28 checksum = hashlib.sha256(hashlib.sha256(full_hash).digest()).digest()[:4] 29 n33bcoin_address = base58.b58encode(full_hash + checksum).decode('utf-8') 30 31 # n33bcoin WIF private key (version byte 0x80, Bitcoin-like mainnet) 32 version_byte_wif = b'\x80' # Decimal 128 33 extended_key = version_byte_wif + bytes.fromhex(private_key) 34 checksum = hashlib.sha256(hashlib.sha256(extended_key).digest()).digest()[:4] 35 wif_private_key = base58.b58encode(extended_key + checksum).decode('utf-8') 36 37 return { 38 'private_key': private_key, 39 'public_key': public_key, 40 'n33bcoin_address': n33bcoin_address, 41 'wif_private_key': wif_private_key 42 } 43 44 def main(): 45 print("Enter your seed (12 words or any random input):") 46 seed = input().strip() 47 48 keypair = generate_n33bcoin_keypair(seed) 49 50 print("\nGenerated n33bcoin Key Pair:") 51 print(f"Private Key: {keypair['private_key']}") 52 print(f"Public Key: {keypair['public_key']}") 53 print(f"n33bcoin Address: {keypair['n33bcoin_address']}") 54 print(f"WIF Private Key: {keypair['wif_private_key']}") 55 56 if __name__ == "__main__": 57 main() </pre> </div> </div> * On Line Number 26 you will see the line we need to change: <code>version_byte = b'\x00' # Decimal 0, Bitcoin-like mainnet</code> [[NoobCoin_List_of_address_prefixes| Find the Decimal number you need]] and [[Hex_numbers_explained| convert that Decimal into a Hex Number]] Example: For the Starting Symbol we want <b>N</b> the Decimal number for <b>N</b> is <b>53</b> to convert 53 to hex <code>3x16 = 48 + 5 = 53</code> the hex number is <b>35</b> - that's 3x16's and 5. * We can now change/append line 26 to include the value for are starting symbol. <pre> version_byte = b'\x35' # Decimal 53, for n33bcoin addresses starting with 'N'</pre> <div class="toccolours mw-collapsible mw-collapsed"> This would be the script if you changed your blockchain to include <b>N</b> as your starting symbol in public addresses: <div class="mw-collapsible-content"> <pre> import hashlib import ecdsa import base58 # Python3 - this script depends on 'ecdsa', 'base58'. # sudo apt install python3-ecdsa python3-base58 def generate_n33bcoin_keypair(seed): # Generate a deterministic seed from the input seed_hash = hashlib.sha256(seed.encode()).digest() # Use the seed to generate a private key signing_key = ecdsa.SigningKey.from_string(seed_hash, curve=ecdsa.SECP256k1) private_key = signing_key.to_string().hex() # Generate the public key verifying_key = signing_key.get_verifying_key() public_key = '04' + verifying_key.to_string().hex() # Generate n33bcoin address (version byte 0x35 for 'N' prefix) public_key_bytes = bytes.fromhex(public_key) sha256_hash = hashlib.sha256(public_key_bytes).digest() ripemd160_hash = hashlib.new('ripemd160', sha256_hash).digest() # n33bcoin mainnet address (version byte 0x35, starts with 'N') version_byte = b'\x35' # Decimal 53, for n33bcoin addresses starting with 'N' full_hash = version_byte + ripemd160_hash checksum = hashlib.sha256(hashlib.sha256(full_hash).digest()).digest()[:4] n33bcoin_address = base58.b58encode(full_hash + checksum).decode('utf-8') # n33bcoin WIF private key (version byte 0x80, Bitcoin-like mainnet) version_byte_wif = b'\x80' # Decimal 128, unchanged unless specified extended_key = version_byte_wif + bytes.fromhex(private_key) checksum = hashlib.sha256(hashlib.sha256(extended_key).digest()).digest()[:4] wif_private_key = base58.b58encode(extended_key + checksum).decode('utf-8') return { 'private_key': private_key, 'public_key': public_key, 'n33bcoin_address': n33bcoin_address, 'wif_private_key': wif_private_key } def main(): print("Enter your seed (12 words or any random input):") seed = input().strip() keypair = generate_n33bcoin_keypair(seed) print("\nGenerated n33bcoin Key Pair:") print(f"Private Key: {keypair['private_key']}") print(f"Public Key: {keypair['public_key']}") print(f"n33bcoin Address: {keypair['n33bcoin_address']}") print(f"WIF Private Key: {keypair['wif_private_key']}") if __name__ == "__main__": main() </pre> </div> </div> ==Results== * Sample output - using seed 'hithere' <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> * Reproduced usig: 'hithere' <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> * a space between words: 'hi there' <pre> noob@CompleteNoobs:~/testin$ python3 add_bit_gen.py Enter your seed (12 words or any random input): hi there Generated N33Bcoin Key Pair: Private Key: 9b96a1fe1d548cbbc960cc6a0286668fd74a763667b06366fb2324269fcabaa4 Public Key: 04c20346f8bca6852b432ebd1317d58f616bd9bdcb094d6b563712dfbc820ffcd8a2325459cc2909ea4f2a982c65ba4688c0de5538d679249d25d91dcb8878c7e3 N33Bcoin Address: 1CTLQdpSqKE27fJcykm3BEVkWZdfN9888w WIF Private Key: 5JzosusicGeVVxbzsmu2uKpJjNPtni2ARvW7L5bdVy9Dyyo4Jfb </pre> * reproduced on diff box - with same script: <pre> ubuntu@py2:~/key_script$ python3 add_bit_gen.py Enter your seed (12 words or any random input): hi there Generated N33Bcoin Key Pair: Private Key: 9b96a1fe1d548cbbc960cc6a0286668fd74a763667b06366fb2324269fcabaa4 Public Key: 04c20346f8bca6852b432ebd1317d58f616bd9bdcb094d6b563712dfbc820ffcd8a2325459cc2909ea4f2a982c65ba4688c0de5538d679249d25d91dcb8878c7e3 N33Bcoin Address: 1CTLQdpSqKE27fJcykm3BEVkWZdfN9888w WIF Private Key: 5JzosusicGeVVxbzsmu2uKpJjNPtni2ARvW7L5bdVy9Dyyo4Jfb </pre> 7nzm0881km107tvqjwc5927b8vkbz5k 0 160 520 2025-04-21T21:47:08Z AwesomO 5 Created page with "==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04..." 520 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin ==Genesis Keys== First we are going to need a public private key pair. [[Link to pub/priv key creation]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/noobcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33B/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33B/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * Run commands in <code>/home/$USER/N33Bcoin/</code> Directory * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Replace with your Hash on line 75 BIPHash <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * Link to Hex numbers explaned * Link to python script for random values The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Litecoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice swun4q7jzuqjp6zsqcn3i4ghsctyt29 526 520 2025-04-29T00:21:10Z AwesomO 5 /* Genesis Keys */ 526 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/noobcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33B/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33B/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * Run commands in <code>/home/$USER/N33Bcoin/</code> Directory * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Replace with your Hash on line 75 BIPHash <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * Link to Hex numbers explaned * Link to python script for random values The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Litecoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice k3nrxfmizq0izhusihucz0z2jshc48k 527 526 2025-04-29T00:23:26Z AwesomO 5 /* Genesis Keys */ 527 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/noobcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33B/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33B/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * Run commands in <code>/home/$USER/N33Bcoin/</code> Directory * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Replace with your Hash on line 75 BIPHash <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * Link to Hex numbers explaned * Link to python script for random values The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Litecoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice 4nvphd4r3pjjwm8rxoobm1r0n5yb30a 546 527 2025-05-29T15:42:58Z AwesomO 5 /* Line 110 Magic Bytes */ 546 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/noobcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33B/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33B/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * Run commands in <code>/home/$USER/N33Bcoin/</code> Directory * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Replace with your Hash on line 75 BIPHash <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * Link to python script for random values The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Litecoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice 9qzrh0ri8otmxgdo6fj2iaivwx8xkpf 548 546 2025-05-29T15:51:04Z AwesomO 5 /* Line 110 Magic Bytes */ 548 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/noobcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33B/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33B/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * Run commands in <code>/home/$USER/N33Bcoin/</code> Directory * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Replace with your Hash on line 75 BIPHash <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Litecoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice 1ik8xnzr3453lao8enij239opfhqgfl 549 548 2025-05-29T16:26:04Z AwesomO 5 /* src/chainparamsbase.cpp - API ports */ 549 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/noobcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33B/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33B/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * Run commands in <code>/home/$USER/N33Bcoin/</code> Directory * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Replace with your Hash on line 75 BIPHash <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice 4omv3u5ntud5ryjjoszch2sthhtmgzp 572 549 2025-06-20T22:18:15Z AwesomO 5 /* Renaming Bitcoin to N33Bcoin */ 572 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33B/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33B/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * Run commands in <code>/home/$USER/N33Bcoin/</code> Directory * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Replace with your Hash on line 75 BIPHash <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice gqqaz8fri3kugg39osfqiqtma2ciyr6 573 572 2025-06-20T22:27:54Z AwesomO 5 /* Change Name for Docs */ 573 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33B/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * Run commands in <code>/home/$USER/N33Bcoin/</code> Directory * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Replace with your Hash on line 75 BIPHash <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice k9yved9lczysv3sr1f7n54hrrd6tfbr 574 573 2025-06-20T22:28:16Z AwesomO 5 /* Change Name for Docs */ 574 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * Run commands in <code>/home/$USER/N33Bcoin/</code> Directory * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Replace with your Hash on line 75 BIPHash <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice 29kr89oqw8grjj2ml8552ibit6a5pef 575 574 2025-06-20T22:30:00Z AwesomO 5 /* Change Names for Files */ 575 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Replace with your Hash on line 75 BIPHash <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice rfo0bwkfm5zetw2pqge6z0bxxpwvsff 576 575 2025-06-20T22:30:42Z AwesomO 5 /* Change Names for Files */ 576 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Replace with your Hash on line 75 BIPHash <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice gtlazqoadardfvuspdb28vtd30flee4 577 576 2025-06-20T22:31:48Z AwesomO 5 /* Line 74 - 77 MainNet BIP Section */ 577 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice 4dbgzgb931dv2q86w2u1kqp8g5jymbz 578 577 2025-06-20T22:34:07Z AwesomO 5 /* Line 87 */ 578 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. 9,999,999,999 Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice k2lpzqkk5gjz2eprbzdl3de2nu3olv5 590 578 2025-06-25T12:50:49Z AwesomO 5 /* Coin Params for N33Bcoin 0.1 POW */ 590 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin <b>NOTE</b>: What is a Unix Time Stamp? - It is the number of seconds from the Unix Epoch date of 01/01/1970 at 00:00 UTC - to convert a date use - https://www.unixtimestamp.com/ ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. 9,999,999,999 Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice pdks5woe2ndpgl25t2a4di7ka7dj5qn 591 590 2025-06-25T13:17:13Z AwesomO 5 /* Start up HardWare */ 591 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin <b>NOTE</b>: What is a Unix Time Stamp? - It is the number of seconds from the Unix Epoch date of 01/01/1970 at 00:00 UTC - to convert a date use - https://www.unixtimestamp.com/ ==Set EDITOR== {{:SET_EDITOR}} ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. 9,999,999,999 Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice fma2qbaezcdy9kwj6pw56ommk8blxqm 593 591 2025-06-25T18:30:18Z AwesomO 5 /* Server Setup */ 593 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin <b>NOTE</b>: What is a Unix Time Stamp? - It is the number of seconds from the Unix Epoch date of 01/01/1970 at 00:00 UTC - to convert a date use - https://www.unixtimestamp.com/ ==Set EDITOR== {{:SET_EDITOR}} ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. 9,999,999,999 Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== * Vultr link with Affiliate code: https://www.vultr.com/?ref=9638414-9J First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice f8m1ln4yq3pml48cs7mdqpl34xtozd1 597 593 2025-06-26T19:24:54Z AwesomO 5 /* Container and VPS Setup */ 597 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin <b>NOTE</b>: What is a Unix Time Stamp? - It is the number of seconds from the Unix Epoch date of 01/01/1970 at 00:00 UTC - to convert a date use - https://www.unixtimestamp.com/ ==Set EDITOR== {{:SET_EDITOR}} ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. 9,999,999,999 Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == * Vultr with affiliate link: https://www.vultr.com/?ref=7704739 Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== * Vultr link with Affiliate code: https://www.vultr.com/?ref=9638414-9J First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice 5v29o2jssvd6a5mpxjv9t4n3jl3wzaf 598 597 2025-07-04T13:09:43Z AwesomO 5 /* n33b-node */ 598 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of litecoin 0.14.2 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin <b>NOTE</b>: What is a Unix Time Stamp? - It is the number of seconds from the Unix Epoch date of 01/01/1970 at 00:00 UTC - to convert a date use - https://www.unixtimestamp.com/ ==Set EDITOR== {{:SET_EDITOR}} ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. 9,999,999,999 Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == * Vultr with affiliate link: https://www.vultr.com/?ref=7704739 Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== * Vultr link with Affiliate code: https://www.vultr.com/?ref=9638414-9J First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <div class="toccolours mw-collapsible mw-collapsed"> * Node Syncing/Connecting issues If your node if not connecting <b>add a node</b>, This can be done in the n33bcoin.conf file or manually with n33bcoin-cli <div class="mw-collapsible-content"> * Appending Peer Node/s to Node config file <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> * Syntax:<code>addnode=<IP_Or_Domain>:<Port></code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcbind=127.0.0.1 rpcport=3366 daemon=1 server=1 addnode=node.n3wbcoin.com:3333 addnode=104.194.157.52:3333 </pre> * Add Node Manually using n33bcoin-cli ** Syntax:<code>n33bcoin-cli addnode <IP_Or_Domain>:<Port> add</code> <code>n33bcoin-cli addnode 104.194.157.52:3333 add</code> </div> </div> <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice rey4sh9ixrmsw4izbqyfybckls6ojh3 599 598 2025-07-04T19:34:18Z AwesomO 5 /* Start up HardWare */ 599 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of bitcoin 0.14.3 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin <b>NOTE</b>: What is a Unix Time Stamp? - It is the number of seconds from the Unix Epoch date of 01/01/1970 at 00:00 UTC - to convert a date use - https://www.unixtimestamp.com/ ==Set EDITOR== {{:SET_EDITOR}} ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. 9,999,999,999 Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == * Vultr with affiliate link: https://www.vultr.com/?ref=7704739 Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== * Vultr link with Affiliate code: https://www.vultr.com/?ref=9638414-9J First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <div class="toccolours mw-collapsible mw-collapsed"> * Node Syncing/Connecting issues If your node if not connecting <b>add a node</b>, This can be done in the n33bcoin.conf file or manually with n33bcoin-cli <div class="mw-collapsible-content"> * Appending Peer Node/s to Node config file <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> * Syntax:<code>addnode=<IP_Or_Domain>:<Port></code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcbind=127.0.0.1 rpcport=3366 daemon=1 server=1 addnode=node.n3wbcoin.com:3333 addnode=104.194.157.52:3333 </pre> * Add Node Manually using n33bcoin-cli ** Syntax:<code>n33bcoin-cli addnode <IP_Or_Domain>:<Port> add</code> <code>n33bcoin-cli addnode 104.194.157.52:3333 add</code> </div> </div> <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice 7id93xpe7ti1d1itzyj6o94q981z3oz 600 599 2025-07-04T19:35:06Z AwesomO 5 /* Line 195 */ 600 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of bitcoin 0.14.3 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin <b>NOTE</b>: What is a Unix Time Stamp? - It is the number of seconds from the Unix Epoch date of 01/01/1970 at 00:00 UTC - to convert a date use - https://www.unixtimestamp.com/ ==Set EDITOR== {{:SET_EDITOR}} ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. 9,999,999,999 Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Bitcoin's 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Litecoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == * Vultr with affiliate link: https://www.vultr.com/?ref=7704739 Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== * Vultr link with Affiliate code: https://www.vultr.com/?ref=9638414-9J First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <div class="toccolours mw-collapsible mw-collapsed"> * Node Syncing/Connecting issues If your node if not connecting <b>add a node</b>, This can be done in the n33bcoin.conf file or manually with n33bcoin-cli <div class="mw-collapsible-content"> * Appending Peer Node/s to Node config file <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> * Syntax:<code>addnode=<IP_Or_Domain>:<Port></code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcbind=127.0.0.1 rpcport=3366 daemon=1 server=1 addnode=node.n3wbcoin.com:3333 addnode=104.194.157.52:3333 </pre> * Add Node Manually using n33bcoin-cli ** Syntax:<code>n33bcoin-cli addnode <IP_Or_Domain>:<Port> add</code> <code>n33bcoin-cli addnode 104.194.157.52:3333 add</code> </div> </div> <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice r01tdt16q5sw5kbdb9t185nnm9to16r 601 600 2025-07-04T19:35:34Z AwesomO 5 /* Line 200 */ 601 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of bitcoin 0.14.3 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin <b>NOTE</b>: What is a Unix Time Stamp? - It is the number of seconds from the Unix Epoch date of 01/01/1970 at 00:00 UTC - to convert a date use - https://www.unixtimestamp.com/ ==Set EDITOR== {{:SET_EDITOR}} ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. 9,999,999,999 Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Bitcoin's 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Bitcoin's 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Litecoin’s work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == * Vultr with affiliate link: https://www.vultr.com/?ref=7704739 Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== * Vultr link with Affiliate code: https://www.vultr.com/?ref=9638414-9J First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <div class="toccolours mw-collapsible mw-collapsed"> * Node Syncing/Connecting issues If your node if not connecting <b>add a node</b>, This can be done in the n33bcoin.conf file or manually with n33bcoin-cli <div class="mw-collapsible-content"> * Appending Peer Node/s to Node config file <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> * Syntax:<code>addnode=<IP_Or_Domain>:<Port></code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcbind=127.0.0.1 rpcport=3366 daemon=1 server=1 addnode=node.n3wbcoin.com:3333 addnode=104.194.157.52:3333 </pre> * Add Node Manually using n33bcoin-cli ** Syntax:<code>n33bcoin-cli addnode <IP_Or_Domain>:<Port> add</code> <code>n33bcoin-cli addnode 104.194.157.52:3333 add</code> </div> </div> <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice s4ftflcyy1wtqfxkfwtpx3los2ylgqq 602 601 2025-07-04T19:36:00Z AwesomO 5 /* Line 204 */ 602 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of bitcoin 0.14.3 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin <b>NOTE</b>: What is a Unix Time Stamp? - It is the number of seconds from the Unix Epoch date of 01/01/1970 at 00:00 UTC - to convert a date use - https://www.unixtimestamp.com/ ==Set EDITOR== {{:SET_EDITOR}} ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. 9,999,999,999 Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Bitcoin's 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Bitcoin's 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Bitcoin's work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Litecoin’s block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == * Vultr with affiliate link: https://www.vultr.com/?ref=7704739 Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== * Vultr link with Affiliate code: https://www.vultr.com/?ref=9638414-9J First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <div class="toccolours mw-collapsible mw-collapsed"> * Node Syncing/Connecting issues If your node if not connecting <b>add a node</b>, This can be done in the n33bcoin.conf file or manually with n33bcoin-cli <div class="mw-collapsible-content"> * Appending Peer Node/s to Node config file <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> * Syntax:<code>addnode=<IP_Or_Domain>:<Port></code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcbind=127.0.0.1 rpcport=3366 daemon=1 server=1 addnode=node.n3wbcoin.com:3333 addnode=104.194.157.52:3333 </pre> * Add Node Manually using n33bcoin-cli ** Syntax:<code>n33bcoin-cli addnode <IP_Or_Domain>:<Port> add</code> <code>n33bcoin-cli addnode 104.194.157.52:3333 add</code> </div> </div> <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice 1fz8i9jysg3olise29b9g424xl0emag 603 602 2025-07-04T19:36:16Z AwesomO 5 /* Line 207 */ 603 wikitext text/x-wiki ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of bitcoin 0.14.3 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin <b>NOTE</b>: What is a Unix Time Stamp? - It is the number of seconds from the Unix Epoch date of 01/01/1970 at 00:00 UTC - to convert a date use - https://www.unixtimestamp.com/ ==Set EDITOR== {{:SET_EDITOR}} ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. 9,999,999,999 Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Bitcoin's 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Bitcoin's 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Bitcoin's work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Bitcoin's block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == * Vultr with affiliate link: https://www.vultr.com/?ref=7704739 Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== * Vultr link with Affiliate code: https://www.vultr.com/?ref=9638414-9J First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <div class="toccolours mw-collapsible mw-collapsed"> * Node Syncing/Connecting issues If your node if not connecting <b>add a node</b>, This can be done in the n33bcoin.conf file or manually with n33bcoin-cli <div class="mw-collapsible-content"> * Appending Peer Node/s to Node config file <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> * Syntax:<code>addnode=<IP_Or_Domain>:<Port></code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcbind=127.0.0.1 rpcport=3366 daemon=1 server=1 addnode=node.n3wbcoin.com:3333 addnode=104.194.157.52:3333 </pre> * Add Node Manually using n33bcoin-cli ** Syntax:<code>n33bcoin-cli addnode <IP_Or_Domain>:<Port> add</code> <code>n33bcoin-cli addnode 104.194.157.52:3333 add</code> </div> </div> <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice ovlecqkng13px6gbpnhn8ycepjxwjuo 604 603 2025-07-04T22:33:28Z AwesomO 5 604 wikitext text/x-wiki == walk-through video == * recommended playback speed 3X <youtube>https://www.youtube.com/watch?v=OSSuVkzHiws&feature=youtu.be</youtube> ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of bitcoin 0.14.3 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin <b>NOTE</b>: What is a Unix Time Stamp? - It is the number of seconds from the Unix Epoch date of 01/01/1970 at 00:00 UTC - to convert a date use - https://www.unixtimestamp.com/ ==Set EDITOR== {{:SET_EDITOR}} ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. 9,999,999,999 Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Bitcoin's 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Bitcoin's 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Bitcoin's work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Bitcoin's block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == * Vultr with affiliate link: https://www.vultr.com/?ref=7704739 Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== * Vultr link with Affiliate code: https://www.vultr.com/?ref=9638414-9J First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <div class="toccolours mw-collapsible mw-collapsed"> * Node Syncing/Connecting issues If your node if not connecting <b>add a node</b>, This can be done in the n33bcoin.conf file or manually with n33bcoin-cli <div class="mw-collapsible-content"> * Appending Peer Node/s to Node config file <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> * Syntax:<code>addnode=<IP_Or_Domain>:<Port></code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcbind=127.0.0.1 rpcport=3366 daemon=1 server=1 addnode=node.n3wbcoin.com:3333 addnode=104.194.157.52:3333 </pre> * Add Node Manually using n33bcoin-cli ** Syntax:<code>n33bcoin-cli addnode <IP_Or_Domain>:<Port> add</code> <code>n33bcoin-cli addnode 104.194.157.52:3333 add</code> </div> </div> <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice 8k5sxgnsd16z4oc4vtyzhdd48jmg063 610 604 2025-07-07T15:34:46Z AwesomO 5 /* Line 120 Change Merkel Hash */ 610 wikitext text/x-wiki == walk-through video == * recommended playback speed 3X <youtube>https://www.youtube.com/watch?v=OSSuVkzHiws&feature=youtu.be</youtube> ==Start up HardWare== * OS (local) Ubuntu-Mate 24.04 - this tut is done on a clean install of ubuntu-mate 24.04 ** Hardware: HP EliteDesk G1 - ram = 8GB - HD = 120GB ssd - CPU = i5-4590S CPU @ 3.00GHz ** Hardware: Thinkpad X270 - Ram - HD - CPU * Server VPS ubuntu-server 24.04 ** vultr.com ===Software OS=== * Will be using Ubuntu 24.04 as main OS - but to build this version of bitcoin 0.14.3 we will be using ubuntu 18.04 in a lxc container - trying to build in 24.04 was a huge side quest that is not that much fun. ===Coin Params for N33Bcoin 0.1 POW === * Are Coin Params ** Name of coin = N33Bcoin ** Symbol coin = N33B ** Premined Coins= 33% 11,111,111 coins to be used to rewards contributors. the how is currently unknown, will work out as we go. ** MaxCoins = 33,333,333 ** Rewards = 333 ** Halving Period = 33,333 blocks = every 231 days ** Block interval = 10 mins # will leave at 10 for starters ** Time Stamp 1733333333 2024-12-04 17:28:53 ** Time Stamp Message "N33B's for Noob's at CompleteNoobs.com" ** Genesis Block for are Coin <b>NOTE</b>: What is a Unix Time Stamp? - It is the number of seconds from the Unix Epoch date of 01/01/1970 at 00:00 UTC - to convert a date use - https://www.unixtimestamp.com/ ==Set EDITOR== {{:SET_EDITOR}} ==Genesis Keys== First we are going to need a public private key pair. [[Python_Generate_Public_Private_Key_Pair_Crypto_Bitcoin| Python3 Generate Public Private Key Pair]] * Public Key <code>049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf</code> * Keep private key safe, you just need pub key for now We then use are public key along with are coin parameter with [[GenesisH0_Creating_Genesis_Hash| GenesisH0]] to create a 'Nonce', 'Merkel hash' and 'Genesis hash'. For are 'MainNet', 'TestNet' and 'RegNet' === Main Net parameters === <code>python2 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333333 -b 0x1d00ffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333333</code> * '''Nonce''': <code>221118658</code> * '''nBits''': <code>0x1d00ffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4</code> === Test Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333334 -b 0x1e0ffff0 -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333334</code> * '''Nonce''': <code>511144</code> * '''nBits''': <code>0x1e0ffff0</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c</code> === Reg Net parameters === <code>python2.5 genesis.py -a SHA256 -z "N33B's for Noob's at CompleteNoobs.com" -t 1733333335 -b 0x207fffff -p 049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf -v 33300000000</code> * '''TimeStampMessage''': <code>N33B's for Noob's at CompleteNoobs.com</code> * '''UnixTimeStamp''': <code>1733333335</code> * '''Nonce''': <code>0</code> * '''nBits''': <code>0x207fffff</code> * '''Merkel''': <code>96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388</code> * '''Genesis''': <code>65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127</code> Now we have are parameters, we can start creating are own coin, but first lets change some file names to match the name of are coin. ==Source we are forking from Bitcoin 0.14.3== ===Home Directory=== <code>cd ~</code> ===Download bitcoin 0.14.3=== * https://bitcoincore.org/bin/bitcoin-core-0.14.3/ <code>wget https://bitcoincore.org/bin/bitcoin-core-0.14.3/bitcoin-0.14.3.tar.gz</code> * sha256sum bitcoin-0.14.3.tar.gz <code>416717ab5ef94f8458da2b12e4cd742ca08f5ad3817b65fc73811e06ac949f87</code> ===extract=== <code>tar xvf bitcoin-0.14.3.tar.gz</code> ===Change Directory Name to new/forked coin name=== <code>mv bitcoin-0.14.3 N33Bcoin</code> <code>cd N33Bcoin</code> * Current work director path is <code>/home/$USER/N33Bcoin/</code> ==Renaming== ===Renaming Bitcoin to N33Bcoin=== '''Run these command in the /home/$USER/N33Bcoin/ Directory''' * Lowercase <code>find . -type f -exec sed -i 's/bitcoin/n33bcoin/g' {} + </code> * UpperCase <code>find . -type f -exec sed -i 's/Bitcoin/N33Bcoin/g' {} + </code> * Name.1 <code>find . -type f -exec sed -i -e 's/bitcoin/n33bcoin/g' -e 's/bitcoind\.1/n33bcoind.1/g' {} + </code> ===Change Name for Docs=== To rename files in a directory (e.g., <code>/home/$USER/N33Bcoin/doc/man/</code>): * '''Before:''' <pre> bitcoin-cli.1 bitcoind.1 bitcoin-qt.1 bitcoin-tx.1 Makefile.am </pre> * '''After:''' <pre> n33bcoin-cli.1 n33bcoind.1 n33bcoin-qt.1 n33bcoin-tx.1 Makefile.am </pre> * '''Manual Way:''' <pre> mv -v bitcoin-cli.1 n33bcoin-cli.1 </pre> * '''Using mv with a for Loop:''' <code>cd /home/$USER/N33Bcoin/doc/man</code><br> <code>for file in bitcoin*; do mv -v "$file" "${file/bitcoin/n33bcoin}"; done</code> </pre> * <code>-v</code> shows each rename action. ===Change Names for Files=== *<b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> Unlike forking litecoin, the method we just used to rename all bitcoin words to n33bcoin created some problems, unlike litecoin 0.14.2, the word 'bitcoin' can be found in a lot of file names. Example: the file <code>libbitcoinconsensus.pc.in</code> is still called <code>libbitcoinconsensus.pc.in</code> but inside make and config files, it is now know as <code>libn33bcoinconsensus.pc.in</code> so it will look for a file called <code>libn33bcoinconsensus.pc.in</code> and not <code>libbitcoinconsensus.pc.in</code>, still will lead to a lot of breakages. * Easy Fix: Change all file names which include the word <code>bitcoin</code> to <code>n33bcoin</code> * install <code>rename</code> <code>sudo apt install rename</code> * <b>Run commands in <code>/home/$USER/N33Bcoin/</code> Directory</b> * See all file which contain the name <code>bitcoin</code> <code>find . -type f -name "*bitcoin*"</code> * Rename/convert all <code>bitcoin</code> in file names to <code>n33bcoin</code> <code>find . -type f -name "*bitcoin*" -exec rename 's/bitcoin/n33bcoin/' {} +</code> ==Editing Files== Are Files are located in path:<code>/home/$USER/N33B/N33Bcoin</code><br> Example: <code>src/amount.h</code> full path would be <code>/home/$USER/N33B/N33Bcoin/src/amount.h</code> === OverView of Files to edit=== * Comment Out <code>** Lines: 74 - 77 Comment Out</code> These are Lines we Don't need, but are not deleting just commenting out, so line numbers remain the same.<br> Comment out by placing a <code>//</code> at the beginning of the line. * '''src/amount.h''' ** Line 31: Edit Max Coins * '''src/validation.cpp''' ** Line 1166: This BLOCK of code will contain premined and Block rewards * '''src/qt/bitcoinunits.cpp''' ** Line 39 Block: change coin symbol LTC to N33B * '''src/chainparams.cpp''' ** Line 53: '''Global''' Change Time Stamp Message ** Line 54: '''Global''' Change Pub Key ** Line 73: '''MainNet''' Change Halving Interval <!--** Lines: 74 - 77 Comment Out--> ** Line 74: '''MainNet''' BIP34Height ** Line 75: '''MainNet''' BIP34Hash ** Line 76: '''MainNet''' BIP65Height ** Line 77: '''MainNet''' BIP66Height ** Lines 85 - 103: '''MainNet''' Deployment and Chain Work Section ** Line 110: '''MainNet''' Change Magic Bytes - Script included ** Line 114: '''MainNet''' Change Main Net Default Port ** Line 117: '''MainNet''' Change Main Net Nonce TimeStamp Coin_Rewards ** Line 119: '''MainNet''' Change Genesis Hash ** Line 120: '''MainNet''' Change Merkel Hash ** Line 144: '''MainNet'''Change Coin Number and Genesis Hash ** Lines 145 - 156 Comment Out ** Line 161: '''MainNet''' Change Time Stamp ** Line 162: '''MainNet''' Change Number Of Transactions ** Line 177: '''TestNet''' Halving Interval <!--** Lines: 178 - 181 Comment Out--> ** Line 178: '''TestNet''' BIP34Height ** Line 179: '''TestNet''' BIP34Hash ** Line 180: '''TestNet''' BIP65Height ** Line 181: '''TestNet''' BIP66Height ** Line 184: '''TestNet''' Block Times <!--** Lines: 189 - 207 Comment Out--> ** Lines 189 - 207: '''TestNet''' Deployment Section ** Line 213: '''TestNet''' Default Port ** Line 216: '''TestNet''' Time Stamp and Nonce ** Line 218: '''TestNet''' Genesis Hash Block ** Line 219: '''TestNet''' Merkel Hash Block ** Line 245: '''TestNet''' CheckPointData Genesis Hash Block Number ** Line 250: '''TestNet''' Time Stamp ** Line 251: '''TestNet''' Block Number ** Lines 267 - 270 '''RegressionNet''' BIP Consensus ** Line 301: '''RegressionNet''' Default Port ** Line 304: '''RegressionNet''' Time Stamp Nonce Coin_Rewards ** Line 306: '''RegressionNet''' Genesis Block Hash ** Line 307: '''RegressionNet''' Merkel Hash ** Line 319: '''RegressionNet''' Genesis Hash * '''src/chainparamsbase.cpp''' ** Line 35: MainNet RCP Port ** Line 48: TestNet RPC Port ** Line 62: Regession Net RPC Port ===src/amount.h=== On line 31 we will edit are Max coins: <pre> static const CAmount MAX_MONEY = 21000000 * COIN; </pre> will change this to 33,333,333 coins <pre> static const CAmount MAX_MONEY = 33333333 * COIN; </pre> ===src/validation.cpp=== Path <code>/home/$USER/N33B/N33Bcoin/src/validation.cpp</code> The block of code we are looking for starts on line 1166: <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy = 50 * COIN; // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years. nSubsidy >>= halvings; return nSubsidy; } </pre> On line 1173 you should see this line: <pre> CAmount nSubsidy = 50 * COIN; </pre> This is the rewards for mining coins, the default is 50, we are changinf rewards to 333 coins per block mined. <pre> CAmount nSubsidy = 333 * COIN; </pre> ====Premined coins==== We also need to add a contidtion for are premined coins - in the first block will mine 33%, thats 11,111,111 coins <pre> CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams) { int halvings = nHeight / consensusParams.nSubsidyHalvingInterval; // Force block reward to zero when right shift is undefined. if (halvings >= 64) return 0; CAmount nSubsidy; if (nHeight == 1) nSubsidy = 11111111 * COIN; else nSubsidy = 333 * COIN; // Subsidy is cut in half every 33,333 blocks which will occur approximately every 231 days. nSubsidy >>= halvings; return nSubsidy; } </pre> This condition means IF first block reward 11,111,111 coins, Else(after first blocked mined) rewards per block are 333 coins. <div class="toccolours mw-collapsible mw-collapsed"> What's Changed and Why: <div class="mw-collapsible-content"> <b>What's Changed and Why:</b> * '''CAmount nSubsidy;''' ** The variable `nSubsidy` is now declared but not immediately assigned a value. This allows flexibility to set its value based on certain conditions. * '''New Condition: `if (nHeight == 1)''' ** This new condition checks if the block height is 1, meaning this is the very first block in the blockchain (often called the "genesis block"). ** This condition is used to assign a special, much larger subsidy for the first block. * '''nSubsidy = 11111111 * COIN;''' ** If it is the first block (`nHeight == 1`), the subsidy is set to 11,111,111 coins. This is a huge reward for the genesis block, likely for initial distribution or other specific reasons. * '''else nSubsidy = 333 * COIN;''' ** For all other blocks (not the first one), the reward is set to 333 coins. This is a significant change from the original 50 coins, suggesting a different reward structure for this cryptocurrency. </div> </div> ===src/qt/n33bcoinunits.cpp=== * Line 39: Code Block <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("BTC"); case mBTC: return QString("mBTC"); case uBTC: return QString::fromUtf8("μBTC"); default: return QString("???"); } } </pre> * Change BTC your coin symbol to N33B <pre> QString N33BcoinUnits::name(int unit) { switch(unit) { case BTC: return QString("N33B"); case mBTC: return QString("mN33B"); case uBTC: return QString::fromUtf8("μN33B"); default: return QString("???"); } } </pre> ===src/chainparams.cpp=== ====Line 53 Change Time Stamp Message==== <code> const char* pszTimestamp = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks";</code> To <code> const char* pszTimestamp = "N33B's for Noob's at CompleteNoobs.com";</code> ====Line 54 Change Genesis Pub Key==== <code> 54 const CScript genesisOutputScript = CScript() << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f") << OP_CHECKSIG; </code> We are going to change to the public key we used to create are genesis block. <code> const CScript genesisOutputScript = CScript() << ParseHex("049bd17782313a0263154a37b7adb5f773e3a95e08eba879d6a8f1c9e614e41b33f85129d0f9820a464d2ae136abaa4144d258df6729dfd7c6a18498148b59fadf") << OP_CHECKSIG;</code> ====Line 73 HalvingInterval==== <code> consensus.nSubsidyHalvingInterval = 210000;</code> Block intervals of bitcoin is every 10 mins, as you can see on '''[[#Line 80 Target Block Creation''']] * 60 mins per hour x 24 hours per day = 1440 mins a day * 1440 mins at one block each 10 mins = 144 block per day ish * 144 * 365 = 52,560 blocks per year ish * 52,560 * 4 = 210,240 blocks every four years ish So bitcoin halves its rewards every 4 years ish as it passes 210,000 blocks and carrys on halving every 210,000 blocks later. We reward 333 coins per block and will be out of coins around 667,334 blocks. * Preminded 11,111,111 coins * 22,222,222 left * at 333 per block all will be gone in 66,733 blocks time unless we halve before then * We are going to keep are block time of 10 mins and have a halving at 33,333 blocks so it will halve around 231 days <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Line 74 - 77 MainNet BIP Section==== <pre> 74 consensus.BIP34Height = 227931; 75 consensus.BIP34Hash = uint256S("0x000000000000024b89b42a942fe0d9fea3bb44ab7bd1b19115dd6a759c0808b8"); 76 consensus.BIP65Height = 388381; // 000000000000000004c2b624ed5d7756c508d90fd0da2c7c679febfa6c4735f0 77 consensus.BIP66Height = 363725; // 00000000000000000379eaa19dce8c9b722d46ae6a57c2f1a988119488b50931 </pre> * Set BIP34/65/66 to 0 for new chain—modern rules from genesis. Adjust BIP34 to 100 if mining fails. * Line 75 Replace with you <b>Main Net parametersGenesis Hash</b> <pre> 74 consensus.BIP34Height = 0; 75 consensus.BIP34Hash = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); 76 consensus.BIP65Height = 0; 77 consensus.BIP66Height = 0; </pre> ==== Line 85 - 103 '''MainNet''' Deployment and Chain Work Section ==== ===== Line 86 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start date is irrelevant—set to 0 for immediate activation on new chain. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 87 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. 9,999,999,999 Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 91 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016</code> * Reason changed: Bitcoin’s 2016 start is moot—set to 0 for CSV active from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 92 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 96 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016</code> * Reason changed: Bitcoin’s 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 97 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 100 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5");</code> * Reason changed: Bitcoin’s 2017 work is massive—set to 0 for a new chain with no work yet. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 103 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354</code> * Reason changed: Bitcoin’s block 453354 is irrelevant—set to N33Bcoin’s genesis hash for fast sync from block 0. Changed: <code>consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4");</code> =====Before and After Changes===== <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1462060800; // May 1st, 2016 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1479168000; // November 15th, 2016 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1510704000; // November 15th, 2017 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x0000000000000000000000000000000000000000003f94d1ad391682fe038bf5"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x00000000000000000013176bf8d7dfeab4e1db31dc93bc311b436e82ab226b90"); //453354 </pre> * Set CSV/SegWit to active from genesis (nStartTime = 0, nTimeout = far future). Reset chain work to minimal. Set assume valid to genesis hash. <pre> 85 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].bit = 28; 86 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0; 87 consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999; 89 // Deployment of BIP68, BIP112, and BIP113. 90 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].bit = 0; 91 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0; 92 consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999; 94 // Deployment of SegWit (BIP141, BIP143, and BIP147) 95 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].bit = 1; 96 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0; 97 consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999; 99 // The best chain should have at least this much work. 100 consensus.nMinimumChainWork = uint256S("0x00"); 102 // By default assume that the signatures in ancestors of this block are valid. 103 consensus.defaultAssumeValid = uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"); </pre> ====Line 110 Magic Bytes==== * [[Hex_numbers_explained| Hex numbers explained]] * [[Python3_Script_for_Random_Magic_Bytes| Link to python script for random values]] The pchMessageStart array is a crucial component in cryptocurrency network protocols, often referred to as the "magic bytes" or "network magic." It serves as a unique identifier for a specific cryptocurrency network. These values are in hexadecimal format, representing four bytes that form a sequence unlikely to occur in normal data. If you're creating a new cryptocurrency by forking Bitcoin, you should change these values. Using unique values prevents your new coin's network from interfering with Bitcoin's network or other existing networks. <pre> 110 pchMessageStart[0] = 0xf9; 111 pchMessageStart[1] = 0xbe; 112 pchMessageStart[2] = 0xb4; 113 pchMessageStart[3] = 0xd9; </pre> * Gonna change mine to <pre> pchMessageStart[0] = 0xfe; pchMessageStart[1] = 0x93; pchMessageStart[2] = 0xd2; pchMessageStart[3] = 0xe2; </pre> ====Line 114 Change Main Net Default Port==== * Line 114 <code>nDefaultPort = 8333;</code> * Changing to port 3333 <code>nDefaultPort = 3333;</code> ====Line 117 Change Main Net Nonce TimeStamp Coin_Rewards==== * Original <code> genesis = CreateGenesisBlock(1231006505, 2083236893, 0x1d00ffff, 1, 50 * COIN);</code> * Syntax of line 117 <code>genesis = CreateGenesisBlock(<UNIX_TIME_STAMP>, <NONCE>, <DIFF_BITS>, <NHEIGHT>, <AMOUNT_OF_COINS_REWARD> * COIN);</code> * we are just going to append/change are UnixTimeStamp, Nonce and CoinReward <code> genesis = CreateGenesisBlock(1733333333, 221118658, 0x1d00ffff, 1, 333 * COIN);</code> ====Line 119 Change Genesis Hash==== <code>assert(consensus.hashGenesisBlock == uint256S("0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"));</code> * Change to your genesis hash for Main Net <code> assert(consensus.hashGenesisBlock == uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"));</code> ====Line 120 Change Merkel Hash==== <code> assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Change to your merkel hsh for Main net <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 129: OPTIONAL - Address Prefix - Change Starting Symbol==== * This version of N33Bcoin is kept the same as bitcoin by leading with a <b>1</b> Symbol in the public addresses, you can change this just like LiteCoin did by having there public addresses start with an <b>L</b> Symbol Blockchain currencies like Bitcoin use special encoded strings to represent addresses. <br> These strings typically follow a format called Base58Check, where a prefix (a single byte) determines the first character of the address.<br> * Line 129 (of bitcoin 0.14.3): Chainparams.cpp - this is bitcoins default and the leading symbol for the public adddress is <b>1</b> <code>base58Prefixes[PUBKEY_ADDRESS] = std::vector<unsigned char>(1,0);</code> * In LiteCoin this was changed to start with an <b>L</b> by using the prefix <b>48</b> <code>base58Prefixes[PUBKEY_ADDRESS] = std::vector<unsigned char>(1,48);</code> * To start the Leading symbol of the Public Address with an <b>N</b> we change the prefix to <b>53</b> <code>base58Prefixes[PUBKEY_ADDRESS] = std::vector<unsigned char>(1,53);</code> * [[NoobCoin_List_of_address_prefixes| You can Find/See the the Starting Symbol for each prefix here]] ====Check Point - Lines 142 - 157 ==== <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) 145 ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> These lines contain a blocknumber and there hash value, we are starting a new coin and these have no value to us. We have one genesis block. <code> ( 11111, uint256S("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))</code> * We are going to append/change line 144, to block zero and are Main net genesis block hash. <code> ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4"))</code> and comment out the remaining lines in this code block. lines 145 - 156 <pre> 142 checkpointData = (CCheckpointData) { 143 boost::assign::map_list_of 144 ( 0, uint256S("0x0000000091635cd5cc6736960f1fb22d91475b7835a55793bd034342be5ed2c4")) 145 // ( 33333, uint256S("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) 146 // ( 74000, uint256S("0x0000000000573993a3c9e41ce34471c079dcf5f52a0e824a81e7f953b8661a20")) 147 // (105000, uint256S("0x00000000000291ce28027faea320c8d2b054b2e0fe44a773f3eefb151d6bdc97")) 148 // (134444, uint256S("0x00000000000005b12ffd4cd315cd34ffd4a594f430ac814c91184a0d42d2b0fe")) 149 // (168000, uint256S("0x000000000000099e61ea72015e79632f216fe6cb33d7899acb35b75c8303b763")) 150 // (193000, uint256S("0x000000000000059f452a5f7340de6682a977387c17010ff6e6c3bd83ca8b1317")) 151 // (210000, uint256S("0x000000000000048b95347e83192f69cf0366076336c639f9b7228e9ba171342e")) 152 // (216116, uint256S("0x00000000000001b4f4b433e81ee46494af945cf96014816a4e2370f11b23df4e")) 153 // (225430, uint256S("0x00000000000001c108384350f74090433e7fcf79a606b8e797f065b130575932")) 154 // (250000, uint256S("0x000000000000003887df1f29024b06fc2200b55f8af8f35453d7be294df2d214")) 155 // (279000, uint256S("0x0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40")) 156 // (295000, uint256S("0x00000000000000004d9b4ef50f0f9d686fd69db2e03af35a100370c64632a983")) 157 }; </pre> ====Line 161 Change Time Stamp==== <pre> 161 1483472411, // * UNIX timestamp of last known number of transactions </pre> * Change to the time stamp we are using <pre> 1733333333, // * UNIX timestamp of last known number of transactions</pre> ====Line 162 Change Number Of Transactions==== <pre> 184495391, // * total number of transactions between genesis and that timestamp</pre> * Change to Zero <pre> 0, // * total number of transactions between genesis and that timestamp</pre> ====TestNet Halving Interval==== <code>177 consensus.nSubsidyHalvingInterval = 210000;</code> * Change to same as are main net <code> consensus.nSubsidyHalvingInterval = 33333;</code> ====Lines 178 - 181 TestNet BIP section==== <pre> 178 consensus.BIP34Height = 21111; 179 consensus.BIP34Hash = uint256S("0x0000000023b3a96d3484e5abb3755c413e7d41500f8e2a5c3f0dd01299cd8ef8"); 180 consensus.BIP65Height = 581885; // 00000000007f6655f22f98e72ed80d8b06dc761d5da09df0fa1dc4be4f861eb6 181 consensus.BIP66Height = 330776; // 000000002104c8c45e99a8853285a3b592602a3ccde2b832481da85e9e4ba182 </pre> * Change values to zero and replace TestNet Genesis Hash <pre> 178 consensus.BIP34Height = 0; 179 consensus.BIP34Hash = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"); 180 consensus.BIP65Height = 0; 181 consensus.BIP66Height = 0; </pre> ==== Lines 189 - 207 TestNet Deployment Section ==== ===== Line 190 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 1199145601; // January 1, 2008</code> * Reason changed: Bitcoin’s 2008 start is irrelevant—set to 0 for immediate activation on TestNet. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nStartTime = 0;</code> ===== Line 191 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 1230767999; // December 31, 2008</code> * Reason changed: 2008 timeout disables it—set to far future so test deployment never expires. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_TESTDUMMY].nTimeout = 9999999999;</code> ===== Line 195 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 1456790400; // March 1st, 2016</code> * Reason changed: Bitcoin's 2016 start doesn’t apply—set to 0 for CSV from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = 0;</code> ===== Line 196 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 1493596800; // May 1st, 2017</code> * Reason changed: 2017 timeout disables it—set to far future so CSV stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = 9999999999;</code> ===== Line 200 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 1462060800; // May 1st 2016</code> * Reason changed: Bitcoin's 2016 start doesn’t apply—set to 0 for SegWit from genesis. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nStartTime = 0;</code> ===== Line 201 ===== Default: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 1493596800; // May 1st 2017</code> * Reason changed: 2017 timeout disables it—set to far future so SegWit stays active. Changed: <code>consensus.vDeployments[Consensus::DEPLOYMENT_SEGWIT].nTimeout = 9999999999;</code> ===== Line 204 ===== Default: <code>consensus.nMinimumChainWork = uint256S("0x00000000000000000000000000000000000000000000001f057509eba81aed91");</code> * Reason changed: Bitcoin's work is irrelevant—set to 0 for a new TestNet chain. Changed: <code>consensus.nMinimumChainWork = uint256S("0x00");</code> ===== Line 207 ===== Default: <code>consensus.defaultAssumeValid = uint256S("0x00000000000128796ee387cf110ccb9d2f36cffaf7f73079c995377c65ac0dcc"); //1079274</code> * Reason changed: Bitcoin's block 1079274 doesn’t apply—set to TestNet genesis for fast sync. Changed: <code>consensus.defaultAssumeValid = uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c");</code> ====TestNet Default Port - Line 213==== <code>213 nDefaultPort = 18333;</code> * Change to another port , picking 13333 <code>nDefaultPort = 13333;</code> ====Line 216: TestNet Time Stamp and Nonce==== <code>216 genesis = CreateGenesisBlock(1296688602, 414098458, 0x1d00ffff, 1, 50 * COIN);</code> * change/append timestamp, nonce and coin rewards - TimeStamp, Nonce, nBits and CoinRewards from your Test Net <code> genesis = CreateGenesisBlock(1733333334, 511144, 0x1e0ffff0, 1, 333 * COIN);</code> ====Line 218: TestNet Genesis Hash Block==== <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"));</code> * Changed to <code>218 assert(consensus.hashGenesisBlock == uint256S("0x000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c"));</code> ====Line 219: TestNet Merkel Hash Block==== <code>219 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * Changed to <code> assert(consensus.hashGenesisBlock == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ==== Line 245 TestNet checkpointData ==== Default: <code>( 546, uint256S("000000002a936ca763904c3c35fce2f3556c559c0214345d31b1bcebf76acb70")),</code> * Reason changed: Bitcoin TestNet checkpoint irrelevant—set to height 0 with N33Bcoin TestNet genesis hash for new chain. Changed: <code>( 0, uint256S("000001b7cbb2e5ae084fdd6934c9962fd8ff27cb7c27e02e415d2da6fe214a8c")),</code> * Note: Removed "0x" from hash string—matches Bitcoin style, prevents parsing error in uint256S. ====Line 250 - Testnet chainTxData TimeStamp==== <code>250 1483546230,</code> * Change to your timestamp <code>1733333334,</code> ====Line 251 - Testnet chainTxData block count==== <code>251 12834668,</code> * change block count to zero <code> 0,</code> ==== RegTest BIP Section ==== ===== Line 267 ===== Default: <code>consensus.BIP34Height = 100000000; // BIP34 has not activated on regtest (far in the future so block v1 are not rejected in tests)</code> * Reason changed: Delays BIP34—set to 0 for modern rules from genesis, consistent with MainNet/TestNet. Changed: <code>consensus.BIP34Height = 0;</code> ===== Line 268 ===== Default: <code>consensus.BIP34Hash = uint256();</code> * Reason changed: Empty hash irrelevant—set to RegTest genesis for BIP34 activation at block 0. * NOTE: the <code>S</code> at the end of <code>uint256S</code> append the '''S''', remove the <code>0x</code> or it would be too long and make sure RegNet Hash is wrapped in "comment-hash". * The quotes <code>""</code> tell the compiler that this is a string, not a number. * '''uint256S''' will parse the string as a hexadecimal value and construct the '''uint256''' object accordingly. Changed: <code>consensus.BIP34Hash = uint256S("65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127");</code> ===== Line 269 ===== Default: <code>consensus.BIP65Height = 1351; // BIP65 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP65 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP65Height = 0;</code> ===== Line 270 ===== Default: <code>consensus.BIP66Height = 1251; // BIP66 activated on regtest (Used in rpc activation tests)</code> * Reason changed: Bitcoin’s test height—set to 0 for BIP66 from genesis, matches MainNet/TestNet. Changed: <code>consensus.BIP66Height = 0;</code> ====Line 298: RegressionNet Default Port==== <code>298 nDefaultPort = 18444;</code> * change port number <code> nDefaultPort = 13337;</code> ====Line 301 RegressionNet Time Stamp Nonce Coin_Rewards ==== <code>301 genesis = CreateGenesisBlock(1296688602, 2, 0x207fffff, 1, 50 * COIN);</code> * Change to your timestamp , nonce and coin rewards <code> genesis = CreateGenesisBlock(1733333335, 0, 0x207fffff, 1, 333 * COIN);</code> ====Line 303: RegressionNet Genesis Block Hash==== <code>303 assert(consensus.hashGenesisBlock == uint256S("0x0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));</code> * replace with your reg net genesis hash <code> assert(consensus.hashGenesisBlock == uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"));</code> ====Line 304 RegressionNet Merkel Hash==== <code>304 assert(genesis.hashMerkleRoot == uint256S("0x4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"));</code> * replace with your reg net merkel hash <code> assert(genesis.hashMerkleRoot == uint256S("0x96908dea6891a3cc8751ed962736bbc1f4129c5c2fa7f44333def15ce86c4388"));</code> ====Line 316: RegressionNet Genesis Hash==== <code>316 ( 0, uint256S("0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"))</code> * change to your reg nets genesis hash <code> ( 0, uint256S("0x65ea097e012bad431eb912fc43abcc7c809d648a85cda433e73a0a9f9409a127"))</code> === src/chainparamsbase.cpp - API ports === <div class="toccolours mw-collapsible mw-collapsed"> Changing RPC port number info: <div class="mw-collapsible-content"> When forking Bitcoin, changing the nRPCPort = 8332; is generally recommended, though not strictly necessary. Here are the reasons and benefits for doing so: '''Avoiding Conflicts:''' If you run both Bitcoin and your forked cryptocurrency on the same machine or network, keeping the same RPC port (9332) would cause a conflict. By changing the port number, you ensure that both services can run simultaneously without interfering with each other. '''Network Configuration:''' Different cryptocurrencies should ideally use different ports to avoid confusion and ensure clear network configuration. This helps in managing firewall rules and network policies more effectively. '''Security:''' Using a non-standard port for your forked cryptocurrency can add a layer of security through obscurity. While not a robust security measure, it can help reduce the risk of automated attacks targeting known ports like 8332. '''Customization:''' Changing the RPC port is part of customizing your fork to distinguish it from Bitcoin. This can be important for branding and ensuring that users and developers recognize it as a separate entity. In summary, while it's not mandatory to change the RPC port when forking Bitcoin, doing so can help avoid conflicts, improve network management, and provide a clearer distinction between your fork and the original Bitcoin network. </div> </div> ====line 35 - Main net RCP port==== <pre> nRPCPort = 8332; </pre> RPC port is used to connect to coin api, its used to create a web wallet and moblie wallet. <pre> nRPCPort = 3366; </pre> ====Line 48 - test net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12333 <pre> nRPCPort = 12333; </pre> ====line 62 - regession net RPC port==== <pre> nRPCPort = 18332; </pre> Changing to 12345 <pre> nRPCPort = 12345; </pre> * We are pretty much done with customizing the code base, we just need an IP address to append to chainparams.cpp and we are good to go. ===src/chainparamsseeds.h=== * Delete content of <code>src/chainparamsseeds.h</code> and replace with just: <pre> #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> The <code>chainparamsseeds.h</code> file contains hardcoded seed nodes for the main network (pnSeed6_main), which are currently set to Bitcoin’s seed nodes (e.g., IPs like 2.7.8.12 on port 8333). These seeds will cause your node to attempt connections to Bitcoin peers, which isn’t what we want for N33Bcoin. * By modifying the seed arrays for both mainnet and testnet to empty, we can keep the file structure intact while removing the Bitcoin seed nodes, preventing are node from trying to connect to them. <div class="toccolours mw-collapsible mw-collapsed"> Hexadecimal - Chainparamsseeds.h - Quick Notes <div class="mw-collapsible-content"> <pre> Hex Symbol Values: 0,1,2,3,4,5,6,7,8,9,a=10,b=11,c=12,d=13,e=14,f=15 Hex is in a Block of 2, [01]=1, The First number/symbol (the one on the left), is Times by 16, and the Second number/symbol is added. 01 = 0x16, plus 1 = 01 A4 = 10x16, plus 4 = 164 E4 = 14x16, plus 4 = 228 FF = 15X16, plus 15 = 255 To work out the values of 104.194.157.52 and port 3333 static SeedSpec6 pnSeed6_main[] = {}; static SeedSpec6 pnSeed6_test[] = {}; IPv6 Mapping: {{Use 10 0x00, 2 0xff, then the 4 hex bytes} <port>}. 104 in hex: 6x16 = 96 + 8 = 104 InHex= '68' 194 in hex: c(12)x16=192 + 2 = 194 InHex= 'c2' 157 in hex: 9x16=144 + d(13)= 157 InHex= '9d' 52 in hex: 3x16=48 + 4 = 52 InHex= '34' #ifndef BITCOIN_CHAINPARAMSSEEDS_H #define BITCOIN_CHAINPARAMSSEEDS_H static SeedSpec6 pnSeed6_main[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; static SeedSpec6 pnSeed6_test[] = {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0x68,0xc2,0x9d,0x34} 3333}; #endif // BITCOIN_CHAINPARAMSSEEDS_H </pre> </div> </div> == Container and VPS Setup == * Vultr with affiliate link: https://www.vultr.com/?ref=7704739 Most VPS providers frown on mining unless it’s their explicit service—fair enough, it hogs resources! To work around this, we’ll: * Spin up an Ubuntu 18.04 container locally (18.04 keeps coin building simple). * Pair it with a low-cost VPS running Ubuntu 24.04, tunneling all traffic from the container to the VPS’s public IP. This setup gives us: * A public-facing IP without poking holes in our home router. * Local mining control, keeping private keys secure—because a VPS is just someone else’s machine, and we don’t trust it with our keys! ===LXD Quick Container Setup=== ===LXD Quick Container Setup=== * Its pretty simple once you know. ===Installing and setup LXD=== <code>sudo snap install lxd</code> <code>sudo lxd init</code> * Just press '''ENTER''' for all defaults * add user to lxd group (optional), will mean you do not need '''sudo''' to use lxc commands * NOTE: you will need to logout and login for changes to take effect. <code>sudo adduser $USER lxd</code> <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip <div class="mw-collapsible-content"> * '''These changes only apply to the current terminal session.''' If you open a new terminal session you have to repeat. On Ubuntu 24.04 using Bash, you can use the newgrp command. Here's how you can do it: * First, add your user to the lxd group: <pre> sudo adduser $USER lxd </pre> Then, to apply the changes immediately without logging out, use: <pre> newgrp lxd </pre> The newgrp command starts a new shell session with the updated group membership. This allows you to immediately use the permissions granted by the new group without logging out and back in. Alternatively, you can also use: <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. * '''Remember, these changes only apply to the current terminal session.''' If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===Launching your container=== * for the Build its important we use '''18.04''' ** May want to get ubuntu pro free for 5 devices - to keep 1804 updated ** https://ubuntu.com/pro/dashboard <code>lxc launch ubuntu:18.04 n33b</code> * '''syntax''' <code><command> <image> <container_name></code> <div class="toccolours mw-collapsible mw-collapsed"> <code>lxc launch ubuntu:18.04 n33b</code> - explained <div class="mw-collapsible-content"> To create and start your first LXC container, use the following command: <code>lxc launch ubuntu:18.04 n33b</code> This command does the following: * '''lxc launch''': Tells LXD to create and start a new container * '''ubuntu:18.04''': Specifies the image to use (Ubuntu 18.04 in this case) * '''n33b''': This is the name you're giving to your new container After running this command, LXD will download the Ubuntu 18.04 image (if it hasn't already) and create a new container named "n33b" based on this image. To see other available images, you can use: <code>lxc image list images:</code> This will show a list of available images from the default remote. You can also specify different versions or distributions, for example: * <code>lxc launch ubuntu:20.04 mycontainer</code> for Ubuntu 20.04 * <code>lxc launch debian:10 mydebian</code> for Debian 10 * <code>lxc launch centos:8 mycentos</code> for CentOS 8 To get more detailed information about available images, use: <code>lxc image list images: | grep -i ubuntu</code> Replace "ubuntu" with any other distribution name to see its available versions. Remember, the container name (like "n33b" in the example) must be unique within your LXD installation. </div> </div> * If you see this error - you need to use '''sudo''' or add user to lxd group <pre> lxc launch ubuntu:18.04 n33b Error: LXD unix socket "/var/snap/lxd/common/lxd/unix.socket" not accessible: permission denied </pre> * To see your container <code>lxc ls</code> ===Login to container=== <code>lxc exec n33b bash</code> * Prompt should now be changed to <code>root@n33b:~#</code> ** <code>root@<container_name>:~#</code> * This would be a good time to sign up to and enable ubuntu pro in the 1804 container https://ubuntu.com/pro/dashboard ** <code>sudo pro attach C12trandomcharsXFVhrRSveGOd4</code> * Update container <code>apt update && apt upgrade -y</code> ==== Ubuntu Pro for 1804 Containers ==== * super useful for ubuntu 1804, with pro has support till 2027 * Free For Five Boxes/Devices <code>https://ubuntu.com/pro/dashboard</code> <code>sudo pro attach 8dc6560abd396b3871f37b80ec</code> <code>sudo pro status</code> <code>sudo pro detach</code> ==In Container wireguard installation and setup== ===Install wireguard=== <code>apt install wireguard -y</code> * This will be the Client - for the container ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== * Vultr link with Affiliate code: https://www.vultr.com/?ref=9638414-9J First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==Back to Host== Now we have * A container with a public IP address * Source code for are coin Lets append are IP adress to are <code>src/chainparams.cpp</code> file and make a exportable/shareable backup. ===Append IP to <code>src/chainparams.cpp</code>=== <div class="toccolours mw-collapsible mw-collapsed"> If i was going to change or add ips/domains do i need to recomplie? Yep: <div class="mw-collapsible-content"> Yes, if you want to change or add new IPs/domains in the `CDNSSeedData` section of `src/chainparams.cpp`, you will need to edit the file and recompile the code. The `CDNSSeedData` entries are hardcoded into the source code, and when you compile the code, these values are baked into the resulting binary. Therefore, any changes to the seed nodes will require: *Editing the `src/chainparams.cpp` file**: Modify the list of `CDNSSeedData` entries to include your new IPs or domains. *Recompiling the source code**: Once you've made your changes, you need to recompile the project so that the new seed nodes are included in the binary. *Restarting your nodes**: After recompiling, you would need to distribute the new binary to your nodes and restart them to ensure they use the updated seed list. This process is necessary because the seed nodes are part of the initial configuration that helps nodes discover peers when they first start up. Any changes to these seeds require the software itself to be updated and redeployed. </div> </div> ====Main Net DNS lines 123 - 127==== <code>$EDITOR /home/$USER/N33B/N33Bcoin/src/chainparams.cpp</code> * Line 123 <code>src/chainparams.cpp</code> <pre> 123 vSeeds.push_back(CDNSSeedData("n33bcoin.sipa.be", "seed.n33bcoin.sipa.be", true)); // Pieter Wuille, only supports x1, x5, x9, and xd </pre> We are going to Change to are servers address <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> At current time we only have one default node, so we comment out line 124 to 127 <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "dnsseed.bluematt.me", true)); // Matt Corallo, only supports x9 // vSeeds.push_back(CDNSSeedData("dashjr.org", "dnsseed.n33bcoin.dashjr.org")); // Luke Dashjr // vSeeds.push_back(CDNSSeedData("n33bcoinstats.com", "seed.n33bcoinstats.com", true)); // Christian Decker, supports x1 - xf // vSeeds.push_back(CDNSSeedData("n33bcoin.jonasschnelli.ch", "seed.n33bcoin.jonasschnelli.ch", true)); // Jonas Schnelli, only supports x1, x5, x9, and xd </pre> ====Test net DNS lines 224 - 227==== * Line 224 - ip adderss <pre> 224 vSeeds.push_back(CDNSSeedData("testnetn33bcoin.jonasschnelli.ch", "testnet-seed.n33bcoin.jonasschnelli.ch", true)); </pre> Change to server ip <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); </pre> and comment out the other 3 lines <pre> vSeeds.push_back(CDNSSeedData("12.34.56.78", "12.34.56.78", true)); // vSeeds.push_back(CDNSSeedData("petertodd.org", "seed.tbtc.petertodd.org", true)); // vSeeds.push_back(CDNSSeedData("bluematt.me", "testnet-seed.bluematt.me")); // vSeeds.push_back(CDNSSeedData("n33bcoin.schildbach.de", "testnet-seed.n33bcoin.schildbach.de")); </pre> ==Create BackUp Tar Archive== At this point you may want to make a backup. * In work directory = <code>/home/$USER/N33B</code> <code>tar -zcvf N33Bcoin.0.0.1.tar.gz N33Bcoin</code> * Going to save in directory <code>/home/$USER/N33B</code> * Syntax = <code>tar -zcvf /path/to/save/archive_name.tar.gz /path/to/directory_name</code> Now we Should have <code>N33Bcoin.0.0.1.tar.gz</code> lets start building are coin. ===Move N33Bcoin.0.0.1.tar.gz to Container=== Lets Move are source code to are container. * File on Host:<code>/home/$USER/N33B/N33Bcoin.0.0.1.tar.gz</code> * Container Name: <code>n33b</code> ** Container Name can be found with <code>lxc list</code> * On Host: <code>lxc file push /home/$USER/N33B/N33Bcoin.0.0.1.tar.gz n33b/home/ubuntu/</code> * '''ubuntu''' is the name of the ubuntu containers default user account ==Return to container as user '''ubuntu'''== <code>lxc exec n33b -- su - ubuntu</code> Now are source code <code>N33Bcoin.0.0.1.tar.gz</code> should be in are home directory. Before we start using it, we need to install and build some dependencies software. ===Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <!-- These notes wherer required to build db on 24.04 - coin build would require way too much work so skipped. <code>$EDITOR db-4.8.30.NC/dbinc/atomic.h</code> Find the function <b>__atomic_compare_exchange</b> (line 147 and 179) and rename it to <b>__db_atomic_compare_exchange</b>. save and exit --> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> If you received error, are you building in ubuntu 18.04? these build instrutions are reproduable for 18.04 and not other versions of ubuntu. * A block chain requires min 2 nodes, so this would be a good time to snapshot your container. ====SNAPSHOT your container==== * This will save loads of time creating a second node later. * In a Terminal on HOST * Stop Container <code>lxc stop n33b</code> * snapshot <code>lxc snapshot n33b one</code> * start container <code>lxc start n33b</code> * Log in as ubuntu user <code>lxc exec n33b -- su - ubuntu</code> ==Build the Coin== Just for the Genesis Node, or it will not work, it will try to sync with another node, which it can not do as its at block 0. * edit the file <code>src/rpc/mining.cpp</code> and comment out the lines 471 and 472: <pre> // if (IsInitialBlockDownload()) // throw JSONRPCError(RPC_CLIENT_IN_INITIAL_DOWNLOAD, "N33Bcoin is downloading blocks..."); </pre> If you stopped container to snapshot and logged back in (or using another terminal), then we need to re-set var.<br> <code>cd ~/db-4.8.30.NC/build_unix</code><br> <code>export BDB_PREFIX=$(pwd)</code><br> * Now thats done we can carry on <code>cd ~/</code><br> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> <!-- was for attempt build in 24.04 - not needed for 18.04 <code>sudo apt install bsdmainutils ncal</code> --> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> If you run into errors you can use:<br> <code>make > ../build.log 2>&1</code><br> This is print build info into file build.log ==Run Coin== * Path <code>cd /home/ubuntu/N33Bcoin/src</code> Going to first play around with Regression make sure everything is working, its supereasy to mine.<br> * Running regtest first will also create <code>~/.n33bcoin/</code> directory which we can create are <code>n33bcoin.conf</code> file for mainnet. ===Running Regression Net === * run reg net <code>./n33bcoind -regtest -daemon</code> ==== get blockchain info ==== <code>./n33bcoin-cli -regtest getblockchaininfo</code> * at the top you should see '''regtest''' <pre> "chain": "regtest", </pre> ====get wallet info==== <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ==== Generate 10 blocks==== <code>./n33bcoin-cli -regtest generate 10</code> <pre> [ "16fe73d5011e8e05cadb9e9dea43e58aa154ffcca891659cc59fbdfafe6f001c", "7803e298b6c57f8fc7ddac5da0e0696cc67524c9ee2bbbbbecdccfb01b364e79", "7c92afb2faed00d051edd22f85218416c394cd45ddadf413b9df808c0414ca7e", "29fe7bb17c984bd33c7e3d9cb4fa3ce1e47760ac22accded3aa25fd49aa87d91", "56d234a030af699a6aa824c8d95a9fabdcf56c9491ed30331ca2159188741c89", "272827808aad1efe0e752789acf6a28f25bc4ba2da905a8a6f5da00016ba286b", "23711e3856cf2e018ef02782eb546e87c9604781da6855bd136ef51fa5dd23e5", "7bd7e1e6183094c75e37d6605451ce7e7e1c23347e3b5c279c33196af916b1f2", "1c7e5fc29dc7c9b3a56e8f35becc3a0a8005e79ac1a84278f8a1f37c067f67b3", "3ac84dcf8be2849b347369de7bf6bb49d780cdf41e2c4abbe2ea0ae1b89bd26e" ] </pre> ====Check Balance==== <code>./n33bcoin-cli -regtest getbalance</code> <pre>0.00000000</pre> * You mined 10 blocks and have zero coins! that is because the coins have not mutured, it takes 100 blocks for newly created coins to muture and show up in your wallet. * you can see your '''immature_balance''' with the <code>getwalletinfo</code> command. <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 11114108.00000000, "txcount": 10, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====Get new addresses==== <code>./n33bcoin-cli -regtest getnewaddress</code> <pre> mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb </pre> ====Find addresses your wallet is currently using==== * To see all your current public addresses use <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -regtest listreceivedbyaddress 0 true</code> ====Mine to specific address==== * <code>./n33bcoin-cli -regtest generatetoaddress 101 "your-mainnet-address"</code> <code>./n33bcoin-cli -regtest generatetoaddress 101 "mhbyaq1oW4guMzVBefrj2yECXNzdHdiuXb"</code> =====Coins Matured===== <code>./n33bcoin-cli -regtest getbalance</code> <pre>11114441.00000000</pre> * and Immatured coins <code>./n33bcoin-cli -regtest getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 11114441.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 33300.00000000, "txcount": 111, "keypoololdest": 1744462932, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "d047e9559ee0a6657fe3011fe6f707fe3c2d797b" } </pre> ====stop regtest net==== * stop regtest <code>./n33bcoin-cli -regtest stop</code> ===Main Net=== * Running <code>-regtest</code> should of created a <code>~/.n33bcoin</code> directory for you. * Create <code>n33bcoin.conf</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 </pre> * run/start coin <code>./n33bcoind</code> * NOTE: if you did not create a n33bcoin.conf file and apply 'daemon=1', you can use the -daemon flag <code>./n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> Some debug tips: <div class="mw-collapsible-content"> * If n33bcoin hangs - <code>ps aux | grep n33bcoind</code> ** The <code>kill -9 PID_NUMBER</code> ** Also note: there is nothing wrong with '''turning it off and on again.''' * <code>./n33bcoind -debug=1</code> ** log is at ~/.n33bcoin/debug.log * <code>./n33bcoind -debug=1 -printtoconsole</code> ** will output to terminal, no output to debug.log </div> </div> ===Create and Add second node - the easy way=== <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Why a Dummy Node is Needed to Avoid <code>500 Internal Server Error</code> and Ensure Syncing</span> <div class="mw-collapsible-content"> <p>A dummy node is <strong>required</strong> for mining on the genesis node (main node) and to ensure other nodes can sync with your N33Bcoin network. Without it, you may encounter errors like:</p> <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> [2025-04-20 11:49:32] HTTP request failed: The requested URL returned error: 500 Internal Server Error </pre> <p><strong>Why does this happen?</strong> The main node needs at least one active peer to process the <code>getblocktemplate</code> RPC call used by <code>minerd</code> for mining. If the node is in Initial Block Download (IBD) or has no peers, this call fails, causing the 500 error. Additionally, if the main node is in IBD, it won’t serve blocks to other nodes, preventing them from syncing (e.g., stuck at <code>blocks: 0</code>).</p> <p><strong>How the dummy node fixes it:</strong></p> <ul> <li>Running a dummy node (e.g., on <code>127.0.0.1:3334</code>) provides an active peer, allowing <code>getblocktemplate</code> to succeed and mining to start.</li> <li>Mining generates new blocks, updating the chain tip’s timestamp, which helps the main node exit IBD.</li> <li>Once out of IBD, the main node can serve blocks to other nodes, enabling them to sync (e.g., to <code>blocks: 428</code>).</li> </ul> <p><strong>Why it’s easy to forget:</strong> The dummy node isn’t a standard Bitcoin requirement—it’s specific to N33Bcoin’s setup, possibly due to custom peer or RPC logic. Always run a dummy node when mining or syncing new nodes.</p> <p><strong>If you get the 500 error:</strong> Start a dummy node and add it to the main node’s peers with <code>addnode</code>. See the next section for setup instructions.</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> Without a dummy node, mining will fail, and new nodes won’t sync. Always include this step in your setup and document it to avoid surprises! </div> </div> </div> After first node ruuing with:<br> <code>./n33bcoind</code> * create a directory for second node <code>mkdir ~/.n33bcoin2</code> * make config file <code>$EDITOR ~/.n33bcoin2/n33bcoin.conf</code> * Note changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser1 rpcpassword=coinpassword1 rpcallowip=127.0.0.1 rpcport=3367 daemon=1 server=1 rpcbind=127.0.0.1 port=3334 </pre> * start node2 - note ports <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin2 -port=3334 -rpcport=3367</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3334" "add"</code> * Check node one <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * Check node two <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getblocktemplate</code> ==== Default Node User and Second Node User management ==== * The default user will be your main node '''~/.n33bcoin/''' * To use second node '''~/.n33bcoin2/''' you have to use/append non default port in commands: ** To run commands on second node, Add/Append <code>-rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1</code> *** '''rpcport''', '''rpcuser''', '''rpcpassword''' these values can be found in the <code>~/.<node_name>/n33bcoin.conf</code> file * For default wallet/node can use: <code>./n33bcoin-cli getwalletinfo</code> * Or to specify (optional) can use, the main nodes '''rpcport''', '''rpcuser''' and '''rpcpassword''' followed by <command>: <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getblocktemplate</code> * For the second node we created - we do need to specify <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getwalletinfo</code> <div class="toccolours mw-collapsible mw-collapsed"> How to stop second node: <div class="mw-collapsible-content"> * To run commands on a second or third ...ETC node - you need to enter: ** <code>-rpcport=<value></code> ** <code>-rpcuser=<username></code> ** <code>-rpcpassword=<password></code> ** followed by the command you wish to run on node <code>getbalance</code> ** Remember you store all these details in your <code>n33bcoin.conf</code> file for your node. <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 stop</code> </div> </div> == Mining blocks on your blockchain == Well you can try with:<br> <code>./n33bcoin-cli generate 1</code><br> But instead of seeing <pre> [ "some-block-hash" ] </pre> Your going to get empty brackets <pre> [ ] </pre> I cant remember the reason for this. But i know the fix. Install Mining software ===Address to send mined coins to=== First lets get a public key/address we can mine to. * Find old addresses <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> * Create new address <code>./n33bcoin-cli getnewaddress</code> * The address i will use <code>1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> ===Cpu Miner Install=== <code>cd ~</code> <code>sudo apt update</code> <code>sudo apt install -y build-essential libcurl4-openssl-dev</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> ===Mine some Coins=== * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj</code> * YAY, back to the days when you could find bitcoin blocks with a simple CPU <pre> [2025-04-12 19:31:17] Binding thread 0 to cpu 0 [2025-04-12 19:31:17] Binding thread 1 to cpu 1 [2025-04-12 19:31:17] 4 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:31:17] Binding thread 2 to cpu 2 [2025-04-12 19:31:17] Binding thread 3 to cpu 3 [2025-04-12 19:31:17] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:31:17] thread 1: 2097152 hashes, 10099 khash/s [2025-04-12 19:31:17] thread 0: 2097152 hashes, 10094 khash/s [2025-04-12 19:31:17] thread 3: 2097152 hashes, 10093 khash/s [2025-04-12 19:31:17] thread 2: 2097152 hashes, 10032 khash/s [2025-04-12 19:32:17] thread 2: 601912088 hashes, 10080 khash/s [2025-04-12 19:32:17] thread 0: 605611536 hashes, 10108 khash/s [2025-04-12 19:32:17] thread 3: 605564904 hashes, 10102 khash/s [2025-04-12 19:32:17] thread 1: 605946928 hashes, 10104 khash/s [2025-04-12 19:33:17] thread 2: 604824240 hashes, 10080 khash/s [2025-04-12 19:33:17] thread 0: 606506104 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 1: 606263288 hashes, 10109 khash/s [2025-04-12 19:33:17] thread 3: 606114016 hashes, 10102 khash/s [2025-04-12 19:34:17] thread 0: 596676992 hashes, 9883 khash/s [2025-04-12 19:34:17] accepted: 1/1 (100.00%), 40174 khash/s (yay!!!) [2025-04-12 19:34:17] LONGPOLL pushed new work [2025-04-12 19:34:17] thread 2: 597009344 hashes, 9856 khash/s [2025-04-12 19:34:17] thread 1: 596347864 hashes, 9882 khash/s [2025-04-12 19:34:17] thread 0: 184 hashes, 8762 khash/s [2025-04-12 19:34:17] thread 3: 596226344 hashes, 9881 khash/s [2025-04-12 19:35:11] thread 0: 525714288 hashes, 9775 khash/s [2025-04-12 19:35:17] thread 0: 58652240 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 1: 592942512 hashes, 9784 khash/s [2025-04-12 19:35:18] thread 3: 592834720 hashes, 9780 khash/s [2025-04-12 19:35:18] thread 2: 591387224 hashes, 9754 khash/s [2025-04-12 19:36:17] thread 1: 577261400 hashes, 9784 khash/s [2025-04-12 19:36:17] thread 2: 575496480 hashes, 9756 khash/s [2025-04-12 19:36:17] thread 3: 576993520 hashes, 9776 khash/s [2025-04-12 19:36:17] thread 0: 586785384 hashes, 9780 khash/s [2025-04-12 19:37:17] thread 3: 586568712 hashes, 9700 khash/s [2025-04-12 19:37:17] thread 2: 585369888 hashes, 9645 khash/s [2025-04-12 19:37:18] thread 1: 587018480 hashes, 9656 khash/s [2025-04-12 19:37:18] thread 0: 586791168 hashes, 9631 khash/s [2025-04-12 19:37:43] thread 0: 247017896 hashes, 9757 khash/s [2025-04-12 19:37:43] accepted: 2/2 (100.00%), 38758 khash/s (yay!!!) [2025-04-12 19:37:43] LONGPOLL pushed new work [2025-04-12 19:37:43] thread 2: 250694904 hashes, 9748 khash/s [2025-04-12 19:37:43] thread 1: 250409704 hashes, 9773 khash/s [2025-04-12 19:37:43] thread 0: 21504 hashes, 8650 khash/s [2025-04-12 19:37:43] thread 3: 253010016 hashes, 9764 khash/s </pre> * By default '''minerd''' will use all cores - if you want to limit to number of core use the <code>-t <number_of_cores></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=1yGkMwmVbPELpXyZugffaP2sLEzWBPXpj -t 2</code> <pre> [2025-04-12 19:43:05] 2 miner threads started, using 'sha256d' algorithm. [2025-04-12 19:43:05] Long-polling activated for http://127.0.0.1:3366 [2025-04-12 19:43:05] thread 1: 2097152 hashes, 11359 khash/s [2025-04-12 19:43:05] thread 0: 2097152 hashes, 11327 khash/s </pre> * Next we mine on till we have at least 101 blocks so are coins are matured. ===After 101 blocks - Mature Coins=== * now we should have some coins in are wallet that we can use, YAY <code>./n33bcoin-cli getbalance</code> <pre>11112110.00000000</pre> * and lets check the account of are second node <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> * Lets get the address of are second node to send some coins <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress 0 true</code> * Or we could generate a new address with <code>getnewaddress</code> <code>1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz</code> Now lets send some coins ==Wallet Basics== Now we have coins we can use - matured coins ===Get balance=== * <code>getbalance</code> <code>./n33bcoin-cli getbalance</code> ===Find Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>./n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>./n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>./n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>./n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> * and Check balance of second node to see balance: <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>33.00000000</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>./n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>./n33bcoin-cli listtransactions</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===list received transactions by address=== * <code>listreceivedbyaddress</code> * <code>./n33bcoin-cli listreceivedbyaddress</code> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 listreceivedbyaddress</code> <pre> [ { "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "account": "", "amount": 33.00000000, "confirmations": 6, "label": "", "txids": [ "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7" ] } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>./n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>./n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>./n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>./n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>./n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>./n33bcoin-cli setaccount "<address>" "<newlabel>"</code> ==Backup Wallets and Restore/Reclaim== To '''test''' wallet exports and back ups we are going to create a '''third node'''. <br> This keeps are main wallet and the wallet of are second node safe.<br> Or If you feel up for it, feel free to play/use/learn with your main wallet. * Create a directory for third node <code>mkdir ~/.n33bcoin3</code> * Create config file <code>$EDITOR ~/.n33bcoin3/n33bcoin.conf</code> * Note: changed ports (change to username and password not necessary, its optional.) <pre> rpcuser=coinuser2 rpcpassword=coinpassword2 rpcallowip=127.0.0.1 rpcport=3368 daemon=1 server=1 rpcbind=127.0.0.1 port=3335 </pre> * Start node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Connect node <code>./n33bcoin-cli -rpcport=3366 addnode "127.0.0.1:3335" "add"</code> * Check node three <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getblocktemplate</code> * See Address (pub key) <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> <pre>1EhA5fkapYWrhs2oAf2AqvF4WYMPM28GqL</pre> * I have sent 33 n33bcoin's to this address. <pre> ./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744568061, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "8afde14085be2139ff008667c345b3697bea9cea" } </pre> ===Encrypt Wallet=== * '''IMPORTANT NOTE! IF YOU LOSE/FORGET PASSPHRASE, YOU LOST YOUR WALLET!''' Encrypting your wallet, will require passphrase to see private_keys and to send coins from your account, but you can still check balance and the basic chain info '''without passphrase'''. * Syntax <code>./n33bcoin-cli encryptwallet "<passphrase>"</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 encryptwallet "pa55word"</code> <br>OutPut: <pre> wallet encrypted; N33Bcoin server stopping, restart to run with encrypted wallet. The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup. </pre> ====Test Encryption==== Syntax: <code>./n33bcoin-cli dumpprivkey <address></code> This command should need passphrase if wallet locked. ** <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> can be used in place of a real address <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpprivkey 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> If wallet '''LOCKED''' - you will see <pre> error code: -13 error message: Error: Please enter the wallet passphrase with walletpassphrase first. </pre> If wallet '''UNLOCKED''' but address not in wallet - you will see ** This is because there is no address <code>1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa</code> in your wallet and error code -5 indicates address not found in the wallet, but it passed the lock so, yay <pre> error code: -5 error message: Invalid N33Bcoin address </pre> If address exists in your wallet and wallet is '''UNLOCKED''' - you will see the private key: <pre> 6vJYM3RFWh7MyLVrPbgzgibUgqxMzWUCCbuH3GcfDRTqfoNQjBb </pre> '''IMPORTANT:''' Never share your actual private keys with anyone. The example above is for demonstration purposes only. ====open encrypted wallet==== * Syntax ./n33bcoin-cli walletpassphrase "<passphrase>" <time_in_seconds_to_stay_open> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrase "Pa55word" 60</code> ====Change PassPhrase==== * Syntax: <code><code>./n33bcoin-cli walletpassphrasechange "<old_passphrase>" "<new_passphrase>"</code></code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 walletpassphrasechange "Pa55word" "StrongPass123!@#456"</code> ===Back Up WALLET.DAT === * You can make a backup of your wallet.dat file whether its encrypted or un-encrypted. ** not-encrypted you just copy into a directory and you and anyone else has full access. ** encrypted, you need to know the passphase the file is encrypted with to have access. ** Both Export and Import the backup wallet.dat the same way, expect one asks for passphase and the other does not. ====Make copy of wallet.dat==== * <code>backupwallet</code> * Syntax:<code>./n33bcoin-cli backupwallet /path/to/export/wallet-backup.file</code> <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> ====Stop node 3 and delete wallet.dat==== * Stop node - Note: RPC PORT <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * not gonna delete, just move, only so many times i wanna learn that lesson. <code>mv ~/.n33bcoin3/wallet.dat ~/oldwallet.dat</code> * Start Node 3 - this will create a new <code>wallet.dat</code> file <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check Balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744572042, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "bb4e27a7896ae19acdf3b43244f82b59f5164c7c" } </pre> * Check addresses <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 listreceivedbyaddress 0 true</code> * Its a diff/new address, because its a new wallet. <pre> "address": "1JwAmtR9T8xa49daoHQhf54tBdyabby2m2", </pre> ===Restore Wallet.dat=== * Stop Node 3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move old wallet to Node 3 Directory ** This command will write over the new wallet.dat file currently in directory - in effect deleting it. <code>mv ~/wallet-backup.node3 ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>11148007.99990960</pre> ====OH NUTZ==== * By mistake i backed up main wallet. <code>./n33bcoin-cli backupwallet ~/wallet-backup.node3</code> * Intended to backup node3 - the correct command would of been <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 backupwallet ~/wallet-backup.node3</code> Good Thing we just moved the node3 wallet and not deleted or 33 n33bcoins would of been in a dead account.<br> This is why you should learn about bitcoin on n33bcoins and not the bitcoin main net blockchain. Lets restore from the moved wallet <code>~/oldwallet.dat</code> * Stop node3 <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> * Move oldwallet back to node3 <code>mv ~/oldwallet.dat ~/.n33bcoin3/wallet.dat</code> * Start Node 3 <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> * Check balance <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getbalance</code> <pre>33.00000000</pre> YAY ===Dump Entire Wallet with <code>dumpwallet</code>=== * Exports all private keys, addresses, and wallet metadata to a plain text file for a comprehensive backup. * Syntax <code>./n33bcoin-cli dumpwallet /path/to/export/n33bcoin-wallet.txt</code> <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 dumpwallet ~/ssshhh.txt</code> <code>cat ~/ssshhh.txt</code> * Yep its all in plain text! <pre> # Wallet dump created by N33Bcoin v0.14.3.0-g150612e # * Created on 2025-04-13T22:54:50Z # * Best block at time of backup was 212 (000000009f5f7189bd4334895fd1c903ae904525abb5768feb98b81282a1949e), # mined on 2025-04-13T18:34:02Z # extended private masterkey: xprv9s210pEDlspXiamstilrandotypinhDXRTQ1TatJNSL3fxs9QaLLjRV1FZH9zw2VcErU498hsd3pynuyDR2clongrandome4Msz5 L1XJ0pald6SZXP4sKdVcDETpsdoWeksd4er5hhPsdFG1PPV 2025-04-13T18:14:21Z change=1 # addr=1HtmEDdpk5SJAp3nGCnaAD5gKZc2Er4qG hdkeypath=m/0'/0'/82' about 100 lines like the one above and ends with: # End of dump </prE> ===Import Dumped Wallet=== To test import works we are gonna, stop node3, move wallet.dat, start node3, check new wallet got auto generated again. then import are ssshhh.txt file and see if restored. ====Check wallet node 3 pre-test==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744575092, "keypoolsize": 101, "unlocked_until": 0, "paytxfee": 0.00000000, "hdmasterkeyid": "0a0e6e94e4a184e773e4a3e3244adc4352935afa" } </pre> ====Stop node 3 ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 stop</code> ====Move wallet.dat ==== <code>mv ~/.n33bcoin3/wallet.dat ~/wallet.node3</code> ====Start node 3 ==== <code>./n33bcoind -daemon -datadir=/home/ubuntu/.n33bcoin3 -port=3335 -rpcport=3368</code> ====Check wallet node 3 - when deleted/changed==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 0.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 0, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ====Import Restore from Dumped Wallet ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importwallet ~/ssshhh.txt</code> ====Check wallet node 3 when restored ==== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getwalletinfo</code> <pre> { "walletversion": 130000, "balance": 33.00000000, "unconfirmed_balance": 0.00000000, "immature_balance": 0.00000000, "txcount": 1, "keypoololdest": 1744586216, "keypoolsize": 100, "paytxfee": 0.00000000, "hdmasterkeyid": "b0d8b6b86990cde25bfbc1d1e3e71035bf7c6ed2" } </pre> ==Off Line Storage and Importation== * Create a offline key pair, using a python script that can run off a live linux iso. * Going to send coins from node 3 to off line address. * Going to import to wallet 2 by sweeping private wif key. ===Create Offline Keypair=== * https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ** We have used the [[N33Bcoin_Address_Generator_Bitcoin| N33Bcoin_Address_Generator]] to create the following key pair which we will use for this test. <pre> noob@noob-ThinkPad-T470:~/Gen/py-pub-prv$ python3 gen.py Enter your seed (12 words or any random input): hithere Generated n33bcoin Key Pair: Private Key: 3e4748d72b0a0c5d4538b52a2ade025a0f52a1e8642384ac14e5af0f90b8ab8a Public Key: 04c4cab1795312dafbf2532c7b238d448b55fa151a3d4e059cb49b47fb7244fb8767981b561c067494f9f3a6357024bb4fa71d12d692a733f7a0583d6fa7276548 n33bcoin Address: 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG WIF Private Key: 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH </pre> ===Send from node 3 to offline address=== <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 sendtoaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG 10</code> ===Check its in address=== * Can take a few blocks before you can see it. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * Syntax: <code>./n33bcoin-cli importaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG "external" false</code> * <code>importaddress</code> The RPC command to import a Bitcoin address as a watch-only address into the wallet * <code>13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> The Bitcoin address you are importing. After import, the wallet will monitor this address for incoming transactions, but cannot spend from it since you do not have the private key * <code>"external"</code> An optional label assigned to the imported address. This helps you organize or identify addresses in your wallet * <code>false</code> The rescan parameter. Setting it to false means the wallet will not rescan the blockchain for historical transactions involving this address. Only new transactions (after import) will be tracked. If set to true (default), the wallet would scan the entire blockchain for past transactions involving the address, which can take a long time (but not in are case as we have new blockchain). ====getreceivedbyaddress==== * TESTED - Balance is only shown on account that imported the address as a address to watch. ** Took about 10 mins to show balance. <code>./n33bcoin-cli -rpcport=3368 -rpcuser=coinuser2 -rpcpassword=coinpassword2 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>10.00000000</pre> <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> <code>./n33bcoin-cli -rpcport=3366 -rpcuser=coinuser -rpcpassword=coinpassword getreceivedbyaddress 13j4do7QupXYPVtgmkkbP2gfe8ETnErrnG</code> <pre>0.00000000</pre> ====Receive funds from private key==== * Current Funds in Node/Wallet 2 <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>52.00000000</pre> * Import the keys <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 importprivkey 5JHiQDRUFhw9HzSJFVmHjzpHDaF7TXP8A5hFDHssVvyQA2yVRTH true</code> * Check balance <code>./n33bcoin-cli -rpcport=3367 -rpcuser=coinuser1 -rpcpassword=coinpassword1 getbalance</code> <pre>62.00000000</pre> Import is instant. ==Create Second Server and Sync Blockchain== * Creating second server in a container and forwarded to another VPS IP, to see if network syncs. <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Is Port Forwarding Required for the Second Node?</span> <div class="mw-collapsible-content"> <p><strong>Why set up port forwarding?</strong> Port forwarding (using iptables to forward port <code>3333</code> to the second node) allows the node to receive incoming connections from other N33Bcoin nodes. This ensures reliable syncing with the main node and enables the second node to share blockchain data with others, strengthening the network.</p> <p><strong>Is it required?</strong></p> <ul> <li><strong>To mine</strong>: No. Mining uses local RPC calls (<code>127.0.0.1:3366</code>) and outbound connections to the main node (<code>104.194.157.52:3333</code>). As long as the main node is up, mining works without port forwarding. Note: You may need a dummy node to avoid errors.</li> <li><strong>To act as a peer</strong>: Yes. To allow other nodes to connect and sync from the second node (e.g., via <code>144.172.89.93:3333</code>), port forwarding is required. Without it, the node can sync but won’t serve blocks to others.</li> </ul> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Tip:</strong> Keep port forwarding enabled for robust syncing and to support the N33Bcoin network, especially if you plan to add more nodes. </div> </div> </div> ===Launch container=== <code>lxc launch ubuntu:18.04 n33b-node</code> <code>lxc exec n33b-node bash</code> <code>pro attach <longKey></code> <code>apt update && apt upgrade -y && apt install ubuntu-advantage-tools wireguard -y</code> ===Setup Wireguard=== * This is the same as the last time, in this tut i am going to keep the same keys in tut, to save time. PS: You can use same keys on many connections (not the best idea). ===Create Directory for Keys=== <code>mkdir ~/wireguard</code> * As we are logged in as '''root''' this path will be /root/wireguard <code>cd ~/wireguard</code> ===Generate the private and public keys=== <code>umask 077</code> * '''umask 077''' sets the most restrictive default file permissions, allowing access only to the file's owner. <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * This will create two files, privatekey and publickey, in the ~/wireguard directory. * The Private key will be used for the Client Wireguard Config file ** <code>cat privatekey</code> = <code>kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</code> * The Public key will be used for the Server Wireguard Config File **<code>cat publickey</code> = <code>o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0=</code> * The Config file for wireguard is located in the <code>/etc/wireguard/</code> directory ** Both Client and Server config file will be stored in this directory path. ===/etc/wireguard/wg0.conf=== Template of a <code>/etc/wireguard/wg0.conf</code> file: <pre> [Interface] PrivateKey = <client_private_key> # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = <server_ip>:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> <code>$EDITOR /etc/wireguard/wg0.conf</code> * Append your Client Private Key <pre>PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08=</pre> * Append your servers IP address <pre>Endpoint = 12.34.56.78:51820</pre> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = <server_public_key> # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> * Will Append Server Public Key Later FireWall Notes: * My host and container do not have firewalls setup * If they did, we would allow port 51820 udp Enable IP forwarding to allow traffic to pass through the VPN server: <code>$EDITOR /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> * '''DO NOT ENABLE WIREGUARD YET!''' ** Need to setup server and return to append/complete the client config before enabling wireguard. ==Server Setup== First login to your server, update and reboot<br> <code>ssh root@12.34.56.78</code><br> <code>apt update && apt upgrade -y && reboot</code><br> Give it a minute or two and log back into server. ===Auto Update Server=== * You may want to apply auto updates to your server. * https://www.completenoobs.com/noobs/Ubuntu_unattended-upgrades ===Firewall=== * Check if firewall enabled - it should be by default on server <code>ufw status</code> * At this stage we are just going to allow 22 are ssh port and 51820 the port wireguard uses by default. Will return <pre> Status: inactive </pre> If inactive Or the rules applied if enabled <pre> Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) </pre> If not enabled already make sure you allow port 22 for your ssh first <code>ufw allow 22/tcp</code> * check with <code>ufw status</code> now we can enable - If not already enabled. <code>ufw enable</code> Allow the Wireguard port 51820:<br> <code>ufw allow 51820/udp</code> This would do for now - we will do the rest once wireguard up and running. <div class="toccolours mw-collapsible mw-collapsed"> If you Entered wrong port number and would like to change/delete rule: <div class="mw-collapsible-content"> First check current rules.<br> <code>ufw status</code> delete a UFW rule you made by mistake.<br \> <code>ufw delete allow 433/tcp</code><br \> Or you can use a numbered rule list.<br \> <code>ufw status numbered</code><br \> Will list rules by number.<br \> <code>ufw delete <RULE_NUMBER></code><br \> <code>ufw delete 2</code><br \> Now re-enter rule to allow correct port number and protocol. </div> </div> ===Installing wireguard=== * Install wireguard on server <code>apt install wireguard</code> ===Create directory for wireguard keys=== * create directory for keys <code>mkdir ~/wireguard</code> <code>cd ~/wireguard</code> * Set File permissions <code>umask 077</code> * Generate Public and Private Keys <code>wg genkey | tee privatekey | wg pubkey > publickey</code> * See Pub Key <code>cat publickey</code> = <code>VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA=</code> * See Priv key <code>cat privatekey</code> = <code>0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w=</code> ===Find your network interface name on Server=== * Find your network interface name on Server using the following command: <code>ip -o -4 route show to default | awk '{print $5}'</code> * Returns: <pre> enp1s0 </pre> * Note you network interface name for the <code>/etc/wireguard/wg0.conf</code> file. ** Your network interface name might be called something else like '''eth0''' note this and replace where you see '''enp1s0''' in the servers wg0.conf file. ===Server Wireguard <code>/etc/wireguard/wg0.conf</code> '''Template''' === <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = <server_private_key> # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true # Change '''enp1s0''' to your network interface on both lines. ## To see your servers network interface use this command: ## ip -o -4 route show to default | awk '{print $5}' PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = <client_public_key> # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> ====Details we need to append to are <code>/etc/wireguard/wg0.conf</code>==== * '''<server_private_key>''': Replace this with the contents of your privatekey file. * '''<client_public_key>''': Replace this with the public key from the client device that will connect to this server. * '''AllowedIPs''': Specifies which IP addresses are allowed to use this connection. This typically includes the client’s WireGuard IP and any subnets you want to route. * '''enp1s0''' If your network interface name is diff then change/correct on both lines ** <code>PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE_NAME> -j MASQUERADE</code> ** <code>PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE_NAME> -j MASQUERAD</code> ====Create are <code>/etc/wireguard/wg0.conf</code> file for Server==== <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] Address = 10.0.0.1/24 # Replace with the IP address/subnet you want to use for the VPN ListenPort = 51820 # Default WireGuard port PrivateKey = 0FDqowMNvNFQ3d8+phQs3a4zDYEggmgeML1uin08M1w= # Replace with the contents of your privatekey file # (Optional) Save configuration on shutdown SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD [Peer] PublicKey = o/gsEsee7FfFFvzQI9OdD3LvHYu3CkRobeZcpbjM6n0= # Replace with the public key of the client AllowedIPs = 10.0.0.2/32 # The IP address that the client will use PersistentKeepalive = 25 # Send a keepalive packet every 25 seconds </pre> Save and Exit, that should be all done. ===Enable IP forwarding to allow traffic to pass through the VPN server=== <code>vi /etc/sysctl.conf</code> * uncomment line 28 <code>#net.ipv4.ip_forward=1</code> Save and Exit <code>sysctl -p</code> The Server Side is now ready. * Start the WireGuard interface: <code>wg-quick up wg0</code> * Enable WireGuard to start on boot: <code>systemctl enable wg-quick@wg0</code> We are now done with server, can go back to client. ==Back in container== NOTE: This is for the '''lxc container''' and not the host * edit and append the server public key to /etc/wireguard/wg0.conf <code>$EDITOR /etc/wireguard/wg0.conf</code> <pre> [Interface] PrivateKey = kPL8S4y1GJPMTqqNhoD31+qjsEbM3jIcGWNhRtS8J08= # Client's private key Address = 10.0.0.2/24 # Client's IP address in the VPN [Peer] PublicKey = VASQkU11QiXNkDxm2B6M9f2jnV9UUhjHV7E21XQleiA= # Server's public key Endpoint = 12.34.56.78:51820 # Server's IP and WireGuard port AllowedIPs = 0.0.0.0/0 # Route all traffic through the VPN PersistentKeepalive = 25 </pre> * now hopefully all good lets start wireguard and test <code>wg-quick up wg0</code> * This command should return the IP of the Server <code>curl ifconfig.me</code> * If container returns same IP as server :) we are good to go, enable wireguard on startup. <code>systemctl enable wg-quick@wg0</code> Now we have a Public IP for are Coin, lets return to host and finish are coin. ==Back to Server == Lets finish the firewall rules on are server. Now to allow the ports we are going to be using: * Main Net default port 3333 <code>ufw allow 3333/tcp</code> * Test Net default port 13333 <code>ufw allow 13333/tcp</code> * Reg Net default port 13337 <code>ufw allow 13337/tcp</code> * RPC ports ** Main Net 3366 <code>ufw allow 3366/tcp</code> ** Test Net 12333 <code>ufw allow 12333/tcp</code> ** Reg Net 12345 <code>ufw allow 12345/tcp</code> Now we are going to forward these ports to our container on the other end of WireGuard: * Need to do these for each port, but for now just the MainNet port 3333 others will be used on other nodes. <code> sudo iptables -t nat -A PREROUTING -p tcp -d <SERVER_PUBLIC_IP> --dport <PORT_NUMBER> -j DNAT --to-destination <WIREGUARD_CLIENT_IP>:<PORT_NUMBER></code><br> <code>sudo iptables -A FORWARD -p tcp -d <WIREGUARD_CLIENT_IP> --dport <PORT_NUMBER> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Example: Allowing Main Net port 3333 to forward from container to server. ** SERVER_PUBLIC_IP: 12.34.56.78 (place holder) ** WIREGUARD_CLIENT_IP: 10.0.0.2 (This can be found on your Client/Containers /etc/wireguard/wg0.conf file "Address = 10.0.0.2/24 # Client's IP address in the VPN") ** PORT_NUMBER: 3333 <code> sudo iptables -t nat -A PREROUTING -p tcp -d 12.34.56.78 --dport 3333 -j DNAT --to-destination 10.0.0.2:3333</code><br> <code>sudo iptables -A FORWARD -p tcp -d 10.0.0.2 --dport 3333 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT </code> * Make the iptables rules persistent across reboots <code>sudo apt install iptables-persistent</code><br> <code>sudo iptables-save > /etc/iptables/rules.v4</code> ==In Container Building N33Bcoin== * Push over N33Bcoin.0.0.1.tar.gz to the container n33b-node. <code>lxc file push N33Bcoin.0.0.1.tar.gz n33b-node/home/ubuntu/</code> OR Download from github * Download from Github, sha256sum=<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Login to container as user ubuntu <code>lxc exec n33b-node -- su - ubuntu</code> * extract <code>tar xvf N33Bcoin.0.0.1.tar.gz</code> ===Install depends and Build and Install Berkeley DB=== * In the Container - as user 'ubuntu' in /home/ubuntu directory. <code>sudo apt update && sudo apt upgrade -y</code> <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ===Build N33Bcoin=== * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j3</code> will use 3 cores (i have 4 cores), you can use just <code>make</code> (will use 1 core) or any amount of cores you want from system <code>make -j3</code><br> * Before running - make sure first node up and running <div class="toccolours mw-collapsible mw-collapsed" style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 10px; margin: 10px 0;"> <span style="font-weight: bold;">Troubleshooting Syncing Issues on the Second Node</span> <div class="mw-collapsible-content"> <p>If your second node (e.g., <code>144.172.89.93</code>) fails to sync (e.g., stuck at <code>blocks: 0</code>), the main node (<code>104.194.157.52</code>) may be in Initial Block Download (IBD), preventing it from serving blocks. Here’s what I faced and how I fixed it:</p> <ul> <li><strong>Problem</strong>: The second node didn’t sync because the main node was in IBD, likely due to a chain tip older than 24 hours.</li> <li><strong>Initial Fix</strong>: <ul> <li>Started a dummy node on the main node (<code>127.0.0.1:3334</code>) for an active peer .</li> <li>Mined on the main node: <pre style="background-color: #f8f9fa; border: 1px solid #a2a9b1; padding: 5px;"> minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=&lt;your-address&gt; -t 2 </pre> This created new blocks (e.g., to <code>blocks: 441</code>), exiting IBD and enabling sync.</li> </ul> </li> <li><strong>Test</strong>: I deleted the second node and recreated it from scratch, running both the main and dummy nodes on the genesis server. The second node synced to <code>blocks: 441</code> while the main node was mining.</li> <li><strong>Observation</strong>: In one test, I thought syncing worked without mining, but mining was active on the main node, advancing the chain to <code>blocks: 441</code>. Possible factors for sync success: <ul> <li>Recent chain tip from mining kept the main node out of IBD.</li> <li>Dummy node provided a peer, preventing IBD re-entry.</li> <li>iptables rule for port <code>3333</code> enabled inbound connections (i did once not forward the correct port, make sure you check your ip rules with <code>cat /etc/iptables/rules.v4</code> to make sure you entered the correct ones. ).</li> </ul> </li> <li><strong>If Syncing Fails</strong>: Mine on the main node with the dummy node running.</li> </ul> <p><strong>Note</strong>: Syncing may not require ongoing mining if the main node’s chain tip is recent, but mining is needed to exit IBD. Test and share your findings!</p> <div style="background-color: #fff3cd; border: 1px solid #ffeeba; padding: 10px; margin-top: 10px;"> <strong>Warning:</strong> If the second node won’t sync, the main node may be in IBD. Start the dummy node and mine to exit IBD. </div> </div> </div> ===n33b-node=== <code>src/n33bcoind -daemon</code> <code>src/n33bcoin-cli stop</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcport=3366 daemon=1 server=1 rpcbind=127.0.0.1 debug=rpc debug=mining </pre> <code>src/n33bcoind</code> * Now Second n33bcoin node is running lets check sync <div class="toccolours mw-collapsible mw-collapsed"> * Node Syncing/Connecting issues If your node if not connecting <b>add a node</b>, This can be done in the n33bcoin.conf file or manually with n33bcoin-cli <div class="mw-collapsible-content"> * Appending Peer Node/s to Node config file <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> * Syntax:<code>addnode=<IP_Or_Domain>:<Port></code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcbind=127.0.0.1 rpcport=3366 daemon=1 server=1 addnode=node.n3wbcoin.com:3333 addnode=104.194.157.52:3333 </pre> * Add Node Manually using n33bcoin-cli ** Syntax:<code>n33bcoin-cli addnode <IP_Or_Domain>:<Port> add</code> <code>n33bcoin-cli addnode 104.194.157.52:3333 add</code> </div> </div> <code>src/n33bcoin-cli getpeerinfo</code> <pre> [ { "id": 0, "addr": "104.194.157.52:3333", "addrlocal": "144.172.89.93:52636", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157772, "lastrecv": 1745157771, "bytessent": 1277, "bytesrecv": 1198, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.303657, "minping": 0.303657, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": false, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 110, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 1, "addr": "104.194.157.52:57050", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.296047, "minping": 0.296047, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } }, { "id": 2, "addr": "104.194.157.52:57060", "addrlocal": "144.172.89.93:3333", "services": "000000000000000d", "relaytxes": true, "lastsend": 1745157771, "lastrecv": 1745157771, "bytessent": 1198, "bytesrecv": 1222, "conntime": 1745157770, "timeoffset": 0, "pingtime": 0.316404, "minping": 0.316404, "version": 70015, "subver": "/Satoshi:0.14.3/", "inbound": true, "addnode": false, "startingheight": 441, "banscore": 0, "synced_headers": 441, "synced_blocks": 441, "inflight": [ ], "whitelisted": false, "bytessent_per_msg": { "addr": 55, "feefilter": 32, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 }, "bytesrecv_per_msg": { "addr": 55, "feefilter": 32, "getaddr": 24, "getheaders": 701, "headers": 106, "ping": 32, "pong": 32, "sendcmpct": 66, "sendheaders": 24, "verack": 24, "version": 126 } } ] </pre> <code>src/n33bcoin-cli getblockchaininfo</code> <pre> ubuntu@n33b-node:~/N33Bcoin$ src/n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.03058041491289009, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> ===From first node=== <pre> ./n33bcoin-cli getblockchaininfo { "chain": "main", "blocks": 441, "headers": 441, "bestblockhash": "0000000062cd06f3080c9bf30d15506fe6c20869e8cbc88217c99e389952a8ef", "difficulty": 1, "mediantime": 1745152094, "verificationprogress": 0.02034601825250813, "chainwork": "000000000000000000000000000000000000000000000000000001ba01ba01ba", "pruned": false, "softforks": [ { "id": "bip34", "version": 2, "reject": { "status": true } }, { "id": "bip66", "version": 3, "reject": { "status": true } }, { "id": "bip65", "version": 4, "reject": { "status": true } } ], "bip9_softforks": { "csv": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 }, "segwit": { "status": "defined", "startTime": 0, "timeout": 9999999999, "since": 0 } } } </pre> * Both nodes/blockchains are in sync, nice h2ck9h529kf74nan2pzluazh980hib7 0 161 521 2025-04-21T21:49:53Z AwesomO 5 Created page with "==Installing Virtual box in windows 10 == ===depends on c++=== https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170#latest-microsoft-visual-c-redistributable-version * https://aka.ms/vs/17/release/vc_redist.x64.exe ===VirtualBox and extension pack=== https://www.virtualbox.org/wiki/Downloads * https://download.virtualbox.org/virtualbox/7.1.8/VirtualBox-7.1.8-168469-Win.exe * https://download.virtualbox.org/virtualbox/7.1.8/Oracle_Virtu..." 521 wikitext text/x-wiki ==Installing Virtual box in windows 10 == ===depends on c++=== https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170#latest-microsoft-visual-c-redistributable-version * https://aka.ms/vs/17/release/vc_redist.x64.exe ===VirtualBox and extension pack=== https://www.virtualbox.org/wiki/Downloads * https://download.virtualbox.org/virtualbox/7.1.8/VirtualBox-7.1.8-168469-Win.exe * https://download.virtualbox.org/virtualbox/7.1.8/Oracle_VirtualBox_Extension_Pack-7.1.8.vbox-extpack ===Ubuntu 1804 iso=== https://cdimage.ubuntu.com/ubuntu-mate/releases/18.04/release/ * https://cdimage.ubuntu.com/ubuntu-mate/releases/18.04/release/ubuntu-mate-18.04.5-desktop-amd64.iso ==Windows open ports pass firewall== * '''Run "PowerShell" As Administrator''' <pre> netsh advfirewall firewall add rule name="N33Bcoin Mainnet" dir=in action=allow protocol=TCP localport=3333 </pre><pre> netsh advfirewall firewall add rule name="N33Bcoin Testnet" dir=in action=allow protocol=TCP localport=13333 </pre> * verify with: <pre> netsh advfirewall firewall show rule name="N33Bcoin Mainnet" </pre><pre> netsh advfirewall firewall show rule name="N33Bcoin Testnet" </pre> ==Install Ubuntu 1804 in VirtualBox== Did unattended install with 2GB ram and 25gb HD. * NOTE: you may want to change display resolution. <code>MENU (TOP RIGHT) > Preferences > Displays</code> Your going to want Ubuntu pro. * Ubuntu pro is free for upto 5 boxes/installs running at once Sign up to ubuntu and on the https://ubuntu.com/pro/dashboard you will see a long token Like:<code>K34ssudkjVFe5334sDF</code> For some reason when installing through VirtualBox Unattended install user is not in the sudo group and cannot use sudo. * which to root user <code>su root</code><br> * Adduser to sudoers <code>adduser vboxuser sudo</code><br> * Need to update and upgrade before adding pro <code>apt update && apt upgrade -y</code> * Upgrade 1804 to PRO for updates - Recommended Step, not required. <code>pro attach YOUR_LONG_TOKEN</code> * again after pro, update & upgrade & restart <code>apt update && apt upgrade -y && reboot</code> ==Installing depends to build coin== <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ==Download N33Bcoin== * Now thats done we can carry on <code>cd ~/</code><br> * Download N33Bcoins <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Check Sum should return:<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>sha256sum N33Bcoin.0.0.1.tar.gz</code> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j2</code> will use 2 cores (i have 4 cores with 2 in the vm), you can use just <code>make</code> (will use 1 core) or use any amount of cores you want from system with <code>-j<number></code> <code>make -j2</code><br> ==Start Coin and Config== * Start node <code>src/n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> If you forgot to include '''<code>-daemon</code>''': <div class="mw-collapsible-content"> The <code>-daemon</code> will have n33bcoind run in background, as a daemon. If you did not include you can use the kill command to close. * <code>ps aux | grep n33bcoin</code> <pre>vboxuser 12345 1.0 0.5 123456 7890 ? S 12:00 0:01 src/n33bcoind </pre> * <code>kill -9 <number></code> </div> </div> * stop node <code>src/n33bcoin-cli stop</code> * <code>$EDITOR</code> is a place holder for an editor of your choice - use nano or can be done in gui with <code>pluma</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcbind=127.0.0.1 rpcport=3366 daemon=1 server=1 addnode=node.n33b.com:3333 </pre> * Note: once <code>daemon=1</code> is included in n33bcoin.conf, you no longer need to append <code>-daemon</code> <code>src/n33bcoind</code> * Get address <code>src/n33bcoin-cli getnewaddress</code> ===Install n33bcoin=== * Installing n33bcoin means we no longer are required to use path *Make sure you are in correct path: <code>cd ~/N33Bcoin/</code> * Install n33bcoin <code>sudo make install</code> ==mining== <code>sudo apt install -y build-essential libcurl4-openssl-dev git</code> <code>cd ~</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=19S2thMqbYhwB6doLYQamStkzEyuqZs5Yn</code> * Generate your own address (don’t use the example <code>19S2thMqbYhwB6doLYQamStkzEyuqZs5Yn</code>) * YAY, back to the days when you could find bitcoin blocks with a simple CPU ==Wallet Basics== ===Get Balance=== * <code>getbalance</code> <code>n33bcoin-cli getbalance</code> * If you found a block, it will me immature for another 100 blocks, but you can see them in your <code>immature_balance</code> by using <code>getwalletinfo</code> ** <code>immature_balance</code>: Mined coins not yet spendable (wait for 100 confirmations). * <code>getwalletinfo</code> <code>n33bcoin-cli getwalletinfo</code> ===list Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>n33bcoin-cli listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>n33bcoin-cli setaccount "<address>" "<newlabel>"</code> 0ruk5ahvlfsr86filz81aoa91o25wia 525 521 2025-04-23T16:11:20Z AwesomO 5 /* Start Coin and Config */ 525 wikitext text/x-wiki ==Installing Virtual box in windows 10 == ===depends on c++=== https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170#latest-microsoft-visual-c-redistributable-version * https://aka.ms/vs/17/release/vc_redist.x64.exe ===VirtualBox and extension pack=== https://www.virtualbox.org/wiki/Downloads * https://download.virtualbox.org/virtualbox/7.1.8/VirtualBox-7.1.8-168469-Win.exe * https://download.virtualbox.org/virtualbox/7.1.8/Oracle_VirtualBox_Extension_Pack-7.1.8.vbox-extpack ===Ubuntu 1804 iso=== https://cdimage.ubuntu.com/ubuntu-mate/releases/18.04/release/ * https://cdimage.ubuntu.com/ubuntu-mate/releases/18.04/release/ubuntu-mate-18.04.5-desktop-amd64.iso ==Windows open ports pass firewall== * '''Run "PowerShell" As Administrator''' <pre> netsh advfirewall firewall add rule name="N33Bcoin Mainnet" dir=in action=allow protocol=TCP localport=3333 </pre><pre> netsh advfirewall firewall add rule name="N33Bcoin Testnet" dir=in action=allow protocol=TCP localport=13333 </pre> * verify with: <pre> netsh advfirewall firewall show rule name="N33Bcoin Mainnet" </pre><pre> netsh advfirewall firewall show rule name="N33Bcoin Testnet" </pre> ==Install Ubuntu 1804 in VirtualBox== Did unattended install with 2GB ram and 25gb HD. * NOTE: you may want to change display resolution. <code>MENU (TOP RIGHT) > Preferences > Displays</code> Your going to want Ubuntu pro. * Ubuntu pro is free for upto 5 boxes/installs running at once Sign up to ubuntu and on the https://ubuntu.com/pro/dashboard you will see a long token Like:<code>K34ssudkjVFe5334sDF</code> For some reason when installing through VirtualBox Unattended install user is not in the sudo group and cannot use sudo. * which to root user <code>su root</code><br> * Adduser to sudoers <code>adduser vboxuser sudo</code><br> * Need to update and upgrade before adding pro <code>apt update && apt upgrade -y</code> * Upgrade 1804 to PRO for updates - Recommended Step, not required. <code>pro attach YOUR_LONG_TOKEN</code> * again after pro, update & upgrade & restart <code>apt update && apt upgrade -y && reboot</code> ==Installing depends to build coin== <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ==Download N33Bcoin== * Now thats done we can carry on <code>cd ~/</code><br> * Download N33Bcoins <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Check Sum should return:<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>sha256sum N33Bcoin.0.0.1.tar.gz</code> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j2</code> will use 2 cores (i have 4 cores with 2 in the vm), you can use just <code>make</code> (will use 1 core) or use any amount of cores you want from system with <code>-j<number></code> <code>make -j2</code><br> ==Start Coin and Config== * Start node <code>src/n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> If you forgot to include '''<code>-daemon</code>''': <div class="mw-collapsible-content"> The <code>-daemon</code> will have n33bcoind run in background, as a daemon. If you did not include you can use the kill command to close. * <code>ps aux | grep n33bcoin</code> <pre>vboxuser 12345 1.0 0.5 123456 7890 ? S 12:00 0:01 src/n33bcoind </pre> * <code>kill -9 <number></code> </div> </div> * stop node <code>src/n33bcoin-cli stop</code> * <code>$EDITOR</code> is a place holder for an editor of your choice - use nano or can be done in gui with <code>pluma</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcbind=127.0.0.1 rpcport=3366 daemon=1 server=1 addnode=node.n3wbcoin.com:3333 </pre> * Note: once <code>daemon=1</code> is included in n33bcoin.conf, you no longer need to append <code>-daemon</code> <code>src/n33bcoind</code> * Get address <code>src/n33bcoin-cli getnewaddress</code> ===Install n33bcoin=== * Installing n33bcoin means we no longer are required to use path *Make sure you are in correct path: <code>cd ~/N33Bcoin/</code> * Install n33bcoin <code>sudo make install</code> ==mining== <code>sudo apt install -y build-essential libcurl4-openssl-dev git</code> <code>cd ~</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=19S2thMqbYhwB6doLYQamStkzEyuqZs5Yn</code> * Generate your own address (don’t use the example <code>19S2thMqbYhwB6doLYQamStkzEyuqZs5Yn</code>) * YAY, back to the days when you could find bitcoin blocks with a simple CPU ==Wallet Basics== ===Get Balance=== * <code>getbalance</code> <code>n33bcoin-cli getbalance</code> * If you found a block, it will me immature for another 100 blocks, but you can see them in your <code>immature_balance</code> by using <code>getwalletinfo</code> ** <code>immature_balance</code>: Mined coins not yet spendable (wait for 100 confirmations). * <code>getwalletinfo</code> <code>n33bcoin-cli getwalletinfo</code> ===list Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>n33bcoin-cli listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>n33bcoin-cli setaccount "<address>" "<newlabel>"</code> l1lhtqk1tx9p03v20uysck0259nnrhw 528 525 2025-04-29T17:37:12Z AwesomO 5 /* Windows open ports pass firewall */ 528 wikitext text/x-wiki ==Installing Virtual box in windows 10 == ===depends on c++=== https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170#latest-microsoft-visual-c-redistributable-version * https://aka.ms/vs/17/release/vc_redist.x64.exe ===VirtualBox and extension pack=== https://www.virtualbox.org/wiki/Downloads * https://download.virtualbox.org/virtualbox/7.1.8/VirtualBox-7.1.8-168469-Win.exe * https://download.virtualbox.org/virtualbox/7.1.8/Oracle_VirtualBox_Extension_Pack-7.1.8.vbox-extpack ===Ubuntu 1804 iso=== https://cdimage.ubuntu.com/ubuntu-mate/releases/18.04/release/ * https://cdimage.ubuntu.com/ubuntu-mate/releases/18.04/release/ubuntu-mate-18.04.5-desktop-amd64.iso ==Windows open ports pass firewall== * '''Run "PowerShell" As Administrator''' <pre> netsh advfirewall firewall add rule name="N33Bcoin Mainnet" dir=in action=allow protocol=TCP localport=3333 </pre><pre> netsh advfirewall firewall add rule name="N33Bcoin Testnet" dir=in action=allow protocol=TCP localport=13333 </pre> * verify with: <pre> netsh advfirewall firewall show rule name="N33Bcoin Mainnet" </pre><pre> netsh advfirewall firewall show rule name="N33Bcoin Testnet" </pre> * To Delete a Rule: <code>netsh advfirewall firewall delete rule name="N33Bcoin Mainnet"</code> * If you wish to tunnel all traffic from the VB to a VPS you can using wireguard, just make sure to open the port on the windows firewall for wireguard [[N33Bcoin_0.0.1#In_Container_wireguard_installation_and_setup| (tested working same as container)]]: <code>netsh advfirewall firewall add rule name="WireGuard port" dir=in action=allow protocol=TCP localport=51820</code> ==Install Ubuntu 1804 in VirtualBox== Did unattended install with 2GB ram and 25gb HD. * NOTE: you may want to change display resolution. <code>MENU (TOP RIGHT) > Preferences > Displays</code> Your going to want Ubuntu pro. * Ubuntu pro is free for upto 5 boxes/installs running at once Sign up to ubuntu and on the https://ubuntu.com/pro/dashboard you will see a long token Like:<code>K34ssudkjVFe5334sDF</code> For some reason when installing through VirtualBox Unattended install user is not in the sudo group and cannot use sudo. * which to root user <code>su root</code><br> * Adduser to sudoers <code>adduser vboxuser sudo</code><br> * Need to update and upgrade before adding pro <code>apt update && apt upgrade -y</code> * Upgrade 1804 to PRO for updates - Recommended Step, not required. <code>pro attach YOUR_LONG_TOKEN</code> * again after pro, update & upgrade & restart <code>apt update && apt upgrade -y && reboot</code> ==Installing depends to build coin== <code>sudo apt install build-essential</code> <code>sudo apt install autoconf libtool pkg-config libboost-all-dev libssl-dev libprotobuf-dev protobuf-compiler libevent-dev libcanberra-gtk-module libdb++-dev qtbase5-dev qt5-qmake libdb-dev libdb++-dev -y</code> <code>wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz</code> <code>sha256sum db-4.8.30.NC.tar.gz</code> * hash should return:<code>12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef</code> <code>tar -xf db-4.8.30.NC.tar.gz</code> <code>cd db-4.8.30.NC/build_unix</code> <code>export BDB_PREFIX=$(pwd)</code> <code>../dist/configure --disable-shared --enable-cxx --with-pic --prefix=$BDB_PREFIX CXXFLAGS="-fno-builtin-__atomic_compare_exchange"</code> Try the build: <code>make</code> <code>sudo make install</code> ==Download N33Bcoin== * Now thats done we can carry on <code>cd ~/</code><br> * Download N33Bcoins <code>wget https://raw.github.com/CompleteNoobs/N33Bcoin/main/N33Bcoin.0.0.1.tar.gz</code> * Check Sum should return:<code>0695dceaa4a88967560695f92c753d2fe4abc0f1b0cfb2673bf945fc83fb1225</code> <code>sha256sum N33Bcoin.0.0.1.tar.gz</code> * extract <code>tar xzvf N33Bcoin.0.0.1.tar.gz</code> * Make sure in correct path/directory <code> cd ~/N33Bcoin</code> <code>./autogen.sh</code> <code>./configure CPPFLAGS="-I${BDB_PREFIX}/include/ -O2" LDFLAGS="-L${BDB_PREFIX}/lib/"</code> * Note: <code>-j2</code> will use 2 cores (i have 4 cores with 2 in the vm), you can use just <code>make</code> (will use 1 core) or use any amount of cores you want from system with <code>-j<number></code> <code>make -j2</code><br> ==Start Coin and Config== * Start node <code>src/n33bcoind -daemon</code> <div class="toccolours mw-collapsible mw-collapsed"> If you forgot to include '''<code>-daemon</code>''': <div class="mw-collapsible-content"> The <code>-daemon</code> will have n33bcoind run in background, as a daemon. If you did not include you can use the kill command to close. * <code>ps aux | grep n33bcoin</code> <pre>vboxuser 12345 1.0 0.5 123456 7890 ? S 12:00 0:01 src/n33bcoind </pre> * <code>kill -9 <number></code> </div> </div> * stop node <code>src/n33bcoin-cli stop</code> * <code>$EDITOR</code> is a place holder for an editor of your choice - use nano or can be done in gui with <code>pluma</code> <code>$EDITOR ~/.n33bcoin/n33bcoin.conf</code> <pre> rpcuser=coinuser rpcpassword=coinpassword rpcallowip=127.0.0.1 rpcbind=127.0.0.1 rpcport=3366 daemon=1 server=1 addnode=node.n3wbcoin.com:3333 </pre> * Note: once <code>daemon=1</code> is included in n33bcoin.conf, you no longer need to append <code>-daemon</code> <code>src/n33bcoind</code> * Get address <code>src/n33bcoin-cli getnewaddress</code> ===Install n33bcoin=== * Installing n33bcoin means we no longer are required to use path *Make sure you are in correct path: <code>cd ~/N33Bcoin/</code> * Install n33bcoin <code>sudo make install</code> ==mining== <code>sudo apt install -y build-essential libcurl4-openssl-dev git</code> <code>cd ~</code> <code>git clone https://github.com/pooler/cpuminer.git</code> <code>cd cpuminer</code> <code>./autogen.sh</code> <code>./configure</code> <code>make</code> <code>sudo make install</code> * OK lets mine us some coins ** Syntax:<code>minerd -o <pool_url> -u <username> -p <password> --coinbase-addr=<public_key></code> <code>minerd -a sha256d -o http://127.0.0.1:3366 -u coinuser -p coinpassword --coinbase-addr=19S2thMqbYhwB6doLYQamStkzEyuqZs5Yn</code> * Generate your own address (don’t use the example <code>19S2thMqbYhwB6doLYQamStkzEyuqZs5Yn</code>) * YAY, back to the days when you could find bitcoin blocks with a simple CPU ==Wallet Basics== ===Get Balance=== * <code>getbalance</code> <code>n33bcoin-cli getbalance</code> * If you found a block, it will me immature for another 100 blocks, but you can see them in your <code>immature_balance</code> by using <code>getwalletinfo</code> ** <code>immature_balance</code>: Mined coins not yet spendable (wait for 100 confirmations). * <code>getwalletinfo</code> <code>n33bcoin-cli getwalletinfo</code> ===list Account Addresses=== * <code>listreceivedbyaddress 0 true</code> <code>n33bcoin-cli listreceivedbyaddress 0 true</code> ===Create New Address=== * <code>getnewaddress</code> <code>n33bcoin-cli getnewaddress</code> ===Sending coins=== * Syntax: <code>n33bcoin-cli sendtoaddress "<address>" <amount></code> <code>n33bcoin-cli sendtoaddress "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz" 33</code><br> * This comand will return a hash in your terminal out put. <pre>f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7</pre> ===See Transaction Details from hash=== * the transaction hash is from the above send coins example * Syntax: <code>n33bcoin-cli gettransaction "<transaction_hash>"</code> <code>n33bcoin-cli gettransaction "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7"</code> <pre> { "amount": -33.00000000, "fee": -0.00004520, "confirmations": 4, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553764, "timereceived": 1744553764, "bip125-replaceable": "no", "details": [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "send", "amount": -33.00000000, "vout": 0, "fee": -0.00004520, "abandoned": false } ], "hex": "020000000150a37ad36c761374df6a14c20bd2c016208358bf1f20af06c5acbe4827250ee7000000006a4730440220582f2094aca19d63744d8d128c3dea907cddd4eeb5728d6f064c4168d7a36b9c0220649b2397635fe0b8899fea4535b0072e856a164235f8ab8feb91f3dbfa9e3ddc012103dd8d842cd0c2b167b507b9e8ee580fc726262bb218abc5c6487668b72e5673a3feffffff020001b2c4000000001976a9146ae24c8430bcd30bc1b812f946229fcc563eb0ef88ac589a23fc060000001976a9141e0606800605f94643f5da7e0a31e435e030855788acbe000000" } </pre> ===List Transactions from account=== * <code>listtransactions</code> * <code>n33bcoin-cli listtransactions</code> * This command will show all transactions send and receive. <pre> [ { "account": "", "address": "1Ak9irgvsb6GecB5TUnoTdMZ9EpqvpJhfz", "category": "receive", "amount": 33.00000000, "label": "", "vout": 0, "confirmations": 6, "blockhash": "000000001de9c3c29b7e56f0b99915819e9b05390f4dfa6131975e0be2353025", "blockindex": 1, "blocktime": 1744553765, "txid": "f4e5e498a204c0ddc50eff3a96c21df9c7dea4145f58850878e0b73d609033b7", "walletconflicts": [ ], "time": 1744553766, "timereceived": 1744553766, "bip125-replaceable": "no" } ] </pre> ===Address With Label=== * Create New Address With Label ** Syntax: <code>getnewaddress "<Label>"</code> * NOTE: Label name is case sensitive. <code>n33bcoin-cli getnewaddress "Mining"</code> <pre>1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB</pre> * See Accounts in Label <code>n33bcoin-cli getaddressesbyaccount "Mining"</code> * a Label can hold many addresses <pre> [ "1AteBLozx2DE1mXyXSoZryjGjaoUyaLYiB" ] </pre> * Lists transactions for the labeled account. <code>n33bcoin-cli listtransactions "Mining"</code> * Tracking with a label - Shows total balance for addresses in the labeled account. <code>n33bcoin-cli getbalance "Mining"</code> * Label an existing address - Assigns an existing address to a named account. <code>n33bcoin-cli setaccount "<address>" "<label>"</code> * Change Label of Address <code>n33bcoin-cli setaccount "<address>" "<newlabel>"</code> b6sw6h86kwvdjp78l5ghwzlly81u4yj 0 162 522 2025-04-21T21:51:00Z AwesomO 5 Created page with "n33bcoin is a very light fork of bitcoin 0.14.3 code base, so we can learn more about bitcoin by doing (without losing/risking your bitcoin) Bitcoin is one of the grestest open source projects of are time and should come with a free and open education project to go along side it. Buying and losing bitcoin can be expensive. But thanks to bitcoin being free and open source software, learning about bitcoin by creating and playing with your very own fork is not. Can be don..." 522 wikitext text/x-wiki n33bcoin is a very light fork of bitcoin 0.14.3 code base, so we can learn more about bitcoin by doing (without losing/risking your bitcoin) Bitcoin is one of the grestest open source projects of are time and should come with a free and open education project to go along side it. Buying and losing bitcoin can be expensive. But thanks to bitcoin being free and open source software, learning about bitcoin by creating and playing with your very own fork is not. Can be done solo or with friends, family, and everyone else. Can create and run your coin on hardware that costs less than £100. * N33Bcoin 0.0.1 - How to create your own coin by forking bitcoin 0.14.3 code base. ** https://www.completenoobs.com/noobs/N33Bcoin_0.0.1 * Run n33bcoin on windows - using virtualbox ** https://www.completenoobs.com/noobs/Windows_10_VirtualBox_N33Bcoin * Create your own cold storage address ** https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ===Todo=== * Explorer * Mining Pool * GUI Wallet * Exchange contacts * Lightning n33bcoin * How does bitcoin software get updated * 51% mining attact * Can someone take over bitcoin and increase coin supply? 870336uumajlh83nikorye85m0wkemf 523 522 2025-04-21T23:49:27Z Noob 1 /* Todo */ 523 wikitext text/x-wiki n33bcoin is a very light fork of bitcoin 0.14.3 code base, so we can learn more about bitcoin by doing (without losing/risking your bitcoin) Bitcoin is one of the grestest open source projects of are time and should come with a free and open education project to go along side it. Buying and losing bitcoin can be expensive. But thanks to bitcoin being free and open source software, learning about bitcoin by creating and playing with your very own fork is not. Can be done solo or with friends, family, and everyone else. Can create and run your coin on hardware that costs less than £100. * N33Bcoin 0.0.1 - How to create your own coin by forking bitcoin 0.14.3 code base. ** https://www.completenoobs.com/noobs/N33Bcoin_0.0.1 * Run n33bcoin on windows - using virtualbox ** https://www.completenoobs.com/noobs/Windows_10_VirtualBox_N33Bcoin * Create your own cold storage address ** https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin ===Todo=== * Explorer * Mining Pool * GUI Wallet * Exchange contacts * Lightning n33bcoin * How does bitcoin software get updated * 51% mining attact * Can someone take over bitcoin and increase coin supply? * snapshot blockchain and move to POS and/or DPOS hblov9kxo57j8it2yf84kak555r3nu0 532 523 2025-05-17T13:36:34Z AwesomO 5 532 wikitext text/x-wiki n33bcoin is a very light fork of bitcoin 0.14.3 code base, so we can learn more about bitcoin by doing (without losing/risking your bitcoin) Bitcoin is one of the grestest open source projects of are time and should come with a free and open education project to go along side it. Buying and losing bitcoin can be expensive. But thanks to bitcoin being free and open source software, learning about bitcoin by creating and playing with your very own fork is not. Can be done solo or with friends, family, and everyone else. Can create and run your coin on hardware that costs less than £100. * N33Bcoin 0.0.1 - How to create your own coin by forking bitcoin 0.14.3 code base. ** https://www.completenoobs.com/noobs/N33Bcoin_0.0.1 * Run n33bcoin on windows - using virtualbox ** https://www.completenoobs.com/noobs/Windows_10_VirtualBox_N33Bcoin * Create your own cold storage address ** https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin *N33B coins current plan/path **<b>Proof of Work (PoW) Phase</b>: The initial distribution will occur through PoW, with a maximum of 33,333,333 N33B coins mineable. For Learning PoW and Creating a Fork of Bitcoin. ** PoW is not ideal for distribution in this project, so the shift to DPoS/PoS will align with our goal of a 33 billion coin supply while giving some value to early mined coins. **<b>Transition to DPoS/PoS</b>: Upon switching to Delegated Proof of Stake (DPoS) or Proof of Stake (PoS), the total supply will inflate to exactly 33,333,333,333 N33B coins. **<b>1:1 Conversion</b>: PoW-mined coins will convert 1:1 into the new DPoS/PoS system. For example, if 22,000,000 N33B coins are mined during the PoW phase at the time of the snapshot, the total supply will be increased by 33,311,333,333 coins to reach the target of 33,333,333,333. No pro-rata adjustments will be applied to PoW coins. Currently searching for a DPoS/PoS blockchain model for CompleteNoobs to fund and host content. ===Todo=== * Explorer * Mining Pool * GUI Wallet * Exchange contacts * Lightning n33bcoin * How does bitcoin software get updated * 51% mining attact * Can someone take over bitcoin and increase coin supply? * snapshot blockchain and move to POS and/or DPOS q99cpanhz0dciwsgr7d02hq8qzfhp7s 538 532 2025-05-19T17:21:51Z AwesomO 5 538 wikitext text/x-wiki n33bcoin is a very light fork of bitcoin 0.14.3 code base, so we can learn more about bitcoin by doing (without losing/risking your bitcoin) Bitcoin is one of the grestest open source projects of are time and should come with a free and open education project to go along side it. Buying and losing bitcoin can be expensive. But thanks to bitcoin being free and open source software, learning about bitcoin by creating and playing with your very own fork is not. Can be done solo or with friends, family, and everyone else. Can create and run your coin on hardware that costs less than £100. * N33Bcoin 0.0.1 - How to create your own coin by forking bitcoin 0.14.3 code base. ** https://www.completenoobs.com/noobs/N33Bcoin_0.0.1 * Run n33bcoin on windows - using virtualbox ** https://www.completenoobs.com/noobs/Windows_10_VirtualBox_N33Bcoin * Create your own cold storage address ** https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin *N33B coins current plan/path - N33B coins is currently only for educational purposes and may change and start from scratch without warning. **<b>Proof of Work (PoW) Phase</b>: The initial distribution will occur through PoW, with a maximum of 33,333,333 N33B coins mineable. For Learning PoW and Creating a Fork of Bitcoin. ** PoW is not ideal for distribution in this project, so the shift to DPoS/PoS will align with our goal of a 33 billion coin supply while giving some value to early mined coins. **<b>Transition to DPoS/PoS</b>: Upon switching to Delegated Proof of Stake (DPoS) or Proof of Stake (PoS), the total supply will inflate to exactly 33,333,333,333 N33B coins. **<b>1:1 Conversion</b>: PoW-mined coins will convert 1:1 into the new DPoS/PoS system. For example, if 22,000,000 N33B coins are mined during the PoW phase at the time of the snapshot, the total supply will be increased by 33,311,333,333 coins to reach the target of 33,333,333,333. No pro-rata adjustments will be applied to PoW coins. Currently searching for a DPoS/PoS blockchain model for CompleteNoobs to fund and host content. ===Todo=== * Explorer * Mining Pool * GUI Wallet * Exchange contacts * Lightning n33bcoin * How does bitcoin software get updated * 51% mining attact * Can someone take over bitcoin and increase coin supply? * snapshot blockchain and move to POS and/or DPOS do7icf9lkf1jm7e6k9ml9zja317ke55 621 538 2025-07-11T19:35:51Z AwesomO 5 621 wikitext text/x-wiki n33bcoin is a very light fork of bitcoin 0.14.3 code base, so we can learn more about bitcoin by doing (without losing/risking your bitcoin) Bitcoin is one of the grestest open source projects of are time and should come with a free and open education project to go along side it. Buying and losing bitcoin can be expensive. But thanks to bitcoin being free and open source software, learning about bitcoin by creating and playing with your very own fork is not. Can be done solo or with friends, family, and everyone else. Can create and run your coin on hardware that costs less than £100. * N33Bcoin 0.0.1 - How to create your own coin by forking bitcoin 0.14.3 code base. ** https://www.completenoobs.com/noobs/N33Bcoin_0.0.1 * Run n33bcoin on windows - using virtualbox ** https://www.completenoobs.com/noobs/Windows_10_VirtualBox_N33Bcoin * Create your own cold storage address ** https://www.completenoobs.com/noobs/N33Bcoin_Address_Generator_Bitcoin * Create an Explorer for your coin *N33B coins current plan/path - N33B coins is currently only for educational purposes and may change and start from scratch without warning. **<b>Proof of Work (PoW) Phase</b>: The initial distribution will occur through PoW, with a maximum of 33,333,333 N33B coins mineable. For Learning PoW and Creating a Fork of Bitcoin. ** PoW is not ideal for distribution in this project, so the shift to DPoS/PoS will align with our goal of a 33 billion coin supply while giving some value to early mined coins. **<b>Transition to DPoS/PoS</b>: Upon switching to Delegated Proof of Stake (DPoS) or Proof of Stake (PoS), the total supply will inflate to exactly 33,333,333,333 N33B coins. **<b>1:1 Conversion</b>: PoW-mined coins will convert 1:1 into the new DPoS/PoS system. For example, if 22,000,000 N33B coins are mined during the PoW phase at the time of the snapshot, the total supply will be increased by 33,311,333,333 coins to reach the target of 33,333,333,333. No pro-rata adjustments will be applied to PoW coins. Currently searching for a DPoS/PoS blockchain model for CompleteNoobs to fund and host content. ===Todo=== * Explorer * Mining Pool * GUI Wallet * Exchange contacts * Lightning n33bcoin * How does bitcoin software get updated * 51% mining attact * Can someone take over bitcoin and increase coin supply? * snapshot blockchain and move to POS and/or DPOS l3w2p05bc28nlf4b513vr7sjgfyxvmq 0 163 529 2025-05-05T08:24:05Z AwesomO 5 Created page with " * '''NOTE''': This tut is running in a ubuntu 24.04 lxc container as user ubuntu. <code>apt update && apt upgrade -y</code> already done. * This tut is an example using smtp2go.com ==ssmtp setup== You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible..." 529 wikitext text/x-wiki * '''NOTE''': This tut is running in a ubuntu 24.04 lxc container as user ubuntu. <code>apt update && apt upgrade -y</code> already done. * This tut is an example using smtp2go.com ==ssmtp setup== You can use a number of email providers for sending emails from server using ssmtp.<br \> I am going to use <b>smtp2go.com</b> they do provide a free service if you wish to try. <div class="toccolours mw-collapsible mw-collapsed"> smtp2go details: <div class="mw-collapsible-content"> https://www.smtp2go.com/<br \> Has a Free Plan # 1000 emails per month # 5 days of email reporting # Ticket support only <br \> Do not use you username and password you used to sign up!<br \> Go to https://app.smtp2go.com/sending/smtp_users/ <br \> Or 'Sending' > 'SMTP Users'<br> And create/add a SMTP User account.<br \> The User created will be given a good password by default.<br \> Use this username and password for ssmtp.<br \> In this example i have the username "<b>noobwiki</b>" and the password "<b>N0tTelinu</b>" </div> </div> ===ssmtp=== <code>sudo apt install ssmtp -y</code> <code>sudo $EDITOR /etc/ssmtp/ssmtp.conf</code> <pre> mailhub=mail.smtp2go.com:587 AuthUser=noobwiki AuthPass=N0tTelinu UseSTARTTLS=YES FromLineOverride=YES hostname=completenoobs.com </pre> <div class="toccolours mw-collapsible mw-collapsed"> Why use <code>hostname=completenoobs.com</code> <div class="mw-collapsible-content"> "hostname" needed for ubuntu unattended upgrades to send email.<br \> If missing: will get "(550 unable to verify sender address.)" <br \> If using <code>hostname=localhost</code> "(550 "Localhost" unnaceptable, you must use a public domain-name.)"<br \> If using <code>hostname=admin@completenoobs.com</code> "501 <root@admin@completenoobs.com>: malformed address: @completenoobs.com> may not follow <root@admin" </div> </div> <br \> Do not use user@smtp2go.com as the sender address! you need an email address that has an MX record(mail exchanger record) at its domain name. <br \> <code>sudo $EDITOR /etc/ssmtp/revaliases</code><br \> <pre> root:admin@completenoobs.com:mail.smtp2go.com:587 ubuntu:admin@completenoobs.com:mail.smtp2go.com:587 </pre> ===550 verify the sender domain or email to be allowed to send=== * <code>550 verify the sender domain or email to be allowed to send.</code> This is new to me on smtp2go.com , must be to stop people spamming https://app-eu.smtp2go.com/sending/verified_senders/ Select user name you are going to use. You'll need to edit the DNS settings of your domain name. This is so they know its your domain. I went to Namecheap and entered 3 CNAME records to my domain, then verified and short wait SSL Certificate pending. <pre> SSL Certificate pending An SSL certificate for the tracking domain has been requested and will be available shortly. </pre> * Less then a minute later <pre> SSL Certificate enabled An SSL certificate for the tracking domain has been enabled and will automatically renew. Issued on: 05/05/2025 </pre> Good to go ===usermod=== <br \> usermod can be used to change the email senders name/address.<br \> Instead of your mail coming from 'root' or 'ubuntu' or any other user account.<br \> <b>usermod -c "emailSenderName" <account_sending></b><br \> * Example:<code>usermod -c "completenoobslxc" root</code><br \> <code>sudo usermod -c "MyFirstSSMPT@server.yer" ubuntu</code><br \> Send Test eMail<br \> Create a file and add subject header and some content.<br \> <code>$EDITOR test-mail.txt</code><br \> <pre> Subject:test email Greetings fellow noob. </pre><br \> Save and Exit<br \> Now send the email:<br \> <code>sendmail email@address2receive.mail < test-mail.txt</code><br \> Don't forget to check your spam folder if you don't see email<br \> Once tested and email sent, you can delete <b>test-mail.txt</b>.<br \> <code>rm test-mail.txt</code> ===sendmail notes=== <div class="toccolours mw-collapsible mw-collapsed"> If the sendmail command locks your terminal and CTRL+c does not work <div class="mw-collapsible-content"> Use <code>CTRL+z</code> which will send a SIGTSTP signal which will put the process to sleep.<br \> use jobs to see the sleeping process.<br \> <code>jobs</code><br \> and kill %<JOBNUMBER><br \> <code>kill %1</code> <br \> you can also use <code>ps ax</code> to list processes running on your computer and <code>kill -9 <PROCESS-NUMBER></code> to kill process. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> sendmail in verbose mode for more details: <div class="mw-collapsible-content"> More info can be found in the man page <code>man sendmail</code><br \> Use the verbose flag <b>-v</b><br \> <code>sendmail -v email@address2receive.mail < test-mail.txt</code> </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Check mail logs for errors: <div class="mw-collapsible-content"> send mail error log can be found in<br \> <code>/var/log/mail.err</code><br \> and sendmail log can be found:<br \> <code>/var/log/mail.log</code> </div> </div> ===Mail Received=== '''Was in Spam folder''' * Sender: MyFirstSSMTP@server.yer * Subject: Greetings * Content: Greeting Fellow Noob. 3c3lsh8ib16h5bg84w1we84gwz1c02f 2 164 530 2025-05-15T00:24:21Z LudieAshby267 13 Created page with "I am an educator of English and I have been showing for more than ten years. I have actually constantly been passionate about helping others to discover and boost their language skills. Mentor, I have one more passion-- sexual literature. I write it in my downtime and try to incorporate my 2 interests-- teaching and erotica. This mix might appear odd but it is the most effective method for me to share myself. I write stories that are balmy and yet academic at the very sa..." 530 wikitext text/x-wiki I am an educator of English and I have been showing for more than ten years. I have actually constantly been passionate about helping others to discover and boost their language skills. Mentor, I have one more passion-- sexual literature. I write it in my downtime and try to incorporate my 2 interests-- teaching and erotica. This mix might appear odd but it is the most effective method for me to share myself. I write stories that are balmy and yet academic at the very same time. I hope you will enjoy them and perhaps even learn something new.<br><br>Also visit my page :: [https://gogogocheck1.com gogogocheck] trgrx9yy9a6heyirijb662ne10rc4iy 536 530 2025-05-17T14:10:40Z AwesomO 5 Replaced content with "BOT delete" 536 wikitext text/x-wiki BOT delete 1jh3zdoxfj39bpb76g7erw651e4tzws 2 165 531 2025-05-16T06:12:07Z TeganVinci003 14 Created page with "I am Gabriela from Sittich. I love to play Clarinet. Other hobbies are Weightlifting." 531 wikitext text/x-wiki I am Gabriela from Sittich. I love to play Clarinet. Other hobbies are Weightlifting. 60i5doi1h2hvz2l5dbob95dt0vyc86a 535 531 2025-05-17T14:10:10Z AwesomO 5 535 wikitext text/x-wiki BOT delete 1jh3zdoxfj39bpb76g7erw651e4tzws 540 535 2025-05-22T20:11:17Z TeganVinci003 14 540 wikitext text/x-wiki Hello, I'm Jenny, a 25 year old from Lotzwil, Switzerland.<br>My hobbies include (but are not limited to) Vintage clothing, College football and watching Psych. jfutrn3gsiihqrcf91vkdouq3nzo53q 542 540 2025-05-28T03:22:23Z TeganVinci003 14 542 wikitext text/x-wiki I'm a 43 years old and work at the college (Neuroscience).<br>In my free time I'm trying to teach myself Bengali. I have been twicethere and look forward to returning sometime near future. I like to read, preferably on my ipad. I really love to watch Game of Thrones and NCIS as well as documentaries about nature. I enjoy Skydiving.<br><br>Feel free to visit my webpage; [https://homebasetutor.com/ online reading help] o7o3rlnclkyoqk4dq67tqbehr6182j4 543 542 2025-05-29T13:15:40Z AwesomO 5 Replaced content with "Bot Spam" 543 wikitext text/x-wiki Bot Spam rs0pvovttosyk4x4m1zwcbxqo4jkqx0 2 166 537 2025-05-18T08:25:21Z DaltonBarksdale 15 Created page with "Our writer, a former instructor, has actually currently transformed to writing erotic tales and this is a representation of his or her experience in the classroom. His or her tales are a combination of the scholastic setting and the sex-related needs that are generally kept hidden.<br><br>Take a look at my web page [https://gogogocheck1.com gogogocheck]" 537 wikitext text/x-wiki Our writer, a former instructor, has actually currently transformed to writing erotic tales and this is a representation of his or her experience in the classroom. His or her tales are a combination of the scholastic setting and the sex-related needs that are generally kept hidden.<br><br>Take a look at my web page [https://gogogocheck1.com gogogocheck] ivazy16s8abfb5s916isp02wjhiehhv 539 537 2025-05-19T17:22:21Z AwesomO 5 Replaced content with "Bot Delete Spam" 539 wikitext text/x-wiki Bot Delete Spam qw9d65iaop5op6rvt9jqlg7qlhenitp 2 167 541 2025-05-26T03:23:27Z ConnieHolly296 16 Created page with "I am your guide with this sensuous journey and I have actually always been attracted by the prohibited. I have constantly been attracted to the power dynamics, the attire, and the scholastic setting. Rest back, unwind and allow me take you on a journey of passion and knowledge.<br><br>Feel free to visit my site [https://gogogocheck1.com gogogocheck]" 541 wikitext text/x-wiki I am your guide with this sensuous journey and I have actually always been attracted by the prohibited. I have constantly been attracted to the power dynamics, the attire, and the scholastic setting. Rest back, unwind and allow me take you on a journey of passion and knowledge.<br><br>Feel free to visit my site [https://gogogocheck1.com gogogocheck] hm6ed049immhestchki5r4a3yp3r2ic 544 541 2025-05-29T13:16:00Z AwesomO 5 Replaced content with "BotSpam" 544 wikitext text/x-wiki BotSpam svzff40u7ydxonr3qepoefh0xirbdpi 0 168 545 2025-05-29T15:41:34Z AwesomO 5 Created page with "== Hex Numbers Explained == === What Are Hexadecimal Numbers? === Hexadecimal (or "hex") is a base-16 number system used to represent numbers in a compact, human-readable way, especially in computing. Unlike the decimal system (base-10), which uses digits 0–9, hexadecimal uses 16 symbols: 0–9 for values 0–9 and A–F (or a–f) for values 10–15. '''Hex Symbol Values:''' * 0–9 represent 0–9 * A = 10, B = 11, C = 12, D = 13, E = 14, F = 15 Hex numbers are wi..." 545 wikitext text/x-wiki == Hex Numbers Explained == === What Are Hexadecimal Numbers? === Hexadecimal (or "hex") is a base-16 number system used to represent numbers in a compact, human-readable way, especially in computing. Unlike the decimal system (base-10), which uses digits 0–9, hexadecimal uses 16 symbols: 0–9 for values 0–9 and A–F (or a–f) for values 10–15. '''Hex Symbol Values:''' * 0–9 represent 0–9 * A = 10, B = 11, C = 12, D = 13, E = 14, F = 15 Hex numbers are widely used in programming, digital electronics, and color codes (e.g., #FF0000 for red in web design) because they align with binary (base-2), the language of computers, where one hex digit represents four binary digits (bits). === How Hex Numbers Work === Hex numbers are read in blocks of digits, where each digit’s position represents a power of 16. To convert a hex number to decimal (base-10), multiply each digit by 16 raised to the power of its position (starting from 0 on the right) and sum the results. '''For a two-digit hex number (e.g., XY):''' * X (left digit) is multiplied (x16) by 16¹ (16). * Y (right digit) is multiplied (x1) by 16⁰ (1). * Add the results to get the decimal value. '''Examples:''' * '''01''': (0 × 16) + (1 × 1) = 0 + 1 = '''1''' * '''A4''': (10 × 16) + (4 × 1) = 160 + 4 = '''164''' * '''E4''': (14 × 16) + (4 × 1) = 224 + 4 = '''228''' * '''FF''': (15 × 16) + (15 × 1) = 240 + 15 = '''255''' === Why Use Hexadecimal? === Hexadecimal is compact and efficient for representing large binary numbers. For example: * Binary <code>11111111</code> = Hex <code>FF</code> = Decimal <code>255</code>. * One hex digit represents four bits, so two hex digits can represent a byte (8 bits), making it easier to read and write than long binary strings. Hex is common in: * '''Programming''': Memory addresses, machine code. * '''Color Codes''': RGB values (e.g., #FFFFFF = white). * '''Digital Systems''': Representing binary data in hardware design. === A Brief History of Hexadecimal === The hexadecimal system was popularized in the 1950s and 1960s with the rise of digital computing. Early computers used binary, but it was cumbersome for humans. Hexadecimal emerged as a practical solution because it maps directly to binary while being more concise than decimal. IBM and other computer manufacturers adopted hex in their documentation and programming tools. The use of A–F for 10–15 was standardized to avoid confusion with decimal digits. === Converting Between Hex and Other Systems === * '''Hex to Binary''': Each hex digit equals four bits. E.g., <code>A</code> = <code>1010</code>, <code>F</code> = <code>1111</code>. So, <code>A4</code> = <code>10100100</code>. * '''Decimal to Hex''': Divide the decimal number by 16, note the remainder (0–15, using A–F for 10–15), and repeat for the quotient until it’s 0. Read remainders backward. ** Example: 164 ÷ 16 = 10 remainder 4 (4); 10 ÷ 16 = 0 remainder 10 (A). Result: <code>A4</code>. * '''Tools''': Most programming languages (e.g., Python’s <code>hex()</code> function) and calculators handle conversions automatically. === Fun Fact === Hexadecimal is often prefixed with <code>0x</code> (e.g., <code>0xFF</code>) in programming to distinguish it from decimal numbers. This convention started with early programming languages like C. === Try It Yourself === * Convert <code>7B</code> to decimal: (7 × 16) + (11 × 1) = 112 + 11 = '''123'''. * Convert 200 to hex: 200 ÷ 16 = 12 (C) remainder 8. Result: <code>C8</code>. ql16qbhcj63200anusqhiewtuomzv2k 0 169 547 2025-05-29T15:50:29Z AwesomO 5 Created page with " <code>$EDITOR MagicBytes.py</code> <pre> import random def generate_magic_bytes(): while True: # Generate 4 random bytes magic_bytes = [random.randint(0x80, 0xFF) for _ in range(4)] # Convert to 32-bit integer magic_int = (magic_bytes[0] << 24) | (magic_bytes[1] << 16) | (magic_bytes[2] << 8) | magic_bytes[3] # Check if it's a large number (arbitrarily chosen as > 2 billion) if magic_int > 2000000000: r..." 547 wikitext text/x-wiki <code>$EDITOR MagicBytes.py</code> <pre> import random def generate_magic_bytes(): while True: # Generate 4 random bytes magic_bytes = [random.randint(0x80, 0xFF) for _ in range(4)] # Convert to 32-bit integer magic_int = (magic_bytes[0] << 24) | (magic_bytes[1] << 16) | (magic_bytes[2] << 8) | magic_bytes[3] # Check if it's a large number (arbitrarily chosen as > 2 billion) if magic_int > 2000000000: return magic_bytes def main(): new_magic_bytes = generate_magic_bytes() print("New magic bytes for your Litecoin fork:") for i, byte in enumerate(new_magic_bytes): print(f"pchMessageStart[{i}] = 0x{byte:02x};") print("\nCombined 32-bit integer:", sum(b << (24 - 8*i) for i, b in enumerate(new_magic_bytes))) if __name__ == "__main__": main() </pre> * Run with <code>python3 MagicBytes.py</code> * Example output: <pre> New magic bytes for your Litecoin fork: pchMessageStart[0] = 0xab; pchMessageStart[1] = 0x99; pchMessageStart[2] = 0x8b; pchMessageStart[3] = 0xc5; Combined 32-bit integer: 2878966725 </pre> 7ra05iweis95ohj8oonzvpjz6c9h731 0 171 553 2025-06-02T22:53:24Z AwesomO 5 Created page with " place holder" 553 wikitext text/x-wiki place holder h4kgxs8oxpp6efjj99porfooygr0w1a 555 553 2025-06-03T00:07:26Z AwesomO 5 555 wikitext text/x-wiki * [[Ubuntu_24.04_SelfHost_AI_Ollama_Thinkpad_T470_External_GPU_Razor_Core_X_with_GeForce_GTX_970| Basic Guide - Ubuntu 24.04 SelfHost AI Ollama Thinkpad T470 External GPU Razor Core X with GeForce GTX 970]] 58z4madku2ukwfee29tmi8idknont7g 0 172 554 2025-06-03T00:06:28Z AwesomO 5 Created page with " * Basic Guide for Self Hosted AI on Ubuntu 24.04 on ThinkPad T470 using external graphics card using Razor Core X with GeForce GTX 970. Did try without GPU, worked but not great. ==Setting up the GPU installing drivers== <div class="toccolours mw-collapsible mw-collapsed"> Graphics Card Ubuntu 24.04 - Razor Core X with GeForce GTX 970: Notes: <div class="mw-collapsible-content"> * Plug in and turn on <code>boltctl</code><br> Ouput:<pre> noob@noob-ThinkPad-T470:~$ bolt..." 554 wikitext text/x-wiki * Basic Guide for Self Hosted AI on Ubuntu 24.04 on ThinkPad T470 using external graphics card using Razor Core X with GeForce GTX 970. Did try without GPU, worked but not great. ==Setting up the GPU installing drivers== <div class="toccolours mw-collapsible mw-collapsed"> Graphics Card Ubuntu 24.04 - Razor Core X with GeForce GTX 970: Notes: <div class="mw-collapsible-content"> * Plug in and turn on <code>boltctl</code><br> Ouput:<pre> noob@noob-ThinkPad-T470:~$ boltctl ● Razer Core X ├─ type: peripheral ├─ name: Core X ├─ vendor: Razer ├─ uuid: 006800e1-6fea-2701-ffff-ffffffffffff ├─ generation: Thunderbolt 3 ├─ status: authorized │ ├─ domain: d2030000-0072-7088-2028-f21a72d5a022 │ ├─ rx speed: 40 Gb/s = 2 lanes * 20 Gb/s │ ├─ tx speed: 40 Gb/s = 2 lanes * 20 Gb/s │ └─ authflags: none ├─ authorized: Sun 01 Jun 2025 02:21:20 PM UTC ├─ connected: Sun 01 Jun 2025 02:21:20 PM UTC └─ stored: Sun 01 Jun 2025 02:21:20 PM UTC ├─ policy: iommu └─ key: no </pre> * Check Graphics card picked up <code>lspci | grep -E -i 'vga|3d|2d'</code><br> OutPut: <pre> noob@noob-ThinkPad-T470:~$ lspci | grep -E -i 'vga|3d|2d' 00:02.0 VGA compatible controller: Intel Corporation Skylake GT2 [HD Graphics 520] (rev 07) 0a:00.0 VGA compatible controller: NVIDIA Corporation GM204 [GeForce GTX 970] (rev a1) </pre> * Check Drivers <code>nvidia-smi</code><br> OutPut: <pre> noob@noob-ThinkPad-T470:~$ nvidia-smi Command 'nvidia-smi' not found, but can be installed with: sudo apt install nvidia-utils-525 # version 525.147.05-0ubuntu1, or sudo apt install nvidia-utils-525-server # version 525.147.05-0ubuntu1 sudo apt install nvidia-utils-470 # version 470.256.02-0ubuntu0.24.04.1 sudo apt install nvidia-utils-470-server # version 470.256.02-0ubuntu0.24.04.1 sudo apt install nvidia-utils-535 # version 535.183.01-0ubuntu0.24.04.1 sudo apt install nvidia-utils-535-server # version 535.230.02-0ubuntu0.24.04.3 sudo apt install nvidia-utils-550 # version 550.120-0ubuntu0.24.04.1 sudo apt install nvidia-utils-570-server # version 570.86.15-0ubuntu0.24.04.4 sudo apt install nvidia-utils-565-server # version 565.57.01-0ubuntu0.24.04.3 sudo apt install nvidia-utils-550-server # version 550.144.03-0ubuntu0.24.04.1 </pre> * Install Drivers using auto install <code>sudo ubuntu-drivers autoinstall</code><br> OutPut: <pre> noob@noob-ThinkPad-T470:~$ sudo ubuntu-drivers autoinstall [sudo] password for noob: udevadm hwdb is deprecated. Use systemd-hwdb instead. udevadm hwdb is deprecated. Use systemd-hwdb instead. udevadm hwdb is deprecated. Use systemd-hwdb instead. udevadm hwdb is deprecated. Use systemd-hwdb instead. udevadm hwdb is deprecated. Use systemd-hwdb instead. udevadm hwdb is deprecated. Use systemd-hwdb instead. udevadm hwdb is deprecated. Use systemd-hwdb instead. Reading package lists... Done Building dependency tree... Done Reading state information... Done The following packages were automatically installed and are no longer required: libllvm17t64 python3-netifaces Use 'sudo apt autoremove' to remove them. The following additional packages will be installed: libnvidia-cfg1-570 libnvidia-common-570 libnvidia-compute-570 libnvidia-decode-570 libnvidia-egl-wayland1 libnvidia-encode-570 libnvidia-extra-570 libnvidia-fbc1-570 libnvidia-gl-570 libxnvctrl0 linux-modules-nvidia-570-6.8.0-60-generic linux-objects-nvidia-570-6.8.0-60-generic linux-signatures-nvidia-6.8.0-60-generic nvidia-compute-utils-570 nvidia-firmware-570-570.133.07 nvidia-kernel-common-570 nvidia-kernel-source-570 nvidia-settings nvidia-utils-570 screen-resolution-extra xserver-xorg-video-nvidia-570 Recommended packages: libnvidia-compute-570:i386 libnvidia-decode-570:i386 libnvidia-encode-570:i386 libnvidia-fbc1-570:i386 libnvidia-gl-570:i386 The following NEW packages will be installed: libnvidia-cfg1-570 libnvidia-common-570 libnvidia-compute-570 libnvidia-decode-570 libnvidia-egl-wayland1 libnvidia-encode-570 libnvidia-extra-570 libnvidia-fbc1-570 libnvidia-gl-570 libxnvctrl0 linux-modules-nvidia-570-6.8.0-60-generic linux-modules-nvidia-570-generic linux-objects-nvidia-570-6.8.0-60-generic linux-signatures-nvidia-6.8.0-60-generic nvidia-compute-utils-570 nvidia-driver-570 nvidia-firmware-570-570.133.07 nvidia-kernel-common-570 nvidia-kernel-source-570 nvidia-settings nvidia-utils-570 screen-resolution-extra xserver-xorg-video-nvidia-570 0 upgraded, 23 newly installed, 0 to remove and 1 not upgraded. Need to get 449 MB of archives. After this operation, 1,175 MB of additional disk space will be used. Get:1 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 libnvidia-cfg1-570 amd64 570.133.07-0ubuntu0.24.04.1 [157 kB] Get:2 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 libnvidia-common-570 all 570.133.07-0ubuntu0.24.04.1 [16.2 kB] Get:3 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 libnvidia-compute-570 amd64 570.133.07-0ubuntu0.24.04.1 [48.3 MB] Get:4 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 libnvidia-decode-570 amd64 570.133.07-0ubuntu0.24.04.1 [2,825 kB] Get:5 http://archive.ubuntu.com/ubuntu noble/main amd64 libnvidia-egl-wayland1 amd64 1:1.1.13-1build1 [30.7 kB] Get:6 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 libnvidia-encode-570 amd64 570.133.07-0ubuntu0.24.04.1 [112 kB] Get:7 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 libnvidia-extra-570 amd64 570.133.07-0ubuntu0.24.04.1 [77.2 kB] Get:8 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 libnvidia-fbc1-570 amd64 570.133.07-0ubuntu0.24.04.1 [106 kB] Get:9 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 libnvidia-gl-570 amd64 570.133.07-0ubuntu0.24.04.1 [169 MB] Get:10 http://archive.ubuntu.com/ubuntu noble/main amd64 libxnvctrl0 amd64 510.47.03-0ubuntu4 [12.6 kB] Get:11 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 linux-signatures-nvidia-6.8.0-60-generic amd64 6.8.0-60.63+1 [31.2 kB] Get:12 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 linux-objects-nvidia-570-6.8.0-60-generic amd64 6.8.0-60.63+1 [85.8 MB] Get:13 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 nvidia-firmware-570-570.133.07 amd64 570.133.07-0ubuntu0.24.04.1 [65.7 MB] Get:14 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 nvidia-kernel-common-570 amd64 570.133.07-0ubuntu0.24.04.1 [122 kB] Get:15 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 linux-modules-nvidia-570-6.8.0-60-generic amd64 6.8.0-60.63+1 [15.4 kB] Get:16 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 linux-modules-nvidia-570-generic amd64 6.8.0-60.63+1 [13.7 kB] Get:17 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 nvidia-compute-utils-570 amd64 570.133.07-0ubuntu0.24.04.1 [125 kB] Get:18 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 nvidia-kernel-source-570 amd64 570.133.07-0ubuntu0.24.04.1 [72.6 MB] Get:19 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 nvidia-utils-570 amd64 570.133.07-0ubuntu0.24.04.1 [552 kB] Get:20 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 xserver-xorg-video-nvidia-570 amd64 570.133.07-0ubuntu0.24.04.1 [1,780 kB] Get:21 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 nvidia-driver-570 amd64 570.133.07-0ubuntu0.24.04.1 [499 kB] Get:22 http://archive.ubuntu.com/ubuntu noble/main amd64 screen-resolution-extra all 0.18.3 [4,078 B] Get:23 http://archive.ubuntu.com/ubuntu noble/main amd64 nvidia-settings amd64 510.47.03-0ubuntu4 [898 kB] Fetched 449 MB in 56s (7,996 kB/s) Preconfiguring packages ... Selecting previously unselected package libnvidia-cfg1-570:amd64. (Reading database ... 322419 files and directories currently installed.) Preparing to unpack .../00-libnvidia-cfg1-570_570.133.07-0ubuntu0.24.04.1_amd64.deb ... Unpacking libnvidia-cfg1-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package libnvidia-common-570. Preparing to unpack .../01-libnvidia-common-570_570.133.07-0ubuntu0.24.04.1_all.deb ... Unpacking libnvidia-common-570 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package libnvidia-compute-570:amd64. Preparing to unpack .../02-libnvidia-compute-570_570.133.07-0ubuntu0.24.04.1_amd64.deb ... Unpacking libnvidia-compute-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package libnvidia-decode-570:amd64. Preparing to unpack .../03-libnvidia-decode-570_570.133.07-0ubuntu0.24.04.1_amd64.deb ... Unpacking libnvidia-decode-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package libnvidia-egl-wayland1:amd64. Preparing to unpack .../04-libnvidia-egl-wayland1_1%3a1.1.13-1build1_amd64.deb ... Unpacking libnvidia-egl-wayland1:amd64 (1:1.1.13-1build1) ... Selecting previously unselected package libnvidia-encode-570:amd64. Preparing to unpack .../05-libnvidia-encode-570_570.133.07-0ubuntu0.24.04.1_amd64.deb ... Unpacking libnvidia-encode-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package libnvidia-extra-570:amd64. Preparing to unpack .../06-libnvidia-extra-570_570.133.07-0ubuntu0.24.04.1_amd64.deb ... Unpacking libnvidia-extra-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package libnvidia-fbc1-570:amd64. Preparing to unpack .../07-libnvidia-fbc1-570_570.133.07-0ubuntu0.24.04.1_amd64.deb ... Unpacking libnvidia-fbc1-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package libnvidia-gl-570:amd64. Preparing to unpack .../08-libnvidia-gl-570_570.133.07-0ubuntu0.24.04.1_amd64.deb ... dpkg-query: no packages found matching libnvidia-gl-550 Unpacking libnvidia-gl-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package libxnvctrl0:amd64. Preparing to unpack .../09-libxnvctrl0_510.47.03-0ubuntu4_amd64.deb ... Unpacking libxnvctrl0:amd64 (510.47.03-0ubuntu4) ... Selecting previously unselected package linux-signatures-nvidia-6.8.0-60-generic. Preparing to unpack .../10-linux-signatures-nvidia-6.8.0-60-generic_6.8.0-60.63+1_amd64.deb ... Unpacking linux-signatures-nvidia-6.8.0-60-generic (6.8.0-60.63+1) ... Selecting previously unselected package linux-objects-nvidia-570-6.8.0-60-generic. Preparing to unpack .../11-linux-objects-nvidia-570-6.8.0-60-generic_6.8.0-60.63+1_amd64.deb ... Unpacking linux-objects-nvidia-570-6.8.0-60-generic (6.8.0-60.63+1) ... Selecting previously unselected package nvidia-firmware-570-570.133.07. Preparing to unpack .../12-nvidia-firmware-570-570.133.07_570.133.07-0ubuntu0.24.04.1_amd64.deb ... Unpacking nvidia-firmware-570-570.133.07 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package nvidia-kernel-common-570. Preparing to unpack .../13-nvidia-kernel-common-570_570.133.07-0ubuntu0.24.04.1_amd64.deb ... Unpacking nvidia-kernel-common-570 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package linux-modules-nvidia-570-6.8.0-60-generic. Preparing to unpack .../14-linux-modules-nvidia-570-6.8.0-60-generic_6.8.0-60.63+1_amd64.deb ... Unpacking linux-modules-nvidia-570-6.8.0-60-generic (6.8.0-60.63+1) ... Selecting previously unselected package linux-modules-nvidia-570-generic. Preparing to unpack .../15-linux-modules-nvidia-570-generic_6.8.0-60.63+1_amd64.deb ... Unpacking linux-modules-nvidia-570-generic (6.8.0-60.63+1) ... Selecting previously unselected package nvidia-compute-utils-570. Preparing to unpack .../16-nvidia-compute-utils-570_570.133.07-0ubuntu0.24.04.1_amd64.deb ... Unpacking nvidia-compute-utils-570 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package nvidia-kernel-source-570. Preparing to unpack .../17-nvidia-kernel-source-570_570.133.07-0ubuntu0.24.04.1_amd64.deb ... Unpacking nvidia-kernel-source-570 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package nvidia-utils-570. Preparing to unpack .../18-nvidia-utils-570_570.133.07-0ubuntu0.24.04.1_amd64.deb ... Unpacking nvidia-utils-570 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package xserver-xorg-video-nvidia-570. Preparing to unpack .../19-xserver-xorg-video-nvidia-570_570.133.07-0ubuntu0.24.04.1_amd64.deb ... Unpacking xserver-xorg-video-nvidia-570 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package nvidia-driver-570. Preparing to unpack .../20-nvidia-driver-570_570.133.07-0ubuntu0.24.04.1_amd64.deb ... Unpacking nvidia-driver-570 (570.133.07-0ubuntu0.24.04.1) ... Selecting previously unselected package screen-resolution-extra. Preparing to unpack .../21-screen-resolution-extra_0.18.3_all.deb ... Unpacking screen-resolution-extra (0.18.3) ... Selecting previously unselected package nvidia-settings. Preparing to unpack .../22-nvidia-settings_510.47.03-0ubuntu4_amd64.deb ... Unpacking nvidia-settings (510.47.03-0ubuntu4) ... Setting up libnvidia-extra-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Setting up nvidia-firmware-570-570.133.07 (570.133.07-0ubuntu0.24.04.1) ... Setting up nvidia-kernel-source-570 (570.133.07-0ubuntu0.24.04.1) ... Setting up linux-objects-nvidia-570-6.8.0-60-generic (6.8.0-60.63+1) ... Setting up linux-signatures-nvidia-6.8.0-60-generic (6.8.0-60.63+1) ... Setting up libxnvctrl0:amd64 (510.47.03-0ubuntu4) ... Setting up libnvidia-egl-wayland1:amd64 (1:1.1.13-1build1) ... Setting up libnvidia-common-570 (570.133.07-0ubuntu0.24.04.1) ... Setting up libnvidia-cfg1-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Setting up screen-resolution-extra (0.18.3) ... Setting up libnvidia-compute-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Setting up nvidia-settings (510.47.03-0ubuntu4) ... Setting up libnvidia-fbc1-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Setting up libnvidia-decode-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Setting up xserver-xorg-video-nvidia-570 (570.133.07-0ubuntu0.24.04.1) ... Setting up nvidia-kernel-common-570 (570.133.07-0ubuntu0.24.04.1) ... update-initramfs: deferring update (trigger activated) Created symlink /etc/systemd/system/systemd-hibernate.service.wants/nvidia-hibernate.service → /usr/lib/systemd/system/nvidia-hibernate.service. Created symlink /etc/systemd/system/systemd-suspend.service.wants/nvidia-resume.service → /usr/lib/systemd/system/nvidia-resume.service. Created symlink /etc/systemd/system/systemd-hibernate.service.wants/nvidia-resume.service → /usr/lib/systemd/system/nvidia-resume.service. Created symlink /etc/systemd/system/systemd-suspend-then-hibernate.service.wants/nvidia-resume.service → /usr/lib/systemd/system/nvidia-resume.service. Created symlink /etc/systemd/system/systemd-suspend.service.wants/nvidia-suspend.service → /usr/lib/systemd/system/nvidia-suspend.service. Setting up linux-modules-nvidia-570-6.8.0-60-generic (6.8.0-60.63+1) ... linux-image-nvidia-6.8.0-60-generic: constructing .ko files nvidia-drm.ko: OK nvidia-modeset.ko: OK nvidia-peermem.ko: OK nvidia-uvm.ko: OK nvidia.ko: OK Setting up libnvidia-gl-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Setting up nvidia-utils-570 (570.133.07-0ubuntu0.24.04.1) ... Setting up nvidia-compute-utils-570 (570.133.07-0ubuntu0.24.04.1) ... info: The home dir /nonexistent you specified can't be accessed: No such file or directory info: Selecting UID from range 100 to 999 ... info: Selecting GID from range 100 to 999 ... info: Adding system user `nvidia-persistenced' (UID 123) ... info: Adding new group `nvidia-persistenced' (GID 127) ... info: Adding new user `nvidia-persistenced' (UID 123) with group `nvidia-persistenced' ... info: Not creating `/nonexistent'. Setting up linux-modules-nvidia-570-generic (6.8.0-60.63+1) ... Setting up libnvidia-encode-570:amd64 (570.133.07-0ubuntu0.24.04.1) ... Setting up nvidia-driver-570 (570.133.07-0ubuntu0.24.04.1) ... Processing triggers for mailcap (3.70+nmu1ubuntu1) ... Processing triggers for bamfdaemon (0.5.6+22.04.20220217-0ubuntu5) ... Rebuilding /usr/share/applications/bamf-2.index... Processing triggers for desktop-file-utils (0.27-2build1) ... Processing triggers for initramfs-tools (0.142ubuntu25.5) ... update-initramfs: Generating /boot/initrd.img-6.8.0-60-generic Processing triggers for gnome-menus (3.36.0-1.1ubuntu3) ... Processing triggers for mate-menus (1.26.1-1build3) ... Processing triggers for libc-bin (2.39-0ubuntu8.4) ... Processing triggers for man-db (2.12.0-4build2) ... Processing triggers for linux-image-6.8.0-60-generic (6.8.0-60.63) ... /etc/kernel/postinst.d/dkms: * dkms: running auto installation service for kernel 6.8.0-60-generic * dkms: autoinstall for kernel 6.8.0-60-generic ...done. /etc/kernel/postinst.d/initramfs-tools: update-initramfs: Generating /boot/initrd.img-6.8.0-60-generic /etc/kernel/postinst.d/zz-update-grub: Sourcing file `/etc/default/grub' Generating grub configuration file ... Found linux image: /boot/vmlinuz-6.8.0-60-generic Found initrd image: /boot/initrd.img-6.8.0-60-generic Found linux image: /boot/vmlinuz-6.8.0-58-generic Found initrd image: /boot/initrd.img-6.8.0-58-generic Found memtest86+ 64bit EFI image: /boot/memtest86+x64.efi Warning: os-prober will not be executed to detect other bootable partitions. Systems on them will not be added to the GRUB boot configuration. Check GRUB_DISABLE_OS_PROBER documentation entry. Adding boot menu entry for UEFI Firmware Settings ... done </pre> * CHeck <pre> noob@noob-ThinkPad-T470:~$ nvidia-smi NVIDIA-SMI has failed because it couldn't communicate with the NVIDIA driver. Make sure that the latest NVIDIA driver is installed and running. noob@noob-ThinkPad-T470:~$ sudo nvidia-smi NVIDIA-SMI has failed because it couldn't communicate with the NVIDIA driver. Make sure that the latest NVIDIA driver is installed and running. </pre> * Reboot * After Reboot <code>nvidia-smi</code><br> Output: <pre> noob@noob-ThinkPad-T470:~$ nvidia-smi Sun Jun 1 15:36:34 2025 +-----------------------------------------------------------------------------------------+ | NVIDIA-SMI 570.133.07 Driver Version: 570.133.07 CUDA Version: 12.8 | |-----------------------------------------+------------------------+----------------------+ | GPU Name Persistence-M | Bus-Id Disp.A | Volatile Uncorr. ECC | | Fan Temp Perf Pwr:Usage/Cap | Memory-Usage | GPU-Util Compute M. | | | | MIG M. | |=========================================+========================+======================| | 0 NVIDIA GeForce GTX 970 Off | 00000000:0A:00.0 Off | N/A | | 0% 44C P8 14W / 163W | 2MiB / 4096MiB | 0% Default | | | | N/A | +-----------------------------------------+------------------------+----------------------+ +-----------------------------------------------------------------------------------------+ | Processes: | | GPU GI CI PID Type Process name GPU Memory | | ID ID Usage | |=========================================================================================| | No running processes found | +-----------------------------------------------------------------------------------------+ </pre> Now we are good to go. Yay. </div> </div> ==Ollama installing Llama on ubuntu-mate 24.04== * https://ollama.com/download ** If not installed install curl <code>sudo apt install curl</code> Ollama makes installing Llama easy * Install in one line: <code>curl -fsSL https://ollama.com/install.sh | sh</code> <div class="toccolours mw-collapsible mw-collapsed"> If You want to read script before running: <div class="mw-collapsible-content"> * create download directory <code>mkdir ~/Ollama</code> * Download script <code>wget https://ollama.com/install.sh</code> * After reading script run with shell (its a shell script and not bash) <code>/usr/bin/sh install.sh</code> </div> </div> OutPut: <pre> noob@noob-ThinkPad-T470:~/Ollama$ /usr/bin/sh install.sh >>> Installing ollama to /usr/local [sudo] password for noob: >>> Downloading Linux amd64 bundle ####################################################################################################################################################################################### 100.0% >>> Creating ollama user... >>> Adding ollama user to render group... >>> Adding ollama user to video group... >>> Adding current user to ollama group... >>> Creating ollama systemd service... >>> Enabling and starting ollama service... Created symlink /etc/systemd/system/default.target.wants/ollama.service → /etc/systemd/system/ollama.service. >>> NVIDIA GPU installed. </pre> * Verify the installation <code>ollama --version</code><br> OutPut: <pre>ollama version is 0.9.0</pre> ==Selecting a Model to Download and install== * https://ollama.com/library Helpful info on picking a good AI for your box: * '''<number>b''' (e.g., llama3.1:8b): The b means billion parameters. For example, 8b = 8 billion parameters. Parameters are like the "brain cells" of an AI model—numbers that store what the model has learned. More parameters (e.g., 8b vs. 1b) mean the model can understand and generate more complex responses but needs more computer power and memory. * '''8x22B''' (e.g., Mixtral 8x22B): This is a Mixture of Experts (MoE) model with 8 sub-models ("experts"), each with ~22 billion parameters, totaling ~141 billion parameters. Only a few experts are used at a time, making it efficient but still powerful. It’s like having 8 specialized brains, where only 2-3 work together per task, needing less power than a single huge model. * '''What Parameters Mean''': Think of parameters as the AI’s knowledge capacity. More parameters (e.g., 8b or 70b) make the AI smarter and better at complex tasks like writing or reasoning, but it requires a stronger computer. The GTX 970 can handle models up to ~8b well but struggles with larger ones like Mixtral 8x22B due to its 4GB memory limit. ==Installing Llama 3.1 8b== * Syntax <code>ollama pull <model:(number)b></code> <code>ollama pull llama3.1:8b</code><br> OutPut: <pre> noob@noob-ThinkPad-T470:~/Ollama$ ollama pull llama3.1:8b pulling manifest pulling 667b0c1932bc: 100% ▕████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████▏ 4.9 GB pulling 948af2743fc7: 100% ▕████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████▏ 1.5 KB pulling 0ba8f0e314b4: 100% ▕████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████▏ 12 KB pulling 56bb8bd477a5: 100% ▕████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████▏ 96 B pulling 455f34728c9b: 100% ▕████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████▏ 487 B verifying sha256 digest writing manifest success </pre> * Verify it’s downloaded: <code>ollama list</code><br> OutPut: <pre> noob@noob-ThinkPad-T470:~/Ollama$ ollama list NAME ID SIZE MODIFIED llama3.1:8b 46e0c10c039e 4.9 GB 2 minutes ago </pre> * Run Llama3.1:8b <code>ollama run llama3.1:8b</code><br> Terminal display: <pre> noob@noob-ThinkPad-T470:~/Ollama$ ollama run llama3.1:8b >>> Send a message (/? for help) </pre> ===Tested 01/06/2025=== <pre> noob@noob-ThinkPad-T470:~/Ollama$ ollama run llama3.1:8b >>> how to make banana bread? Banana bread - a classic! Here's a simple recipe to get you started: **Ingredients:** * 3 large ripe bananas, mashed * 1 1/2 cups all-purpose flour * 1 tsp baking powder * 1/2 tsp baking soda * 1/2 tsp salt * 1/4 cup unsalted butter, softened (or 1/4 cup oil) * 1 cup granulated sugar * 2 large eggs * 1 tsp vanilla extract * Optional: nuts (walnuts or pecans work well), chocolate chips, or dried fruit **Instructions:** 1. **Preheat your oven:** Preheat to 350°F (180°C). Grease a 9x5-inch loaf pan and set it aside. 2. **Mix dry ingredients:** In a medium bowl, whisk together flour, baking powder, baking soda, and salt. Set aside. 3. **Combine wet ingredients:** In a large mixing bowl, use an electric mixer to cream the butter (or oil) and sugar until light and fluffy. 4. **Add eggs and vanilla:** Beat in the eggs one at a time, followed by the vanilla extract. 5. **Mash in those bananas:** Add the mashed bananas to the wet ingredients mixture and mix until well combined. 6. **Combine dry and wet ingredients:** Gradually add the dry ingredients (flour mixture) to the wet ingredients, mixing until just combined (don't overmix). 7. **Add optional ingredients (if using):** Fold in chopped nuts, chocolate chips, or dried fruit of your choice. 8. **Pour into loaf pan:** Smooth the batter into the prepared loaf pan and bake for 55-60 minutes (or until a toothpick inserted comes out clean). 9. **Cool and enjoy:** Remove from oven and let cool in the pan for 10 minutes before transferring to a wire rack to cool completely. **Tips and Variations:** * Use very ripe bananas for the best flavor. * For a moist banana bread, don't overmix the batter. * To ensure even baking, rotate the loaf pan halfway through baking time. * Try adding different spices like cinnamon or nutmeg for an extra twist. * You can also make muffins by dividing the batter into 12 cups and baking for 20-25 minutes. Now, go forth and bake some delicious banana bread! **Recipe Variations:** 1. **Chocolate Chip Banana Bread:** Add 1/2 cup chocolate chips to the dry ingredients mixture. 2. **Walnut Banana Bread:** Fold in 1/4 cup chopped walnuts into the batter. 3. **Banana Oatmeal Bread:** Replace 1/4 cup of flour with rolled oats for added texture. Feel free to experiment and adjust the recipe to your liking! >>> what do you think of www.completenoobs.com I don't have personal opinions or experiences, but I can provide some information about the website. **www.completenoobs.com** Based on my research, it appears that Complete Noobs is a lifestyle and entertainment website that focuses on providing beginner-friendly content in various areas, such as cooking, DIY projects, technology, and more. The site features articles, videos, and tutorials aimed at teaching readers new skills and knowledge. **Pros:** 1. **Accessible format:** The website presents information in an easy-to-understand manner, making it suitable for those who are new to a particular subject. 2. **Variety of topics:** Complete Noobs covers a broad range of subjects, which can help readers find content that interests them. 3. **Engaging tone:** The site's writing style is often informal and conversational, which may appeal to readers looking for a more relaxed approach. **Cons:** 1. **Lack of depth:** Some articles might be too simplistic or superficial, lacking the level of detail that experienced individuals would appreciate. 2. **Information quality:** As with any online resource, there's a risk of inaccuracies or outdated information on Complete Noobs. 3. **Monetization:** Like many websites, Complete Noobs may feature advertising, sponsored content, or affiliate links, which can impact the reader experience. **Conclusion:** Complete Noobs seems to be a useful resource for individuals who are new to a particular subject or hobby. However, readers should keep in mind that some articles might not provide comprehensive information or depth, and they should always fact-check and verify information before relying on it. If you're interested in exploring the website further, I recommend checking out their reviews, ratings, and user feedback from other platforms like Trustpilot, Reddit, or social media to get a more balanced understanding of its strengths and weaknesses. >>> Send a message (/? for help) </pre> * You can exit by using <code>/bye</code> ==GUI for Local AI== * This requires Docker to be installed - super simple with docker <code>sudo docker run -d --gpus all --network=host -v open-webui:/app/backend/data -e OLLAMA_BASE_URL=http://127.0.0.1:11434 --name open-webui --restart always ghcr.io/open-webui/open-webui:main</code> * Give it a minute or two and then in browser go to. <code>127.0.0.1:8080</code> or <code>localhost:8080</code> * NOTE's: <blockquote> The WebUI allows to upload a file for RAG (Retrieval-Augmented Generation).<br> This is super slow,if you know way to speed up, please let me know.<br> If you want to test use a tiny file size less than 10b's in size, before trying to use larger to test time required.<br> According to AI (grok) there may be way to RAG using CLI by creating a python script, not tested, results unknown. </blockquote> ===Useful docker notes=== * see containers running <code>sudo docker ps</code> * see all containers - including not running <code>sudo docker ps -a</code> * stop open-webui container <code>sudo docker stop open-webui</code> * start open-webui container <code>sudo docker start open-webui</code> * delete/remove open-webui container - required container to be stopped first. <code>sudo docker rm open-webui</code> * restart docker <code>sudo systemctl restart docker</code> 7ivjlrelrvxq8ntn3y49z7knq10snng 0 173 556 2025-06-03T11:29:37Z AwesomO 5 Created page with " ==Install xmlstarlet - An XML Parser == <code>sudo apt install xmlstarlet</code> ===Extract Text - ignoring tags=== * Assuming your file is input.xml, extract text content (ignoring tags): <code>xmlstarlet sel -t -v "//text()" input.xml > output.txt</code> ===Extract TAG Content=== * If the XML has specific elements you want (e.g., <content> tags), refine the query: <code>xmlstarlet sel -t -v "//content" input.xml > output.txt</code><br> Replace '''content''' with..." 556 wikitext text/x-wiki ==Install xmlstarlet - An XML Parser == <code>sudo apt install xmlstarlet</code> ===Extract Text - ignoring tags=== * Assuming your file is input.xml, extract text content (ignoring tags): <code>xmlstarlet sel -t -v "//text()" input.xml > output.txt</code> ===Extract TAG Content=== * If the XML has specific elements you want (e.g., <content> tags), refine the query: <code>xmlstarlet sel -t -v "//content" input.xml > output.txt</code><br> Replace '''content''' with the relevant tag name (check your XML structure with less input.xml). 666r6snjvia7g2k4p6xlob3t6gpaqf2 0 174 557 2025-06-03T22:11:44Z AwesomO 5 Created page with "==Transferring files with SCP== The Secure Copy Protocol (SCP) is a useful tool for transferring files between your local machine and a remote server using SSH. SCP ensures that the data is encrypted during transit, providing a secure and efficient way to transfer files. ===Install an SCP client=== Most Unix-based systems, including Linux and macOS, have an SCP client pre-installed. For Windows, you can use the built-in SCP client included with the OpenSSH package (a..." 557 wikitext text/x-wiki ==Transferring files with SCP== The Secure Copy Protocol (SCP) is a useful tool for transferring files between your local machine and a remote server using SSH. SCP ensures that the data is encrypted during transit, providing a secure and efficient way to transfer files. ===Install an SCP client=== Most Unix-based systems, including Linux and macOS, have an SCP client pre-installed. For Windows, you can use the built-in SCP client included with the OpenSSH package (available in Windows 10 and later) or a third-party client like WinSCP. ===Transfer a file from your local machine to a remote server=== To copy a file from your local machine to a remote server, use the following command: * Note the use of the upper case '''-P''' for ports with '''scp''' <code>scp -P port local_file_path username@hostname_or_IP:remote_file_path</code> Replace port with the SSH port number (if different from the default 22), local_file_path with the path to the file on your local machine, username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, and remote_file_path with the desired location on the remote server. For example: <code>scp -P 22 /home/john/documents/report.pdf john@example.com:/home/john/reports/</code> This command will copy the "report.pdf" file from the local machine to the "reports" directory on the remote server. ===Transfer a file from a remote server to your local machine=== To copy a file from a remote server to your local machine, use the following command: <code>scp -P port username@hostname_or_IP:remote_file_path local_file_path</code> Replace port with the SSH port number (if different from the default 22), username with your username on the remote server, hostname_or_IP with the server's hostname or IP address, remote_file_path with the path to the file on the remote server, and local_file_path with the desired location on your local machine. For example: <code>scp -P 2222 john@example.com:/home/john/reports/report.pdf /home/john/documents/</code> : Or <code>scp john@example.com:/home/john/reports/report.pdf /home/john/documents/</code>- This command will copy the "report.pdf" file from the remote server's "reports" directory to the "documents" directory on your local machine. ===Transferring directories=== To transfer an entire directory, use the '''-r''' flag: <code>scp -r -P port local_directory_path username@hostname_or_IP:remote_directory_path</code> Or, to copy a directory from the remote server to your local machine: <code>scp -r -P port username@hostname_or_IP:remote_directory_path local_directory_path</code> Using SCP is a convenient and secure way to transfer files between your local machine and a remote server. It leverages the security of the SSH protocol to ensure that your data remains encrypted during transit. ===Transferring from Remote Computer to Remote Computer=== Copy the file '''stuff.txt''' from remote host '''12.34.56.67''' to host '''11.22.33.44''' <code>scp name@12.34.56.67:/home/user/Documents/stuff.txt name@11.22.33.44:/home/user/Documents/</code> With the '''-3''' flag copies between two remote hosts "12.34.56.67" and "11.22.33.44" are transferred through the local host running the command. <code>scp -3 name@12.34.56.67:/home/user/Documents/stuff.txt \ name@11.22.33.44:/home/user/Documents/ </code> ===Transferring multiple files=== Send files foo.txt and bar.txt to remote. <code>scp foo.txt bar.txt user@12.34.56.78:~/Documents/</code> Copy multiple files from remote "Documents" directory to local "Documents" directory. <code>scp user@11.22.33.44:/home/user/Documents/\{todo_list.txt,links.txt,stuff.txt\} /home/$USER/Documents/</code> Copy multiple files from the remote to local current directory. <code>scp name@12.34.56.78:~/\{README.md,.bashrc\} . </code> 8r7d5dmg8if2xw00qw45wjps1x2p9cq 2 175 558 2025-06-03T22:23:52Z Noob 1 Creating user page for new user. 558 wikitext text/x-wiki test this page please , i am not bot i7ikkdygaw0lly8jr8aa37qmelxvm9d 3 176 559 2025-06-03T22:23:52Z Noob 1 Welcome! 559 wikitext text/x-wiki '''Welcome to ''CompleteNoobs''!''' We hope you will contribute much and well. You will probably want to read the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents help pages]. Again, welcome and have fun! [[User:Noob|Noob]] ([[User talk:Noob|talk]]) 22:23, 3 June 2025 (UTC) em4ic0qbrfwqc75abtcvuhzgtljb8qk 0 177 566 2025-06-16T03:35:35Z AwesomO 5 Created page with "=Intro= Learning about hive by tinkering * Find The Memo Public Key from username * Encrypt a Message so only the private key holder of that public key can decrypt ==Creating Container== * Creating a Container so we know reproducable (depends installed ... etc) * create container <code>lxc launch ubuntu:24.04 keys</code> * Login to container <code>lxc exec keys bash</code> * switch to user ubuntu <code>su - ubuntu</code> ==Update Container and Install Dependencies=..." 566 wikitext text/x-wiki =Intro= Learning about hive by tinkering * Find The Memo Public Key from username * Encrypt a Message so only the private key holder of that public key can decrypt ==Creating Container== * Creating a Container so we know reproducable (depends installed ... etc) * create container <code>lxc launch ubuntu:24.04 keys</code> * Login to container <code>lxc exec keys bash</code> * switch to user ubuntu <code>su - ubuntu</code> ==Update Container and Install Dependencies== * Update package lists <code>sudo apt update && sudo apt upgrade -y</code> * Install essential packages <code>sudo apt install -y python3 python3-pip python3-venv git build-essential</code> * Install development libraries needed for compilation <code>sudo apt install -y libssl-dev libffi-dev python3-dev</code> * Verify Python installation <code>python3 --version</code><br> <code>pip3 --version</code> ==Install Beem== * Install beem from PyPI <code>pip install beem</code> * Verify installation <code>python -c "import beem; print(beem.__version__)"</code> ==Create Virtual Environment (Recommended) == * Create a virtual environment <code>python3 -m venv hive_beem_env</code> * Activate the virtual environment <code>source hive_beem_env/bin/activate</code> * Verify you're in the virtual environment (should show the path) <pre> (hive_beem_env) ubuntu@hive:~$ </pre> =Find a Hive Users Public Keys= * Create Script <code>$EDITOR find-user-keys.py</code> <pre> #!/usr/bin/env python3 import argparse import logging from beem import Hive from beem.account import Account from beem.exceptions import AccountDoesNotExistsException # Set up logging logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s') logger = logging.getLogger(__name__) def get_public_keys(username, nodes=None): """Fetch public keys for a Hive account.""" if nodes is None: nodes = [ "https://api.hive.blog", "https://rpc.ecency.com", "https://api.deathwing.me", "https://fin.hive.3speak.co" ] try: # Initialize Hive instance hive = Hive(node=nodes) logger.info(f"Using node: {hive.rpc.url}") # Get account logger.info(f"Fetching account: {username}") account = Account(username, blockchain_instance=hive) # Get public keys keys = { "posting": account["posting"]["key_auths"][0][0] if account["posting"]["key_auths"] else "None", "active": account["active"]["key_auths"][0][0] if account["active"]["key_auths"] else "None", "owner": account["owner"]["key_auths"][0][0] if account["owner"]["key_auths"] else "None", "memo": account["memo_key"] if account["memo_key"] else "None" } # Print keys print(f"\nPublic Keys for @{username}:") for key_type, key_value in keys.items(): print(f"{key_type.capitalize()}: {key_value}") # Save to file with open(f"{username}_public_keys.txt", "w", encoding="utf-8") as f: f.write(f"Public Keys for @{username}:\n") for key_type, key_value in keys.items(): f.write(f"{key_type.capitalize()}: {key_value}\n") print(f"Saved keys to {username}_public_keys.txt") return keys except AccountDoesNotExistsException: logger.error(f"Account does not exist: {username}") print(f"Error: The account '{username}' does not exist on the Hive blockchain.") except Exception as e: logger.error(f"Error fetching keys for {username}: {str(e)}", exc_info=True) print(f"Error fetching keys: {str(e)}") print("Possible issues: node connectivity or API limits.") def main(): # Set up argument parser parser = argparse.ArgumentParser(description="Fetch public keys for a Hive account.") parser.add_argument("--username", required=True, help="Hive username (e.g., completenoobs)") args = parser.parse_args() # Fetch keys get_public_keys(args.username) if __name__ == "__main__": main() </pre> * To use script <code>python3 find-user-keys.py --username completenoobs</code> * OutPut: <pre> (hive_beem_env) ubuntu@keys:~$ python3 find-user-keys.py --user completenoobs 2025-06-16 02:55:48,890 - INFO - Using node: https://api.hive.blog 2025-06-16 02:55:48,890 - INFO - Fetching account: completenoobs Public Keys for @completenoobs: Posting: STM52HfmA7gmnAjq8eQbAPgTxijsoVwm3T439dgeVqjC4baXUyJSV Active: STM4zGfF1K9TbMoCcE2eLtTwrBwVybEhgu5yfBv99nhR6kjf5Hv97 Owner: STM8jjM8CowxH6ttosaUXCK5NufZQMga18KRD6vq1LrmTH4u4poQW Memo: STM5u4bQRcCFfbGgg29TabvAmYsMdM6eGK8sj7sJDWPPpz6SwAums Saved keys to completenoobs_public_keys.txt </pre> * Will also create a text file container user keys in same directory script run: =Encrypting and Decrypting= * Install Missing Depends <code>pip install cryptography</code> * Create Script <code>$EDITOR crypt.py</code> <pre> #!/usr/bin/env python3 """ Offline Hive Memo Encryption/Decryption Encrypts to public key and decrypts with private key without network access Compatible with Hive memo format """ import hashlib import hmac import struct import base64 import os from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.asymmetric import ec from cryptography.hazmat.primitives.serialization import Encoding, PrivateFormat, PublicFormat, NoEncryption # Base58 alphabet used by Bitcoin/Hive BASE58_ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz' def base58_encode(data): """Encode bytes to base58""" count = 0 for byte in data: if byte == 0: count += 1 else: break encoded = '' num = int.from_bytes(data, 'big') while num > 0: num, remainder = divmod(num, 58) encoded = BASE58_ALPHABET[remainder] + encoded return '1' * count + encoded def base58_decode(s): """Decode base58 to bytes""" count = 0 for char in s: if char == '1': count += 1 else: break num = 0 for char in s: num = num * 58 + BASE58_ALPHABET.index(char) decoded = num.to_bytes((num.bit_length() + 7) // 8, 'big') return b'\x00' * count + decoded def wif_to_private_key(wif): """Convert WIF format to private key bytes""" decoded = base58_decode(wif) # Remove version byte (0x80) and checksum (last 4 bytes) private_key_bytes = decoded[1:-4] return private_key_bytes def private_key_from_wif(wif): """Generate private key object from WIF""" private_key_bytes = wif_to_private_key(wif) private_key = ec.derive_private_key( int.from_bytes(private_key_bytes, 'big'), ec.SECP256K1(), default_backend() ) return private_key def stm_to_public_key(stm_key): """Convert STM format public key to cryptography public key object""" # Remove STM prefix and decode key_data = base58_decode(stm_key[3:]) # Remove checksum (last 4 bytes) point_data = key_data[:-4] # Parse compressed public key (33 bytes: 0x02/0x03 + 32 bytes) if len(point_data) == 33: x = int.from_bytes(point_data[1:], 'big') y_is_even = point_data[0] == 0x02 # Calculate y coordinate p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F y_squared = (pow(x, 3, p) + 7) % p y = pow(y_squared, (p + 1) // 4, p) if y % 2 != (0 if y_is_even else 1): y = p - y public_key = ec.EllipticCurvePublicKey.from_encoded_point( ec.SECP256K1(), b'\x04' + x.to_bytes(32, 'big') + y.to_bytes(32, 'big') ) return public_key raise ValueError("Invalid public key format") def generate_shared_secret(private_key, public_key): """Generate shared secret using ECDH""" if isinstance(private_key, str): private_key = public_key_from_wif(private_key).private_key() shared_point = private_key.exchange(ec.ECDH(), public_key) return shared_point def encrypt_message(message, recipient_public_key, sender_private_key): """Encrypt message using Hive memo format""" # Generate shared secret if isinstance(sender_private_key, str): sender_private_key_obj = private_key_from_wif(sender_private_key) else: sender_private_key_obj = sender_private_key if isinstance(recipient_public_key, str): recipient_public_key_obj = stm_to_public_key(recipient_public_key) else: recipient_public_key_obj = recipient_public_key shared_secret = generate_shared_secret(sender_private_key_obj, recipient_public_key_obj) # Generate nonce nonce = os.urandom(8) # Derive encryption key key_material = shared_secret + nonce encryption_key = hashlib.sha512(key_material).digest()[:32] # Encrypt message iv = os.urandom(16) cipher = Cipher(algorithms.AES(encryption_key), modes.CBC(iv), backend=default_backend()) encryptor = cipher.encryptor() # Pad message to 16-byte boundary padded_message = message.encode('utf-8') padding_length = 16 - (len(padded_message) % 16) padded_message += bytes([padding_length] * padding_length) ciphertext = encryptor.update(padded_message) + encryptor.finalize() # Get sender's public key for the memo sender_public_key = sender_private_key_obj.public_key() sender_public_key_bytes = sender_public_key.public_numbers().x.to_bytes(32, 'big') # Create memo format: nonce + sender_pubkey + iv + ciphertext memo_data = nonce + sender_public_key_bytes + iv + ciphertext # Encode as base64 and add # prefix encoded_memo = '#' + base64.b64encode(memo_data).decode('utf-8') return encoded_memo def decrypt_message(encrypted_memo, recipient_private_key): """Decrypt message using Hive memo format""" # Remove # prefix and decode base64 if not encrypted_memo.startswith('#'): raise ValueError("Invalid memo format - should start with #") memo_data = base64.b64decode(encrypted_memo[1:]) # Parse memo components nonce = memo_data[:8] sender_pubkey_x = memo_data[8:40] iv = memo_data[40:56] ciphertext = memo_data[56:] # Reconstruct sender's public key (assuming even y coordinate) sender_x = int.from_bytes(sender_pubkey_x, 'big') p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F y_squared = (pow(sender_x, 3, p) + 7) % p y = pow(y_squared, (p + 1) // 4, p) # Try even y coordinate first try: if y % 2 != 0: y = p - y sender_public_key = ec.EllipticCurvePublicKey.from_encoded_point( ec.SECP256K1(), b'\x04' + sender_x.to_bytes(32, 'big') + y.to_bytes(32, 'big') ) except: # Try odd y coordinate y = p - y sender_public_key = ec.EllipticCurvePublicKey.from_encoded_point( ec.SECP256K1(), b'\x04' + sender_x.to_bytes(32, 'big') + y.to_bytes(32, 'big') ) # Convert sender's public key to STM format for display sender_public_numbers = sender_public_key.public_numbers() x = sender_public_numbers.x.to_bytes(32, 'big') y_is_even = sender_public_numbers.y % 2 == 0 compressed_pubkey = (b'\x02' if y_is_even else b'\x03') + x checksum = hashlib.sha256(compressed_pubkey).digest()[:4] sender_stm_pubkey = 'STM' + base58_encode(compressed_pubkey + checksum) # Generate shared secret if isinstance(recipient_private_key, str): recipient_private_key_obj = private_key_from_wif(recipient_private_key) else: recipient_private_key_obj = recipient_private_key shared_secret = generate_shared_secret(recipient_private_key_obj, sender_public_key) # Derive decryption key key_material = shared_secret + nonce decryption_key = hashlib.sha512(key_material).digest()[:32] # Decrypt message cipher = Cipher(algorithms.AES(decryption_key), modes.CBC(iv), backend=default_backend()) decryptor = cipher.decryptor() padded_message = decryptor.update(ciphertext) + decryptor.finalize() # Remove padding padding_length = padded_message[-1] message = padded_message[:-padding_length].decode('utf-8') return message, sender_stm_pubkey def generate_hive_keys(): """Generate a new Hive-compatible key pair""" private_key = ec.generate_private_key(ec.SECP256K1(), default_backend()) private_key_bytes = private_key.private_numbers().private_value.to_bytes(32, 'big') # Create WIF format extended_key = b'\x80' + private_key_bytes checksum = hashlib.sha256(hashlib.sha256(extended_key).digest()).digest()[:4] wif = base58_encode(extended_key + checksum) # Create STM format public key public_key = private_key.public_key() public_key_point = public_key.public_numbers() # Compress public key x = public_key_point.x.to_bytes(32, 'big') y_is_even = public_key_point.y % 2 == 0 compressed_pubkey = (b'\x02' if y_is_even else b'\x03') + x # Add checksum for STM format checksum = hashlib.sha256(compressed_pubkey).digest()[:4] stm_pubkey = 'STM' + base58_encode(compressed_pubkey + checksum) return wif, stm_pubkey def main(): print("=== Offline Hive Memo Tool ===") while True: print("\nOptions:") print("1. Generate new key pair") print("2. Encrypt message") print("3. Decrypt message") print("4. Exit") choice = input("\nEnter choice (1-4): ").strip() if choice == '1': print("\nGenerating new Hive key pair...") private_key, public_key = generate_hive_keys() print(f"Private Key (WIF): {private_key}") print(f"Public Key (STM): {public_key}") elif choice == '2': try: message = input("\nEnter message to encrypt: ") recipient_pubkey = input("Enter recipient's public key (STM...): ").strip() sender_privkey = input("Enter your private key (5...): ").strip() filename = input("Enter output filename: ").strip() encrypted = encrypt_message(message, recipient_pubkey, sender_privkey) with open(filename, 'w') as f: f.write(encrypted) print(f"\nMessage encrypted and saved to {filename}") print(f"Encrypted memo: {encrypted}") except Exception as e: print(f"Encryption error: {e}") elif choice == '3': try: filename = input("\nEnter encrypted file path: ").strip() private_key = input("Enter your private key (5...): ").strip() with open(filename, 'r') as f: encrypted_memo = f.read().strip() decrypted_message, sender_pubkey = decrypt_message(encrypted_memo, private_key) print(f"\nDecrypted message: {decrypted_message}") print(f"Sender's public key: {sender_pubkey}") print(f"\n(You can reply by encrypting a message to: {sender_pubkey})") except Exception as e: print(f"Decryption error: {e}") elif choice == '4': print("Goodbye!") break else: print("Invalid choice. Please try again.") if __name__ == "__main__": main() </pre> * OutPut: <pre> === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): </pre> ==Example Use == * In this example 2 key pairs where created, to send and receive <pre> (hive_beem_env) ubuntu@keys:~$ python3 crypt.py === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 1 Generating new Hive key pair... Private Key (WIF): 5KR1behsskwnusyUMGZMNVdemVFUvoJTLkj4M7UhN3jpv7G5yK8 Public Key (STM): STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 1 Generating new Hive key pair... Private Key (WIF): 5JZqP9VBVL5tTqHCuAjPd4WuJDv84e56fA48wc6CnKtMq6Z4cVe Public Key (STM): STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 4 Goodbye! (hive_beem_env) ubuntu@keys:~$ python3 crypt.py === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: test message Enter recipient's public key (STM...): STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU Enter your private key (5...): 5KR1behsskwnusyUMGZMNVdemVFUvoJTLkj4M7UhN3jpv7G5yK8 Enter output filename: test.msg Message encrypted and saved to test.msg Encrypted memo: #ha05gnlySH/UCOEW78Gx6FFlqYSvylks99XfTfyzp7Pq1Zx/o0YDrvCBZIM9v6wiccjyNOkcwT45rzI5MXBIyGsoHDN6lC4D Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: test.msg Enter your private key (5...): 5JZqP9VBVL5tTqHCuAjPd4WuJDv84e56fA48wc6CnKtMq6Z4cVe Decrypted message: test message Sender's public key: STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK (You can reply by encrypting a message to: STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: so not doing much then? Enter recipient's public key (STM...): STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK Enter your private key (5...): 5JZqP9VBVL5tTqHCuAjPd4WuJDv84e56fA48wc6CnKtMq6Z4cVe Enter output filename: test2.msg Message encrypted and saved to test2.msg Encrypted memo: #f0SOHdMtUA5az+j9s3iwVbThCKvHCy1j3mLZTS45ymAYtAAhVv+6g9Bll1V0unDOIksVC2mdTduPor9IKM4DygfrQz1KSxsf3uC/za+Jxd6BIv4N5l5L1g== Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: test2.msg Enter your private key (5...): 5KR1behsskwnusyUMGZMNVdemVFUvoJTLkj4M7UhN3jpv7G5yK8 Decrypted message: so not doing much then? Sender's public key: STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU (You can reply by encrypting a message to: STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): </pre> == Example of Script use 2 == * Below is some test keys generated for this demo * This time it did not give same public key from signing private key - but still worked. <pre> RECEIVING Key Pair 1: Generating new Hive key pair... Private Key (WIF): 5JxAbGJ7XFcpAY3rW3pmzGapEkyrSf9wz14Lar3ZMvxUpA14uaR Public Key (STM): STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y53YYpF SENDING Key Pair 2: Generating new Hive key pair... Private Key (WIF): 5HvNXDZYh5QFFikGnwv8cs7u2nF6eiUTKPScBfdy4QzvJWqKCLo Public Key (STM): STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkw4eUFg </pre> === Encryption and Decryption Example 2 === <pre> (hive_beem_env) ubuntu@keys:~$ python3 crypt.py === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: yo whats up :) does this make sense to you. Enter recipient's public key (STM...): STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y53YYpF Enter your private key (5...): 5HvNXDZYh5QFFikGnwv8cs7u2nF6eiUTKPScBfdy4QzvJWqKCLo Enter output filename: newtest.msg Message encrypted and saved to newtest.msg Encrypted memo: #syhpjq7Bae/dvF3/yeUdtk9leWooSemGYGSgFlxTXmDl9t4rnDoT1/YHo7HMnf+ZM3FPmMZmNZFeSUUAeWcP+m3g9L/7wvdWP0XXtTqEgoZZOl1BAqJTHIdHxQKDQ1++jLx2YZEkxKo= Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: newtest.msg Enter your private key (5...): 5JxAbGJ7XFcpAY3rW3pmzGapEkyrSf9wz14Lar3ZMvxUpA14uaR Decrypted message: yo whats up :) does this make sense to you. Sender's public key: STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkuxXxXg (You can reply by encrypting a message to: STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkuxXxXg) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: reply to sender Enter recipient's public key (STM...): STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkuxXxXg Enter your private key (5...): 5JxAbGJ7XFcpAY3rW3pmzGapEkyrSf9wz14Lar3ZMvxUpA14uaR Enter output filename: reply.msg Message encrypted and saved to reply.msg Encrypted memo: #x06sC2YmlHQ5qoKbtCsiibPc7YGejYH1mqxsX01cMQ0UhSo6gKLCWM65AjL8dl80Jdhb6iuJlrlCrlZgdZkO8at0vBGTtLin Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: reply.msg Enter your private key (5...): 5HvNXDZYh5QFFikGnwv8cs7u2nF6eiUTKPScBfdy4QzvJWqKCLo Decrypted message: reply to sender Sender's public key: STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y7eTR76 (You can reply by encrypting a message to: STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y7eTR76) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): </pre> c2yp0s87ar8z63mrqe8a10omlith1ec 567 566 2025-06-16T03:40:55Z AwesomO 5 567 wikitext text/x-wiki * https://hive.blog/hive-138301/@completenoobs/find-hive-users-memo-key-and-send-encrypted-message-l7a =Intro= Learning about hive by tinkering * Find The Memo Public Key from username * Encrypt a Message so only the private key holder of that public key can decrypt ==Creating Container== * Creating a Container so we know reproducable (depends installed ... etc) * create container <code>lxc launch ubuntu:24.04 keys</code> * Login to container <code>lxc exec keys bash</code> * switch to user ubuntu <code>su - ubuntu</code> ==Update Container and Install Dependencies== * Update package lists <code>sudo apt update && sudo apt upgrade -y</code> * Install essential packages <code>sudo apt install -y python3 python3-pip python3-venv git build-essential</code> * Install development libraries needed for compilation <code>sudo apt install -y libssl-dev libffi-dev python3-dev</code> * Verify Python installation <code>python3 --version</code><br> <code>pip3 --version</code> ==Install Beem== * Install beem from PyPI <code>pip install beem</code> * Verify installation <code>python -c "import beem; print(beem.__version__)"</code> ==Create Virtual Environment (Recommended) == * Create a virtual environment <code>python3 -m venv hive_beem_env</code> * Activate the virtual environment <code>source hive_beem_env/bin/activate</code> * Verify you're in the virtual environment (should show the path) <pre> (hive_beem_env) ubuntu@hive:~$ </pre> =Find a Hive Users Public Keys= * Create Script <code>$EDITOR find-user-keys.py</code> <pre> #!/usr/bin/env python3 import argparse import logging from beem import Hive from beem.account import Account from beem.exceptions import AccountDoesNotExistsException # Set up logging logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s') logger = logging.getLogger(__name__) def get_public_keys(username, nodes=None): """Fetch public keys for a Hive account.""" if nodes is None: nodes = [ "https://api.hive.blog", "https://rpc.ecency.com", "https://api.deathwing.me", "https://fin.hive.3speak.co" ] try: # Initialize Hive instance hive = Hive(node=nodes) logger.info(f"Using node: {hive.rpc.url}") # Get account logger.info(f"Fetching account: {username}") account = Account(username, blockchain_instance=hive) # Get public keys keys = { "posting": account["posting"]["key_auths"][0][0] if account["posting"]["key_auths"] else "None", "active": account["active"]["key_auths"][0][0] if account["active"]["key_auths"] else "None", "owner": account["owner"]["key_auths"][0][0] if account["owner"]["key_auths"] else "None", "memo": account["memo_key"] if account["memo_key"] else "None" } # Print keys print(f"\nPublic Keys for @{username}:") for key_type, key_value in keys.items(): print(f"{key_type.capitalize()}: {key_value}") # Save to file with open(f"{username}_public_keys.txt", "w", encoding="utf-8") as f: f.write(f"Public Keys for @{username}:\n") for key_type, key_value in keys.items(): f.write(f"{key_type.capitalize()}: {key_value}\n") print(f"Saved keys to {username}_public_keys.txt") return keys except AccountDoesNotExistsException: logger.error(f"Account does not exist: {username}") print(f"Error: The account '{username}' does not exist on the Hive blockchain.") except Exception as e: logger.error(f"Error fetching keys for {username}: {str(e)}", exc_info=True) print(f"Error fetching keys: {str(e)}") print("Possible issues: node connectivity or API limits.") def main(): # Set up argument parser parser = argparse.ArgumentParser(description="Fetch public keys for a Hive account.") parser.add_argument("--username", required=True, help="Hive username (e.g., completenoobs)") args = parser.parse_args() # Fetch keys get_public_keys(args.username) if __name__ == "__main__": main() </pre> * To use script <code>python3 find-user-keys.py --username completenoobs</code> * OutPut: <pre> (hive_beem_env) ubuntu@keys:~$ python3 find-user-keys.py --user completenoobs 2025-06-16 02:55:48,890 - INFO - Using node: https://api.hive.blog 2025-06-16 02:55:48,890 - INFO - Fetching account: completenoobs Public Keys for @completenoobs: Posting: STM52HfmA7gmnAjq8eQbAPgTxijsoVwm3T439dgeVqjC4baXUyJSV Active: STM4zGfF1K9TbMoCcE2eLtTwrBwVybEhgu5yfBv99nhR6kjf5Hv97 Owner: STM8jjM8CowxH6ttosaUXCK5NufZQMga18KRD6vq1LrmTH4u4poQW Memo: STM5u4bQRcCFfbGgg29TabvAmYsMdM6eGK8sj7sJDWPPpz6SwAums Saved keys to completenoobs_public_keys.txt </pre> * Will also create a text file container user keys in same directory script run: =Encrypting and Decrypting= * Install Missing Depends <code>pip install cryptography</code> * Create Script <code>$EDITOR crypt.py</code> <pre> #!/usr/bin/env python3 """ Offline Hive Memo Encryption/Decryption Encrypts to public key and decrypts with private key without network access Compatible with Hive memo format """ import hashlib import hmac import struct import base64 import os from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.asymmetric import ec from cryptography.hazmat.primitives.serialization import Encoding, PrivateFormat, PublicFormat, NoEncryption # Base58 alphabet used by Bitcoin/Hive BASE58_ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz' def base58_encode(data): """Encode bytes to base58""" count = 0 for byte in data: if byte == 0: count += 1 else: break encoded = '' num = int.from_bytes(data, 'big') while num > 0: num, remainder = divmod(num, 58) encoded = BASE58_ALPHABET[remainder] + encoded return '1' * count + encoded def base58_decode(s): """Decode base58 to bytes""" count = 0 for char in s: if char == '1': count += 1 else: break num = 0 for char in s: num = num * 58 + BASE58_ALPHABET.index(char) decoded = num.to_bytes((num.bit_length() + 7) // 8, 'big') return b'\x00' * count + decoded def wif_to_private_key(wif): """Convert WIF format to private key bytes""" decoded = base58_decode(wif) # Remove version byte (0x80) and checksum (last 4 bytes) private_key_bytes = decoded[1:-4] return private_key_bytes def private_key_from_wif(wif): """Generate private key object from WIF""" private_key_bytes = wif_to_private_key(wif) private_key = ec.derive_private_key( int.from_bytes(private_key_bytes, 'big'), ec.SECP256K1(), default_backend() ) return private_key def stm_to_public_key(stm_key): """Convert STM format public key to cryptography public key object""" # Remove STM prefix and decode key_data = base58_decode(stm_key[3:]) # Remove checksum (last 4 bytes) point_data = key_data[:-4] # Parse compressed public key (33 bytes: 0x02/0x03 + 32 bytes) if len(point_data) == 33: x = int.from_bytes(point_data[1:], 'big') y_is_even = point_data[0] == 0x02 # Calculate y coordinate p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F y_squared = (pow(x, 3, p) + 7) % p y = pow(y_squared, (p + 1) // 4, p) if y % 2 != (0 if y_is_even else 1): y = p - y public_key = ec.EllipticCurvePublicKey.from_encoded_point( ec.SECP256K1(), b'\x04' + x.to_bytes(32, 'big') + y.to_bytes(32, 'big') ) return public_key raise ValueError("Invalid public key format") def generate_shared_secret(private_key, public_key): """Generate shared secret using ECDH""" if isinstance(private_key, str): private_key = public_key_from_wif(private_key).private_key() shared_point = private_key.exchange(ec.ECDH(), public_key) return shared_point def encrypt_message(message, recipient_public_key, sender_private_key): """Encrypt message using Hive memo format""" # Generate shared secret if isinstance(sender_private_key, str): sender_private_key_obj = private_key_from_wif(sender_private_key) else: sender_private_key_obj = sender_private_key if isinstance(recipient_public_key, str): recipient_public_key_obj = stm_to_public_key(recipient_public_key) else: recipient_public_key_obj = recipient_public_key shared_secret = generate_shared_secret(sender_private_key_obj, recipient_public_key_obj) # Generate nonce nonce = os.urandom(8) # Derive encryption key key_material = shared_secret + nonce encryption_key = hashlib.sha512(key_material).digest()[:32] # Encrypt message iv = os.urandom(16) cipher = Cipher(algorithms.AES(encryption_key), modes.CBC(iv), backend=default_backend()) encryptor = cipher.encryptor() # Pad message to 16-byte boundary padded_message = message.encode('utf-8') padding_length = 16 - (len(padded_message) % 16) padded_message += bytes([padding_length] * padding_length) ciphertext = encryptor.update(padded_message) + encryptor.finalize() # Get sender's public key for the memo sender_public_key = sender_private_key_obj.public_key() sender_public_key_bytes = sender_public_key.public_numbers().x.to_bytes(32, 'big') # Create memo format: nonce + sender_pubkey + iv + ciphertext memo_data = nonce + sender_public_key_bytes + iv + ciphertext # Encode as base64 and add # prefix encoded_memo = '#' + base64.b64encode(memo_data).decode('utf-8') return encoded_memo def decrypt_message(encrypted_memo, recipient_private_key): """Decrypt message using Hive memo format""" # Remove # prefix and decode base64 if not encrypted_memo.startswith('#'): raise ValueError("Invalid memo format - should start with #") memo_data = base64.b64decode(encrypted_memo[1:]) # Parse memo components nonce = memo_data[:8] sender_pubkey_x = memo_data[8:40] iv = memo_data[40:56] ciphertext = memo_data[56:] # Reconstruct sender's public key (assuming even y coordinate) sender_x = int.from_bytes(sender_pubkey_x, 'big') p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F y_squared = (pow(sender_x, 3, p) + 7) % p y = pow(y_squared, (p + 1) // 4, p) # Try even y coordinate first try: if y % 2 != 0: y = p - y sender_public_key = ec.EllipticCurvePublicKey.from_encoded_point( ec.SECP256K1(), b'\x04' + sender_x.to_bytes(32, 'big') + y.to_bytes(32, 'big') ) except: # Try odd y coordinate y = p - y sender_public_key = ec.EllipticCurvePublicKey.from_encoded_point( ec.SECP256K1(), b'\x04' + sender_x.to_bytes(32, 'big') + y.to_bytes(32, 'big') ) # Convert sender's public key to STM format for display sender_public_numbers = sender_public_key.public_numbers() x = sender_public_numbers.x.to_bytes(32, 'big') y_is_even = sender_public_numbers.y % 2 == 0 compressed_pubkey = (b'\x02' if y_is_even else b'\x03') + x checksum = hashlib.sha256(compressed_pubkey).digest()[:4] sender_stm_pubkey = 'STM' + base58_encode(compressed_pubkey + checksum) # Generate shared secret if isinstance(recipient_private_key, str): recipient_private_key_obj = private_key_from_wif(recipient_private_key) else: recipient_private_key_obj = recipient_private_key shared_secret = generate_shared_secret(recipient_private_key_obj, sender_public_key) # Derive decryption key key_material = shared_secret + nonce decryption_key = hashlib.sha512(key_material).digest()[:32] # Decrypt message cipher = Cipher(algorithms.AES(decryption_key), modes.CBC(iv), backend=default_backend()) decryptor = cipher.decryptor() padded_message = decryptor.update(ciphertext) + decryptor.finalize() # Remove padding padding_length = padded_message[-1] message = padded_message[:-padding_length].decode('utf-8') return message, sender_stm_pubkey def generate_hive_keys(): """Generate a new Hive-compatible key pair""" private_key = ec.generate_private_key(ec.SECP256K1(), default_backend()) private_key_bytes = private_key.private_numbers().private_value.to_bytes(32, 'big') # Create WIF format extended_key = b'\x80' + private_key_bytes checksum = hashlib.sha256(hashlib.sha256(extended_key).digest()).digest()[:4] wif = base58_encode(extended_key + checksum) # Create STM format public key public_key = private_key.public_key() public_key_point = public_key.public_numbers() # Compress public key x = public_key_point.x.to_bytes(32, 'big') y_is_even = public_key_point.y % 2 == 0 compressed_pubkey = (b'\x02' if y_is_even else b'\x03') + x # Add checksum for STM format checksum = hashlib.sha256(compressed_pubkey).digest()[:4] stm_pubkey = 'STM' + base58_encode(compressed_pubkey + checksum) return wif, stm_pubkey def main(): print("=== Offline Hive Memo Tool ===") while True: print("\nOptions:") print("1. Generate new key pair") print("2. Encrypt message") print("3. Decrypt message") print("4. Exit") choice = input("\nEnter choice (1-4): ").strip() if choice == '1': print("\nGenerating new Hive key pair...") private_key, public_key = generate_hive_keys() print(f"Private Key (WIF): {private_key}") print(f"Public Key (STM): {public_key}") elif choice == '2': try: message = input("\nEnter message to encrypt: ") recipient_pubkey = input("Enter recipient's public key (STM...): ").strip() sender_privkey = input("Enter your private key (5...): ").strip() filename = input("Enter output filename: ").strip() encrypted = encrypt_message(message, recipient_pubkey, sender_privkey) with open(filename, 'w') as f: f.write(encrypted) print(f"\nMessage encrypted and saved to {filename}") print(f"Encrypted memo: {encrypted}") except Exception as e: print(f"Encryption error: {e}") elif choice == '3': try: filename = input("\nEnter encrypted file path: ").strip() private_key = input("Enter your private key (5...): ").strip() with open(filename, 'r') as f: encrypted_memo = f.read().strip() decrypted_message, sender_pubkey = decrypt_message(encrypted_memo, private_key) print(f"\nDecrypted message: {decrypted_message}") print(f"Sender's public key: {sender_pubkey}") print(f"\n(You can reply by encrypting a message to: {sender_pubkey})") except Exception as e: print(f"Decryption error: {e}") elif choice == '4': print("Goodbye!") break else: print("Invalid choice. Please try again.") if __name__ == "__main__": main() </pre> * OutPut: <pre> === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): </pre> ==Example Use == * In this example 2 key pairs where created, to send and receive <pre> (hive_beem_env) ubuntu@keys:~$ python3 crypt.py === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 1 Generating new Hive key pair... Private Key (WIF): 5KR1behsskwnusyUMGZMNVdemVFUvoJTLkj4M7UhN3jpv7G5yK8 Public Key (STM): STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 1 Generating new Hive key pair... Private Key (WIF): 5JZqP9VBVL5tTqHCuAjPd4WuJDv84e56fA48wc6CnKtMq6Z4cVe Public Key (STM): STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 4 Goodbye! (hive_beem_env) ubuntu@keys:~$ python3 crypt.py === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: test message Enter recipient's public key (STM...): STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU Enter your private key (5...): 5KR1behsskwnusyUMGZMNVdemVFUvoJTLkj4M7UhN3jpv7G5yK8 Enter output filename: test.msg Message encrypted and saved to test.msg Encrypted memo: #ha05gnlySH/UCOEW78Gx6FFlqYSvylks99XfTfyzp7Pq1Zx/o0YDrvCBZIM9v6wiccjyNOkcwT45rzI5MXBIyGsoHDN6lC4D Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: test.msg Enter your private key (5...): 5JZqP9VBVL5tTqHCuAjPd4WuJDv84e56fA48wc6CnKtMq6Z4cVe Decrypted message: test message Sender's public key: STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK (You can reply by encrypting a message to: STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: so not doing much then? Enter recipient's public key (STM...): STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK Enter your private key (5...): 5JZqP9VBVL5tTqHCuAjPd4WuJDv84e56fA48wc6CnKtMq6Z4cVe Enter output filename: test2.msg Message encrypted and saved to test2.msg Encrypted memo: #f0SOHdMtUA5az+j9s3iwVbThCKvHCy1j3mLZTS45ymAYtAAhVv+6g9Bll1V0unDOIksVC2mdTduPor9IKM4DygfrQz1KSxsf3uC/za+Jxd6BIv4N5l5L1g== Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: test2.msg Enter your private key (5...): 5KR1behsskwnusyUMGZMNVdemVFUvoJTLkj4M7UhN3jpv7G5yK8 Decrypted message: so not doing much then? Sender's public key: STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU (You can reply by encrypting a message to: STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): </pre> == Example of Script use 2 == * Below is some test keys generated for this demo * This time it did not give same public key from signing private key - but still worked. <pre> RECEIVING Key Pair 1: Generating new Hive key pair... Private Key (WIF): 5JxAbGJ7XFcpAY3rW3pmzGapEkyrSf9wz14Lar3ZMvxUpA14uaR Public Key (STM): STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y53YYpF SENDING Key Pair 2: Generating new Hive key pair... Private Key (WIF): 5HvNXDZYh5QFFikGnwv8cs7u2nF6eiUTKPScBfdy4QzvJWqKCLo Public Key (STM): STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkw4eUFg </pre> === Encryption and Decryption Example 2 === <pre> (hive_beem_env) ubuntu@keys:~$ python3 crypt.py === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: yo whats up :) does this make sense to you. Enter recipient's public key (STM...): STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y53YYpF Enter your private key (5...): 5HvNXDZYh5QFFikGnwv8cs7u2nF6eiUTKPScBfdy4QzvJWqKCLo Enter output filename: newtest.msg Message encrypted and saved to newtest.msg Encrypted memo: #syhpjq7Bae/dvF3/yeUdtk9leWooSemGYGSgFlxTXmDl9t4rnDoT1/YHo7HMnf+ZM3FPmMZmNZFeSUUAeWcP+m3g9L/7wvdWP0XXtTqEgoZZOl1BAqJTHIdHxQKDQ1++jLx2YZEkxKo= Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: newtest.msg Enter your private key (5...): 5JxAbGJ7XFcpAY3rW3pmzGapEkyrSf9wz14Lar3ZMvxUpA14uaR Decrypted message: yo whats up :) does this make sense to you. Sender's public key: STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkuxXxXg (You can reply by encrypting a message to: STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkuxXxXg) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: reply to sender Enter recipient's public key (STM...): STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkuxXxXg Enter your private key (5...): 5JxAbGJ7XFcpAY3rW3pmzGapEkyrSf9wz14Lar3ZMvxUpA14uaR Enter output filename: reply.msg Message encrypted and saved to reply.msg Encrypted memo: #x06sC2YmlHQ5qoKbtCsiibPc7YGejYH1mqxsX01cMQ0UhSo6gKLCWM65AjL8dl80Jdhb6iuJlrlCrlZgdZkO8at0vBGTtLin Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: reply.msg Enter your private key (5...): 5HvNXDZYh5QFFikGnwv8cs7u2nF6eiUTKPScBfdy4QzvJWqKCLo Decrypted message: reply to sender Sender's public key: STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y7eTR76 (You can reply by encrypting a message to: STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y7eTR76) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): </pre> tudamm8jdne7q00f9s5acdrrog3p9ms 568 567 2025-06-16T04:32:21Z AwesomO 5 /* Install Beem */ 568 wikitext text/x-wiki * https://hive.blog/hive-138301/@completenoobs/find-hive-users-memo-key-and-send-encrypted-message-l7a =Intro= Learning about hive by tinkering * Find The Memo Public Key from username * Encrypt a Message so only the private key holder of that public key can decrypt ==Creating Container== * Creating a Container so we know reproducable (depends installed ... etc) * create container <code>lxc launch ubuntu:24.04 keys</code> * Login to container <code>lxc exec keys bash</code> * switch to user ubuntu <code>su - ubuntu</code> ==Update Container and Install Dependencies== * Update package lists <code>sudo apt update && sudo apt upgrade -y</code> * Install essential packages <code>sudo apt install -y python3 python3-pip python3-venv git build-essential</code> * Install development libraries needed for compilation <code>sudo apt install -y libssl-dev libffi-dev python3-dev</code> * Verify Python installation <code>python3 --version</code><br> <code>pip3 --version</code> ==Create Virtual Environment (Recommended) == * Create a virtual environment <code>python3 -m venv hive_beem_env</code> * Activate the virtual environment <code>source hive_beem_env/bin/activate</code> * Verify you're in the virtual environment (should show the path) <pre> (hive_beem_env) ubuntu@hive:~$ </pre> =Find a Hive Users Public Keys= * Create Script <code>$EDITOR find-user-keys.py</code> <pre> #!/usr/bin/env python3 import argparse import logging from beem import Hive from beem.account import Account from beem.exceptions import AccountDoesNotExistsException # Set up logging logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s') logger = logging.getLogger(__name__) def get_public_keys(username, nodes=None): """Fetch public keys for a Hive account.""" if nodes is None: nodes = [ "https://api.hive.blog", "https://rpc.ecency.com", "https://api.deathwing.me", "https://fin.hive.3speak.co" ] try: # Initialize Hive instance hive = Hive(node=nodes) logger.info(f"Using node: {hive.rpc.url}") # Get account logger.info(f"Fetching account: {username}") account = Account(username, blockchain_instance=hive) # Get public keys keys = { "posting": account["posting"]["key_auths"][0][0] if account["posting"]["key_auths"] else "None", "active": account["active"]["key_auths"][0][0] if account["active"]["key_auths"] else "None", "owner": account["owner"]["key_auths"][0][0] if account["owner"]["key_auths"] else "None", "memo": account["memo_key"] if account["memo_key"] else "None" } # Print keys print(f"\nPublic Keys for @{username}:") for key_type, key_value in keys.items(): print(f"{key_type.capitalize()}: {key_value}") # Save to file with open(f"{username}_public_keys.txt", "w", encoding="utf-8") as f: f.write(f"Public Keys for @{username}:\n") for key_type, key_value in keys.items(): f.write(f"{key_type.capitalize()}: {key_value}\n") print(f"Saved keys to {username}_public_keys.txt") return keys except AccountDoesNotExistsException: logger.error(f"Account does not exist: {username}") print(f"Error: The account '{username}' does not exist on the Hive blockchain.") except Exception as e: logger.error(f"Error fetching keys for {username}: {str(e)}", exc_info=True) print(f"Error fetching keys: {str(e)}") print("Possible issues: node connectivity or API limits.") def main(): # Set up argument parser parser = argparse.ArgumentParser(description="Fetch public keys for a Hive account.") parser.add_argument("--username", required=True, help="Hive username (e.g., completenoobs)") args = parser.parse_args() # Fetch keys get_public_keys(args.username) if __name__ == "__main__": main() </pre> * To use script <code>python3 find-user-keys.py --username completenoobs</code> * OutPut: <pre> (hive_beem_env) ubuntu@keys:~$ python3 find-user-keys.py --user completenoobs 2025-06-16 02:55:48,890 - INFO - Using node: https://api.hive.blog 2025-06-16 02:55:48,890 - INFO - Fetching account: completenoobs Public Keys for @completenoobs: Posting: STM52HfmA7gmnAjq8eQbAPgTxijsoVwm3T439dgeVqjC4baXUyJSV Active: STM4zGfF1K9TbMoCcE2eLtTwrBwVybEhgu5yfBv99nhR6kjf5Hv97 Owner: STM8jjM8CowxH6ttosaUXCK5NufZQMga18KRD6vq1LrmTH4u4poQW Memo: STM5u4bQRcCFfbGgg29TabvAmYsMdM6eGK8sj7sJDWPPpz6SwAums Saved keys to completenoobs_public_keys.txt </pre> * Will also create a text file container user keys in same directory script run: =Encrypting and Decrypting= * Install Missing Depends <code>pip install cryptography</code> * Create Script <code>$EDITOR crypt.py</code> <pre> #!/usr/bin/env python3 """ Offline Hive Memo Encryption/Decryption Encrypts to public key and decrypts with private key without network access Compatible with Hive memo format """ import hashlib import hmac import struct import base64 import os from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.asymmetric import ec from cryptography.hazmat.primitives.serialization import Encoding, PrivateFormat, PublicFormat, NoEncryption # Base58 alphabet used by Bitcoin/Hive BASE58_ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz' def base58_encode(data): """Encode bytes to base58""" count = 0 for byte in data: if byte == 0: count += 1 else: break encoded = '' num = int.from_bytes(data, 'big') while num > 0: num, remainder = divmod(num, 58) encoded = BASE58_ALPHABET[remainder] + encoded return '1' * count + encoded def base58_decode(s): """Decode base58 to bytes""" count = 0 for char in s: if char == '1': count += 1 else: break num = 0 for char in s: num = num * 58 + BASE58_ALPHABET.index(char) decoded = num.to_bytes((num.bit_length() + 7) // 8, 'big') return b'\x00' * count + decoded def wif_to_private_key(wif): """Convert WIF format to private key bytes""" decoded = base58_decode(wif) # Remove version byte (0x80) and checksum (last 4 bytes) private_key_bytes = decoded[1:-4] return private_key_bytes def private_key_from_wif(wif): """Generate private key object from WIF""" private_key_bytes = wif_to_private_key(wif) private_key = ec.derive_private_key( int.from_bytes(private_key_bytes, 'big'), ec.SECP256K1(), default_backend() ) return private_key def stm_to_public_key(stm_key): """Convert STM format public key to cryptography public key object""" # Remove STM prefix and decode key_data = base58_decode(stm_key[3:]) # Remove checksum (last 4 bytes) point_data = key_data[:-4] # Parse compressed public key (33 bytes: 0x02/0x03 + 32 bytes) if len(point_data) == 33: x = int.from_bytes(point_data[1:], 'big') y_is_even = point_data[0] == 0x02 # Calculate y coordinate p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F y_squared = (pow(x, 3, p) + 7) % p y = pow(y_squared, (p + 1) // 4, p) if y % 2 != (0 if y_is_even else 1): y = p - y public_key = ec.EllipticCurvePublicKey.from_encoded_point( ec.SECP256K1(), b'\x04' + x.to_bytes(32, 'big') + y.to_bytes(32, 'big') ) return public_key raise ValueError("Invalid public key format") def generate_shared_secret(private_key, public_key): """Generate shared secret using ECDH""" if isinstance(private_key, str): private_key = public_key_from_wif(private_key).private_key() shared_point = private_key.exchange(ec.ECDH(), public_key) return shared_point def encrypt_message(message, recipient_public_key, sender_private_key): """Encrypt message using Hive memo format""" # Generate shared secret if isinstance(sender_private_key, str): sender_private_key_obj = private_key_from_wif(sender_private_key) else: sender_private_key_obj = sender_private_key if isinstance(recipient_public_key, str): recipient_public_key_obj = stm_to_public_key(recipient_public_key) else: recipient_public_key_obj = recipient_public_key shared_secret = generate_shared_secret(sender_private_key_obj, recipient_public_key_obj) # Generate nonce nonce = os.urandom(8) # Derive encryption key key_material = shared_secret + nonce encryption_key = hashlib.sha512(key_material).digest()[:32] # Encrypt message iv = os.urandom(16) cipher = Cipher(algorithms.AES(encryption_key), modes.CBC(iv), backend=default_backend()) encryptor = cipher.encryptor() # Pad message to 16-byte boundary padded_message = message.encode('utf-8') padding_length = 16 - (len(padded_message) % 16) padded_message += bytes([padding_length] * padding_length) ciphertext = encryptor.update(padded_message) + encryptor.finalize() # Get sender's public key for the memo sender_public_key = sender_private_key_obj.public_key() sender_public_key_bytes = sender_public_key.public_numbers().x.to_bytes(32, 'big') # Create memo format: nonce + sender_pubkey + iv + ciphertext memo_data = nonce + sender_public_key_bytes + iv + ciphertext # Encode as base64 and add # prefix encoded_memo = '#' + base64.b64encode(memo_data).decode('utf-8') return encoded_memo def decrypt_message(encrypted_memo, recipient_private_key): """Decrypt message using Hive memo format""" # Remove # prefix and decode base64 if not encrypted_memo.startswith('#'): raise ValueError("Invalid memo format - should start with #") memo_data = base64.b64decode(encrypted_memo[1:]) # Parse memo components nonce = memo_data[:8] sender_pubkey_x = memo_data[8:40] iv = memo_data[40:56] ciphertext = memo_data[56:] # Reconstruct sender's public key (assuming even y coordinate) sender_x = int.from_bytes(sender_pubkey_x, 'big') p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F y_squared = (pow(sender_x, 3, p) + 7) % p y = pow(y_squared, (p + 1) // 4, p) # Try even y coordinate first try: if y % 2 != 0: y = p - y sender_public_key = ec.EllipticCurvePublicKey.from_encoded_point( ec.SECP256K1(), b'\x04' + sender_x.to_bytes(32, 'big') + y.to_bytes(32, 'big') ) except: # Try odd y coordinate y = p - y sender_public_key = ec.EllipticCurvePublicKey.from_encoded_point( ec.SECP256K1(), b'\x04' + sender_x.to_bytes(32, 'big') + y.to_bytes(32, 'big') ) # Convert sender's public key to STM format for display sender_public_numbers = sender_public_key.public_numbers() x = sender_public_numbers.x.to_bytes(32, 'big') y_is_even = sender_public_numbers.y % 2 == 0 compressed_pubkey = (b'\x02' if y_is_even else b'\x03') + x checksum = hashlib.sha256(compressed_pubkey).digest()[:4] sender_stm_pubkey = 'STM' + base58_encode(compressed_pubkey + checksum) # Generate shared secret if isinstance(recipient_private_key, str): recipient_private_key_obj = private_key_from_wif(recipient_private_key) else: recipient_private_key_obj = recipient_private_key shared_secret = generate_shared_secret(recipient_private_key_obj, sender_public_key) # Derive decryption key key_material = shared_secret + nonce decryption_key = hashlib.sha512(key_material).digest()[:32] # Decrypt message cipher = Cipher(algorithms.AES(decryption_key), modes.CBC(iv), backend=default_backend()) decryptor = cipher.decryptor() padded_message = decryptor.update(ciphertext) + decryptor.finalize() # Remove padding padding_length = padded_message[-1] message = padded_message[:-padding_length].decode('utf-8') return message, sender_stm_pubkey def generate_hive_keys(): """Generate a new Hive-compatible key pair""" private_key = ec.generate_private_key(ec.SECP256K1(), default_backend()) private_key_bytes = private_key.private_numbers().private_value.to_bytes(32, 'big') # Create WIF format extended_key = b'\x80' + private_key_bytes checksum = hashlib.sha256(hashlib.sha256(extended_key).digest()).digest()[:4] wif = base58_encode(extended_key + checksum) # Create STM format public key public_key = private_key.public_key() public_key_point = public_key.public_numbers() # Compress public key x = public_key_point.x.to_bytes(32, 'big') y_is_even = public_key_point.y % 2 == 0 compressed_pubkey = (b'\x02' if y_is_even else b'\x03') + x # Add checksum for STM format checksum = hashlib.sha256(compressed_pubkey).digest()[:4] stm_pubkey = 'STM' + base58_encode(compressed_pubkey + checksum) return wif, stm_pubkey def main(): print("=== Offline Hive Memo Tool ===") while True: print("\nOptions:") print("1. Generate new key pair") print("2. Encrypt message") print("3. Decrypt message") print("4. Exit") choice = input("\nEnter choice (1-4): ").strip() if choice == '1': print("\nGenerating new Hive key pair...") private_key, public_key = generate_hive_keys() print(f"Private Key (WIF): {private_key}") print(f"Public Key (STM): {public_key}") elif choice == '2': try: message = input("\nEnter message to encrypt: ") recipient_pubkey = input("Enter recipient's public key (STM...): ").strip() sender_privkey = input("Enter your private key (5...): ").strip() filename = input("Enter output filename: ").strip() encrypted = encrypt_message(message, recipient_pubkey, sender_privkey) with open(filename, 'w') as f: f.write(encrypted) print(f"\nMessage encrypted and saved to {filename}") print(f"Encrypted memo: {encrypted}") except Exception as e: print(f"Encryption error: {e}") elif choice == '3': try: filename = input("\nEnter encrypted file path: ").strip() private_key = input("Enter your private key (5...): ").strip() with open(filename, 'r') as f: encrypted_memo = f.read().strip() decrypted_message, sender_pubkey = decrypt_message(encrypted_memo, private_key) print(f"\nDecrypted message: {decrypted_message}") print(f"Sender's public key: {sender_pubkey}") print(f"\n(You can reply by encrypting a message to: {sender_pubkey})") except Exception as e: print(f"Decryption error: {e}") elif choice == '4': print("Goodbye!") break else: print("Invalid choice. Please try again.") if __name__ == "__main__": main() </pre> * OutPut: <pre> === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): </pre> ==Example Use == * In this example 2 key pairs where created, to send and receive <pre> (hive_beem_env) ubuntu@keys:~$ python3 crypt.py === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 1 Generating new Hive key pair... Private Key (WIF): 5KR1behsskwnusyUMGZMNVdemVFUvoJTLkj4M7UhN3jpv7G5yK8 Public Key (STM): STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 1 Generating new Hive key pair... Private Key (WIF): 5JZqP9VBVL5tTqHCuAjPd4WuJDv84e56fA48wc6CnKtMq6Z4cVe Public Key (STM): STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 4 Goodbye! (hive_beem_env) ubuntu@keys:~$ python3 crypt.py === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: test message Enter recipient's public key (STM...): STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU Enter your private key (5...): 5KR1behsskwnusyUMGZMNVdemVFUvoJTLkj4M7UhN3jpv7G5yK8 Enter output filename: test.msg Message encrypted and saved to test.msg Encrypted memo: #ha05gnlySH/UCOEW78Gx6FFlqYSvylks99XfTfyzp7Pq1Zx/o0YDrvCBZIM9v6wiccjyNOkcwT45rzI5MXBIyGsoHDN6lC4D Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: test.msg Enter your private key (5...): 5JZqP9VBVL5tTqHCuAjPd4WuJDv84e56fA48wc6CnKtMq6Z4cVe Decrypted message: test message Sender's public key: STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK (You can reply by encrypting a message to: STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: so not doing much then? Enter recipient's public key (STM...): STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK Enter your private key (5...): 5JZqP9VBVL5tTqHCuAjPd4WuJDv84e56fA48wc6CnKtMq6Z4cVe Enter output filename: test2.msg Message encrypted and saved to test2.msg Encrypted memo: #f0SOHdMtUA5az+j9s3iwVbThCKvHCy1j3mLZTS45ymAYtAAhVv+6g9Bll1V0unDOIksVC2mdTduPor9IKM4DygfrQz1KSxsf3uC/za+Jxd6BIv4N5l5L1g== Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: test2.msg Enter your private key (5...): 5KR1behsskwnusyUMGZMNVdemVFUvoJTLkj4M7UhN3jpv7G5yK8 Decrypted message: so not doing much then? Sender's public key: STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU (You can reply by encrypting a message to: STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): </pre> == Example of Script use 2 == * Below is some test keys generated for this demo * This time it did not give same public key from signing private key - but still worked. <pre> RECEIVING Key Pair 1: Generating new Hive key pair... Private Key (WIF): 5JxAbGJ7XFcpAY3rW3pmzGapEkyrSf9wz14Lar3ZMvxUpA14uaR Public Key (STM): STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y53YYpF SENDING Key Pair 2: Generating new Hive key pair... Private Key (WIF): 5HvNXDZYh5QFFikGnwv8cs7u2nF6eiUTKPScBfdy4QzvJWqKCLo Public Key (STM): STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkw4eUFg </pre> === Encryption and Decryption Example 2 === <pre> (hive_beem_env) ubuntu@keys:~$ python3 crypt.py === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: yo whats up :) does this make sense to you. Enter recipient's public key (STM...): STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y53YYpF Enter your private key (5...): 5HvNXDZYh5QFFikGnwv8cs7u2nF6eiUTKPScBfdy4QzvJWqKCLo Enter output filename: newtest.msg Message encrypted and saved to newtest.msg Encrypted memo: #syhpjq7Bae/dvF3/yeUdtk9leWooSemGYGSgFlxTXmDl9t4rnDoT1/YHo7HMnf+ZM3FPmMZmNZFeSUUAeWcP+m3g9L/7wvdWP0XXtTqEgoZZOl1BAqJTHIdHxQKDQ1++jLx2YZEkxKo= Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: newtest.msg Enter your private key (5...): 5JxAbGJ7XFcpAY3rW3pmzGapEkyrSf9wz14Lar3ZMvxUpA14uaR Decrypted message: yo whats up :) does this make sense to you. Sender's public key: STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkuxXxXg (You can reply by encrypting a message to: STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkuxXxXg) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: reply to sender Enter recipient's public key (STM...): STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkuxXxXg Enter your private key (5...): 5JxAbGJ7XFcpAY3rW3pmzGapEkyrSf9wz14Lar3ZMvxUpA14uaR Enter output filename: reply.msg Message encrypted and saved to reply.msg Encrypted memo: #x06sC2YmlHQ5qoKbtCsiibPc7YGejYH1mqxsX01cMQ0UhSo6gKLCWM65AjL8dl80Jdhb6iuJlrlCrlZgdZkO8at0vBGTtLin Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: reply.msg Enter your private key (5...): 5HvNXDZYh5QFFikGnwv8cs7u2nF6eiUTKPScBfdy4QzvJWqKCLo Decrypted message: reply to sender Sender's public key: STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y7eTR76 (You can reply by encrypting a message to: STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y7eTR76) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): </pre> n6yeiwjt21chk9hrnmjcaavsngl38h9 569 568 2025-06-16T04:33:00Z AwesomO 5 /* Create Virtual Environment (Recommended) */ 569 wikitext text/x-wiki * https://hive.blog/hive-138301/@completenoobs/find-hive-users-memo-key-and-send-encrypted-message-l7a =Intro= Learning about hive by tinkering * Find The Memo Public Key from username * Encrypt a Message so only the private key holder of that public key can decrypt ==Creating Container== * Creating a Container so we know reproducable (depends installed ... etc) * create container <code>lxc launch ubuntu:24.04 keys</code> * Login to container <code>lxc exec keys bash</code> * switch to user ubuntu <code>su - ubuntu</code> ==Update Container and Install Dependencies== * Update package lists <code>sudo apt update && sudo apt upgrade -y</code> * Install essential packages <code>sudo apt install -y python3 python3-pip python3-venv git build-essential</code> * Install development libraries needed for compilation <code>sudo apt install -y libssl-dev libffi-dev python3-dev</code> * Verify Python installation <code>python3 --version</code><br> <code>pip3 --version</code> ==Create Virtual Environment (Recommended) == * Create a virtual environment <code>python3 -m venv hive_beem_env</code> * Activate the virtual environment <code>source hive_beem_env/bin/activate</code> * Verify you're in the virtual environment (should show the path) <pre> (hive_beem_env) ubuntu@hive:~$ </pre> ==Install Beem== * NOTE: Beem is installed in Virtual Environment to avoid <code>error: externally-managed-environment</code> * Install beem from PyPI <code>pip install beem</code> * Verify installation <code>python -c "import beem; print(beem.__version__)"</code> =Find a Hive Users Public Keys= * Create Script <code>$EDITOR find-user-keys.py</code> <pre> #!/usr/bin/env python3 import argparse import logging from beem import Hive from beem.account import Account from beem.exceptions import AccountDoesNotExistsException # Set up logging logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s') logger = logging.getLogger(__name__) def get_public_keys(username, nodes=None): """Fetch public keys for a Hive account.""" if nodes is None: nodes = [ "https://api.hive.blog", "https://rpc.ecency.com", "https://api.deathwing.me", "https://fin.hive.3speak.co" ] try: # Initialize Hive instance hive = Hive(node=nodes) logger.info(f"Using node: {hive.rpc.url}") # Get account logger.info(f"Fetching account: {username}") account = Account(username, blockchain_instance=hive) # Get public keys keys = { "posting": account["posting"]["key_auths"][0][0] if account["posting"]["key_auths"] else "None", "active": account["active"]["key_auths"][0][0] if account["active"]["key_auths"] else "None", "owner": account["owner"]["key_auths"][0][0] if account["owner"]["key_auths"] else "None", "memo": account["memo_key"] if account["memo_key"] else "None" } # Print keys print(f"\nPublic Keys for @{username}:") for key_type, key_value in keys.items(): print(f"{key_type.capitalize()}: {key_value}") # Save to file with open(f"{username}_public_keys.txt", "w", encoding="utf-8") as f: f.write(f"Public Keys for @{username}:\n") for key_type, key_value in keys.items(): f.write(f"{key_type.capitalize()}: {key_value}\n") print(f"Saved keys to {username}_public_keys.txt") return keys except AccountDoesNotExistsException: logger.error(f"Account does not exist: {username}") print(f"Error: The account '{username}' does not exist on the Hive blockchain.") except Exception as e: logger.error(f"Error fetching keys for {username}: {str(e)}", exc_info=True) print(f"Error fetching keys: {str(e)}") print("Possible issues: node connectivity or API limits.") def main(): # Set up argument parser parser = argparse.ArgumentParser(description="Fetch public keys for a Hive account.") parser.add_argument("--username", required=True, help="Hive username (e.g., completenoobs)") args = parser.parse_args() # Fetch keys get_public_keys(args.username) if __name__ == "__main__": main() </pre> * To use script <code>python3 find-user-keys.py --username completenoobs</code> * OutPut: <pre> (hive_beem_env) ubuntu@keys:~$ python3 find-user-keys.py --user completenoobs 2025-06-16 02:55:48,890 - INFO - Using node: https://api.hive.blog 2025-06-16 02:55:48,890 - INFO - Fetching account: completenoobs Public Keys for @completenoobs: Posting: STM52HfmA7gmnAjq8eQbAPgTxijsoVwm3T439dgeVqjC4baXUyJSV Active: STM4zGfF1K9TbMoCcE2eLtTwrBwVybEhgu5yfBv99nhR6kjf5Hv97 Owner: STM8jjM8CowxH6ttosaUXCK5NufZQMga18KRD6vq1LrmTH4u4poQW Memo: STM5u4bQRcCFfbGgg29TabvAmYsMdM6eGK8sj7sJDWPPpz6SwAums Saved keys to completenoobs_public_keys.txt </pre> * Will also create a text file container user keys in same directory script run: =Encrypting and Decrypting= * Install Missing Depends <code>pip install cryptography</code> * Create Script <code>$EDITOR crypt.py</code> <pre> #!/usr/bin/env python3 """ Offline Hive Memo Encryption/Decryption Encrypts to public key and decrypts with private key without network access Compatible with Hive memo format """ import hashlib import hmac import struct import base64 import os from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.asymmetric import ec from cryptography.hazmat.primitives.serialization import Encoding, PrivateFormat, PublicFormat, NoEncryption # Base58 alphabet used by Bitcoin/Hive BASE58_ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz' def base58_encode(data): """Encode bytes to base58""" count = 0 for byte in data: if byte == 0: count += 1 else: break encoded = '' num = int.from_bytes(data, 'big') while num > 0: num, remainder = divmod(num, 58) encoded = BASE58_ALPHABET[remainder] + encoded return '1' * count + encoded def base58_decode(s): """Decode base58 to bytes""" count = 0 for char in s: if char == '1': count += 1 else: break num = 0 for char in s: num = num * 58 + BASE58_ALPHABET.index(char) decoded = num.to_bytes((num.bit_length() + 7) // 8, 'big') return b'\x00' * count + decoded def wif_to_private_key(wif): """Convert WIF format to private key bytes""" decoded = base58_decode(wif) # Remove version byte (0x80) and checksum (last 4 bytes) private_key_bytes = decoded[1:-4] return private_key_bytes def private_key_from_wif(wif): """Generate private key object from WIF""" private_key_bytes = wif_to_private_key(wif) private_key = ec.derive_private_key( int.from_bytes(private_key_bytes, 'big'), ec.SECP256K1(), default_backend() ) return private_key def stm_to_public_key(stm_key): """Convert STM format public key to cryptography public key object""" # Remove STM prefix and decode key_data = base58_decode(stm_key[3:]) # Remove checksum (last 4 bytes) point_data = key_data[:-4] # Parse compressed public key (33 bytes: 0x02/0x03 + 32 bytes) if len(point_data) == 33: x = int.from_bytes(point_data[1:], 'big') y_is_even = point_data[0] == 0x02 # Calculate y coordinate p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F y_squared = (pow(x, 3, p) + 7) % p y = pow(y_squared, (p + 1) // 4, p) if y % 2 != (0 if y_is_even else 1): y = p - y public_key = ec.EllipticCurvePublicKey.from_encoded_point( ec.SECP256K1(), b'\x04' + x.to_bytes(32, 'big') + y.to_bytes(32, 'big') ) return public_key raise ValueError("Invalid public key format") def generate_shared_secret(private_key, public_key): """Generate shared secret using ECDH""" if isinstance(private_key, str): private_key = public_key_from_wif(private_key).private_key() shared_point = private_key.exchange(ec.ECDH(), public_key) return shared_point def encrypt_message(message, recipient_public_key, sender_private_key): """Encrypt message using Hive memo format""" # Generate shared secret if isinstance(sender_private_key, str): sender_private_key_obj = private_key_from_wif(sender_private_key) else: sender_private_key_obj = sender_private_key if isinstance(recipient_public_key, str): recipient_public_key_obj = stm_to_public_key(recipient_public_key) else: recipient_public_key_obj = recipient_public_key shared_secret = generate_shared_secret(sender_private_key_obj, recipient_public_key_obj) # Generate nonce nonce = os.urandom(8) # Derive encryption key key_material = shared_secret + nonce encryption_key = hashlib.sha512(key_material).digest()[:32] # Encrypt message iv = os.urandom(16) cipher = Cipher(algorithms.AES(encryption_key), modes.CBC(iv), backend=default_backend()) encryptor = cipher.encryptor() # Pad message to 16-byte boundary padded_message = message.encode('utf-8') padding_length = 16 - (len(padded_message) % 16) padded_message += bytes([padding_length] * padding_length) ciphertext = encryptor.update(padded_message) + encryptor.finalize() # Get sender's public key for the memo sender_public_key = sender_private_key_obj.public_key() sender_public_key_bytes = sender_public_key.public_numbers().x.to_bytes(32, 'big') # Create memo format: nonce + sender_pubkey + iv + ciphertext memo_data = nonce + sender_public_key_bytes + iv + ciphertext # Encode as base64 and add # prefix encoded_memo = '#' + base64.b64encode(memo_data).decode('utf-8') return encoded_memo def decrypt_message(encrypted_memo, recipient_private_key): """Decrypt message using Hive memo format""" # Remove # prefix and decode base64 if not encrypted_memo.startswith('#'): raise ValueError("Invalid memo format - should start with #") memo_data = base64.b64decode(encrypted_memo[1:]) # Parse memo components nonce = memo_data[:8] sender_pubkey_x = memo_data[8:40] iv = memo_data[40:56] ciphertext = memo_data[56:] # Reconstruct sender's public key (assuming even y coordinate) sender_x = int.from_bytes(sender_pubkey_x, 'big') p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F y_squared = (pow(sender_x, 3, p) + 7) % p y = pow(y_squared, (p + 1) // 4, p) # Try even y coordinate first try: if y % 2 != 0: y = p - y sender_public_key = ec.EllipticCurvePublicKey.from_encoded_point( ec.SECP256K1(), b'\x04' + sender_x.to_bytes(32, 'big') + y.to_bytes(32, 'big') ) except: # Try odd y coordinate y = p - y sender_public_key = ec.EllipticCurvePublicKey.from_encoded_point( ec.SECP256K1(), b'\x04' + sender_x.to_bytes(32, 'big') + y.to_bytes(32, 'big') ) # Convert sender's public key to STM format for display sender_public_numbers = sender_public_key.public_numbers() x = sender_public_numbers.x.to_bytes(32, 'big') y_is_even = sender_public_numbers.y % 2 == 0 compressed_pubkey = (b'\x02' if y_is_even else b'\x03') + x checksum = hashlib.sha256(compressed_pubkey).digest()[:4] sender_stm_pubkey = 'STM' + base58_encode(compressed_pubkey + checksum) # Generate shared secret if isinstance(recipient_private_key, str): recipient_private_key_obj = private_key_from_wif(recipient_private_key) else: recipient_private_key_obj = recipient_private_key shared_secret = generate_shared_secret(recipient_private_key_obj, sender_public_key) # Derive decryption key key_material = shared_secret + nonce decryption_key = hashlib.sha512(key_material).digest()[:32] # Decrypt message cipher = Cipher(algorithms.AES(decryption_key), modes.CBC(iv), backend=default_backend()) decryptor = cipher.decryptor() padded_message = decryptor.update(ciphertext) + decryptor.finalize() # Remove padding padding_length = padded_message[-1] message = padded_message[:-padding_length].decode('utf-8') return message, sender_stm_pubkey def generate_hive_keys(): """Generate a new Hive-compatible key pair""" private_key = ec.generate_private_key(ec.SECP256K1(), default_backend()) private_key_bytes = private_key.private_numbers().private_value.to_bytes(32, 'big') # Create WIF format extended_key = b'\x80' + private_key_bytes checksum = hashlib.sha256(hashlib.sha256(extended_key).digest()).digest()[:4] wif = base58_encode(extended_key + checksum) # Create STM format public key public_key = private_key.public_key() public_key_point = public_key.public_numbers() # Compress public key x = public_key_point.x.to_bytes(32, 'big') y_is_even = public_key_point.y % 2 == 0 compressed_pubkey = (b'\x02' if y_is_even else b'\x03') + x # Add checksum for STM format checksum = hashlib.sha256(compressed_pubkey).digest()[:4] stm_pubkey = 'STM' + base58_encode(compressed_pubkey + checksum) return wif, stm_pubkey def main(): print("=== Offline Hive Memo Tool ===") while True: print("\nOptions:") print("1. Generate new key pair") print("2. Encrypt message") print("3. Decrypt message") print("4. Exit") choice = input("\nEnter choice (1-4): ").strip() if choice == '1': print("\nGenerating new Hive key pair...") private_key, public_key = generate_hive_keys() print(f"Private Key (WIF): {private_key}") print(f"Public Key (STM): {public_key}") elif choice == '2': try: message = input("\nEnter message to encrypt: ") recipient_pubkey = input("Enter recipient's public key (STM...): ").strip() sender_privkey = input("Enter your private key (5...): ").strip() filename = input("Enter output filename: ").strip() encrypted = encrypt_message(message, recipient_pubkey, sender_privkey) with open(filename, 'w') as f: f.write(encrypted) print(f"\nMessage encrypted and saved to {filename}") print(f"Encrypted memo: {encrypted}") except Exception as e: print(f"Encryption error: {e}") elif choice == '3': try: filename = input("\nEnter encrypted file path: ").strip() private_key = input("Enter your private key (5...): ").strip() with open(filename, 'r') as f: encrypted_memo = f.read().strip() decrypted_message, sender_pubkey = decrypt_message(encrypted_memo, private_key) print(f"\nDecrypted message: {decrypted_message}") print(f"Sender's public key: {sender_pubkey}") print(f"\n(You can reply by encrypting a message to: {sender_pubkey})") except Exception as e: print(f"Decryption error: {e}") elif choice == '4': print("Goodbye!") break else: print("Invalid choice. Please try again.") if __name__ == "__main__": main() </pre> * OutPut: <pre> === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): </pre> ==Example Use == * In this example 2 key pairs where created, to send and receive <pre> (hive_beem_env) ubuntu@keys:~$ python3 crypt.py === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 1 Generating new Hive key pair... Private Key (WIF): 5KR1behsskwnusyUMGZMNVdemVFUvoJTLkj4M7UhN3jpv7G5yK8 Public Key (STM): STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 1 Generating new Hive key pair... Private Key (WIF): 5JZqP9VBVL5tTqHCuAjPd4WuJDv84e56fA48wc6CnKtMq6Z4cVe Public Key (STM): STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 4 Goodbye! (hive_beem_env) ubuntu@keys:~$ python3 crypt.py === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: test message Enter recipient's public key (STM...): STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU Enter your private key (5...): 5KR1behsskwnusyUMGZMNVdemVFUvoJTLkj4M7UhN3jpv7G5yK8 Enter output filename: test.msg Message encrypted and saved to test.msg Encrypted memo: #ha05gnlySH/UCOEW78Gx6FFlqYSvylks99XfTfyzp7Pq1Zx/o0YDrvCBZIM9v6wiccjyNOkcwT45rzI5MXBIyGsoHDN6lC4D Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: test.msg Enter your private key (5...): 5JZqP9VBVL5tTqHCuAjPd4WuJDv84e56fA48wc6CnKtMq6Z4cVe Decrypted message: test message Sender's public key: STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK (You can reply by encrypting a message to: STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: so not doing much then? Enter recipient's public key (STM...): STM6VsVfhBdhs5pcX7CoTeoyWtxin2SPPFyMPcenbRQjRJLcjwaBK Enter your private key (5...): 5JZqP9VBVL5tTqHCuAjPd4WuJDv84e56fA48wc6CnKtMq6Z4cVe Enter output filename: test2.msg Message encrypted and saved to test2.msg Encrypted memo: #f0SOHdMtUA5az+j9s3iwVbThCKvHCy1j3mLZTS45ymAYtAAhVv+6g9Bll1V0unDOIksVC2mdTduPor9IKM4DygfrQz1KSxsf3uC/za+Jxd6BIv4N5l5L1g== Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: test2.msg Enter your private key (5...): 5KR1behsskwnusyUMGZMNVdemVFUvoJTLkj4M7UhN3jpv7G5yK8 Decrypted message: so not doing much then? Sender's public key: STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU (You can reply by encrypting a message to: STM5aV2anXQonjiBtjSiF8K8g336aDviXQq9j2441hTgVdm3qD3BU) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): </pre> == Example of Script use 2 == * Below is some test keys generated for this demo * This time it did not give same public key from signing private key - but still worked. <pre> RECEIVING Key Pair 1: Generating new Hive key pair... Private Key (WIF): 5JxAbGJ7XFcpAY3rW3pmzGapEkyrSf9wz14Lar3ZMvxUpA14uaR Public Key (STM): STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y53YYpF SENDING Key Pair 2: Generating new Hive key pair... Private Key (WIF): 5HvNXDZYh5QFFikGnwv8cs7u2nF6eiUTKPScBfdy4QzvJWqKCLo Public Key (STM): STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkw4eUFg </pre> === Encryption and Decryption Example 2 === <pre> (hive_beem_env) ubuntu@keys:~$ python3 crypt.py === Offline Hive Memo Tool === Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: yo whats up :) does this make sense to you. Enter recipient's public key (STM...): STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y53YYpF Enter your private key (5...): 5HvNXDZYh5QFFikGnwv8cs7u2nF6eiUTKPScBfdy4QzvJWqKCLo Enter output filename: newtest.msg Message encrypted and saved to newtest.msg Encrypted memo: #syhpjq7Bae/dvF3/yeUdtk9leWooSemGYGSgFlxTXmDl9t4rnDoT1/YHo7HMnf+ZM3FPmMZmNZFeSUUAeWcP+m3g9L/7wvdWP0XXtTqEgoZZOl1BAqJTHIdHxQKDQ1++jLx2YZEkxKo= Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: newtest.msg Enter your private key (5...): 5JxAbGJ7XFcpAY3rW3pmzGapEkyrSf9wz14Lar3ZMvxUpA14uaR Decrypted message: yo whats up :) does this make sense to you. Sender's public key: STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkuxXxXg (You can reply by encrypting a message to: STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkuxXxXg) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 2 Enter message to encrypt: reply to sender Enter recipient's public key (STM...): STM6a9JCL7LXKpKDYjaYiwFtdqydkh9aha5YrH7NoKm3wdkuxXxXg Enter your private key (5...): 5JxAbGJ7XFcpAY3rW3pmzGapEkyrSf9wz14Lar3ZMvxUpA14uaR Enter output filename: reply.msg Message encrypted and saved to reply.msg Encrypted memo: #x06sC2YmlHQ5qoKbtCsiibPc7YGejYH1mqxsX01cMQ0UhSo6gKLCWM65AjL8dl80Jdhb6iuJlrlCrlZgdZkO8at0vBGTtLin Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): 3 Enter encrypted file path: reply.msg Enter your private key (5...): 5HvNXDZYh5QFFikGnwv8cs7u2nF6eiUTKPScBfdy4QzvJWqKCLo Decrypted message: reply to sender Sender's public key: STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y7eTR76 (You can reply by encrypting a message to: STM5KtMabHkqWdwBJavkFRpHd4UkYSMQJiofW3vicw68t6y7eTR76) Options: 1. Generate new key pair 2. Encrypt message 3. Decrypt message 4. Exit Enter choice (1-4): </pre> e8fk2owqulsoim7zxhw20w855q12ysx 0 178 570 2025-06-16T05:13:13Z AwesomO 5 Created page with "* Fetching a syntax_wiki post from HIVE ==Container Setup== * create container <code>lxc launch ubuntu:24.04 hive</code> * Login to container <code>lxc exec hive bash</code> * switch to user ubuntu <code>su - ubuntu</code> ===Update System and Install Dependencies=== * Update package lists <code>sudo apt update && sudo apt upgrade -y</code> * Install essential packages <code>sudo apt install -y python3 python3-pip python3-venv git build-essential</code> * Install de..." 570 wikitext text/x-wiki * Fetching a syntax_wiki post from HIVE ==Container Setup== * create container <code>lxc launch ubuntu:24.04 hive</code> * Login to container <code>lxc exec hive bash</code> * switch to user ubuntu <code>su - ubuntu</code> ===Update System and Install Dependencies=== * Update package lists <code>sudo apt update && sudo apt upgrade -y</code> * Install essential packages <code>sudo apt install -y python3 python3-pip python3-venv git build-essential</code> * Install development libraries needed for compilation <code>sudo apt install -y libssl-dev libffi-dev python3-dev</code> * Verify Python installation <code>python3 --version</code><br> <code>pip3 --version</code> ===Create Virtual Environment (Recommended) === * Create a virtual environment <code>python3 -m venv hive_beem_env</code> * Activate the virtual environment <code>source hive_beem_env/bin/activate</code> * Verify you're in the virtual environment (should show the path) <pre> (hive_beem_env) ubuntu@hive:~$ </pre> ===Install Beem=== * Install beem from PyPI * NOTE: Beem is installed in Virtual Environment to avoid <code>error: externally-managed-environment</code> <code>pip install beem</code> == Script to Fetch Post from HIVE == <code>$EDITOR hive-fetch.py</code> * <b>WARNING THIS SCRIPT IS EARLY CONCEPT DRAFT BUGGY!</b> <pre> #!/usr/bin/env python3 """ Hive Post Fetcher using Beem Fetches raw markdown content from Hive blockchain posts """ import argparse import json import time import xml.etree.ElementTree as ET import xml.dom.minidom as minidom import re from datetime import datetime from urllib.parse import urlparse from beem import Hive from beem.comment import Comment from beem.account import Account class HivePostFetcher: def __init__(self, nodes=None): if nodes is None: nodes = [ "https://api.hive.blog", "https://rpc.ecency.com", "https://api.deathwing.me", "https://fin.hive.3speak.co" ] self.hive = Hive(node=nodes) def parse_hive_url(self, url): """Parse Hive blog URL to extract author and permlink""" try: # Remove trailing slash if present url = url.rstrip('/') # Handle different URL formats: # https://hive.blog/completenoobs/@completenoobs/completenoobs-genesis # https://hive.blog/@completenoobs/completenoobs-genesis # https://peakd.com/@completenoobs/completenoobs-genesis # Extract the path part parsed = urlparse(url) path = parsed.path # Split and filter empty parts parts = [p for p in path.split('/') if p] if len(parts) >= 2: # Find the author (starts with @) author_part = None permlink_part = None for i, part in enumerate(parts): if part.startswith('@'): author_part = part[1:] # Remove @ if i + 1 < len(parts): permlink_part = parts[i + 1] break if author_part and permlink_part: return f"@{author_part}/{permlink_part}" return None except Exception as e: print(f"Error parsing URL: {e}") return None def fetch_single_post(self, authorperm_or_url): """Fetch a single post by author/permlink or URL""" try: # Check if input is a URL if authorperm_or_url.startswith('http'): authorperm = self.parse_hive_url(authorperm_or_url) if not authorperm: return {'success': False, 'error': 'Could not parse URL format'} print(f"Parsed URL to: {authorperm}") else: authorperm = authorperm_or_url post = Comment(authorperm, blockchain_instance=self.hive) return { 'success': True, 'data': { 'title': post.get('title', 'No Title'), 'author': post['author'], 'permlink': post['permlink'], 'authorperm': post['authorperm'], 'created': str(post['created']), 'body': post['body'], 'url': f"https://hive.blog/@{post['author']}/{post['permlink']}", 'tags': post.get('json_metadata', {}).get('tags', []) if post.get('json_metadata') else [], 'category': post.get('category', ''), 'votes': len(post.get('active_votes', [])), 'payout': str(post.get('pending_payout_value', '0.000 HBD')) } } except Exception as e: return {'success': False, 'error': str(e)} def fetch_user_posts(self, username, limit=50): """Fetch all posts by a user using get_account_posts""" try: account = Account(username, blockchain_instance=self.hive) posts = [] # Use get_account_posts method (correct approach) for post in account.get_account_posts(sort="posts", limit=limit): try: posts.append({ 'title': post.get('title', 'No Title'), 'author': post['author'], 'permlink': post['permlink'], 'authorperm': post['authorperm'], 'created': str(post.get('created', '')), 'body': post['body'], 'url': f"https://hive.blog/@{post['author']}/{post['permlink']}", 'tags': post.get('json_metadata', {}).get('tags', []) if post.get('json_metadata') else [], 'category': post.get('category', ''), 'votes': len(post.get('active_votes', [])), 'payout': str(post.get('pending_payout_value', '0.000 HBD')) }) time.sleep(0.3) # Be nice to the API except Exception as e: print(f"Error processing post: {e}") continue return {'success': True, 'data': posts} except Exception as e: return {'success': False, 'error': str(e)} def save_as_json(self, posts, filename): """Save posts as JSON""" with open(filename, 'w', encoding='utf-8') as f: json.dump(posts, f, indent=2, ensure_ascii=False) print(f"✅ Saved {len(posts)} posts to {filename}") def save_as_xml(self, posts, filename): """Save posts as XML""" root = ET.Element("hive_posts") root.set("generated", datetime.now().isoformat()) root.set("count", str(len(posts))) for post in posts: post_elem = ET.SubElement(root, "post") # Add post attributes for key, value in post.items(): if key == 'tags' and isinstance(value, list): tags_elem = ET.SubElement(post_elem, "tags") for tag in value: tag_elem = ET.SubElement(tags_elem, "tag") tag_elem.text = str(tag) elif key == 'body': # Handle body content with CDATA body_elem = ET.SubElement(post_elem, "body") body_elem.text = str(value) else: elem = ET.SubElement(post_elem, key) elem.text = str(value) # Pretty print XML rough_string = ET.tostring(root, encoding='unicode') reparsed = minidom.parseString(rough_string) pretty_xml = reparsed.toprettyxml(indent=" ") with open(filename, 'w', encoding='utf-8') as f: f.write(pretty_xml) print(f"✅ Saved {len(posts)} posts to {filename}") def save_as_wiki(self, posts, filename): """Save posts as MediaWiki syntax""" with open(filename, 'w', encoding='utf-8') as f: f.write("= Hive Posts Export =\n\n") f.write(f"Generated: {datetime.now().strftime('%Y-%m-%d %H:%M:%S')}\n") f.write(f"Total Posts: {len(posts)}\n\n") for i, post in enumerate(posts, 1): # Post header f.write(f"== Post {i}: {post['title']} ==\n\n") # Post metadata table f.write("{| class=\"wikitable\"\n") f.write("|-\n") f.write("! Property !! Value\n") f.write("|-\n") f.write(f"| Author || @{post['author']}\n") f.write("|-\n") f.write(f"| Created || {post['created']}\n") f.write("|-\n") f.write(f"| URL || [{post['url']} View on Hive]\n") f.write("|-\n") f.write(f"| AuthorPerm || {post['authorperm']}\n") f.write("|-\n") f.write(f"| Category || {post.get('category', 'N/A')}\n") f.write("|-\n") f.write(f"| Votes || {post.get('votes', 0)}\n") f.write("|-\n") f.write(f"| Payout || {post.get('payout', 'N/A')}\n") # Tags if post.get('tags'): tags_str = ', '.join([f"[[{tag}]]" for tag in post['tags']]) f.write("|-\n") f.write(f"| Tags || {tags_str}\n") f.write("|}\n\n") # Post content f.write("=== Content ===\n\n") # Convert markdown to wiki syntax (basic conversion) wiki_content = self.markdown_to_wiki(post['body']) f.write(wiki_content) f.write("\n\n") f.write("----\n\n") # Horizontal rule between posts print(f"✅ Saved {len(posts)} posts to {filename}") def markdown_to_wiki(self, markdown_text): """Basic conversion from Markdown to MediaWiki syntax""" wiki_text = markdown_text # Headers wiki_text = re.sub(r'^# (.*)', r'= \1 =', wiki_text, flags=re.MULTILINE) wiki_text = re.sub(r'^## (.*)', r'== \1 ==', wiki_text, flags=re.MULTILINE) wiki_text = re.sub(r'^### (.*)', r'=== \1 ===', wiki_text, flags=re.MULTILINE) wiki_text = re.sub(r'^#### (.*)', r'==== \1 ====', wiki_text, flags=re.MULTILINE) # Bold and italic wiki_text = re.sub(r'\*\*(.*?)\*\*', r"'''\1'''", wiki_text) # Bold wiki_text = re.sub(r'\*(.*?)\*', r"''\1''", wiki_text) # Italic # Links wiki_text = re.sub(r'\[([^\]]+)\]\(([^)]+)\)', r'[\2 \1]', wiki_text) # Code blocks wiki_text = re.sub(r'```(\w*)\n(.*?)```', r'<syntaxhighlight lang="\1">\n\2</syntaxhighlight>', wiki_text, flags=re.DOTALL) wiki_text = re.sub(r'`([^`]+)`', r'<code>\1</code>', wiki_text) # Lists (basic conversion) wiki_text = re.sub(r'^- (.*)', r'* \1', wiki_text, flags=re.MULTILINE) wiki_text = re.sub(r'^\d+\. (.*)', r'# \1', wiki_text, flags=re.MULTILINE) return wiki_text def main(): parser = argparse.ArgumentParser(description='Fetch posts from Hive blockchain') parser.add_argument('--user', type=str, help='Username to fetch posts from') parser.add_argument('--post', type=str, help='Single post to fetch (format: @author/permlink or full URL)') parser.add_argument('--url', type=str, help='Hive blog URL to fetch (e.g., https://hive.blog/@user/post)') parser.add_argument('--limit', type=int, default=20, help='Limit number of posts to fetch') parser.add_argument('--output', type=str, help='Output file name (extension determines format)') parser.add_argument('--format', type=str, choices=['json', 'xml', 'wiki', 'txt'], default='json', help='Output format (json, xml, wiki, txt)') args = parser.parse_args() fetcher = HivePostFetcher() # Handle single post (either --post or --url) single_post_input = args.post or args.url if single_post_input: result = fetcher.fetch_single_post(single_post_input) if result['success']: post_data = result['data'] print(f"Title: {post_data['title']}") print(f"Author: @{post_data['author']}") print(f"Created: {post_data['created']}") print(f"URL: {post_data['url']}") print(f"Category: {post_data['category']}") print(f"Tags: {', '.join(post_data['tags'])}") print(f"Votes: {post_data['votes']}") print(f"Payout: {post_data['payout']}") print("\n" + "="*60 + "\n") print(post_data['body']) # Save single post if output specified if args.output: posts_list = [post_data] output_format = args.format # Auto-detect format from filename extension if not specified if '.' in args.output: ext = args.output.split('.')[-1].lower() if ext in ['json', 'xml', 'wiki', 'txt']: output_format = ext if output_format == 'json': fetcher.save_as_json(posts_list, args.output) elif output_format == 'xml': fetcher.save_as_xml(posts_list, args.output) elif output_format == 'wiki': fetcher.save_as_wiki(posts_list, args.output) else: # txt format with open(args.output, 'w', encoding='utf-8') as f: f.write(f"Title: {post_data['title']}\n") f.write(f"Author: @{post_data['author']}\n") f.write(f"Created: {post_data['created']}\n") f.write(f"URL: {post_data['url']}\n") f.write(f"AuthorPerm: {post_data['authorperm']}\n") f.write("="*60 + "\n\n") f.write(post_data['body']) print(f"✅ Saved to {args.output}") else: print(f"Error: {result['error']}") elif args.user: result = fetcher.fetch_user_posts(args.user, args.limit) if result['success']: posts = result['data'] print(f"Fetched {len(posts)} posts for @{args.user}") if args.output: output_format = args.format # Auto-detect format from filename extension if '.' in args.output: ext = args.output.split('.')[-1].lower() if ext in ['json', 'xml', 'wiki', 'txt']: output_format = ext if output_format == 'json': fetcher.save_as_json(posts, args.output) elif output_format == 'xml': fetcher.save_as_xml(posts, args.output) elif output_format == 'wiki': fetcher.save_as_wiki(posts, args.output) else: # txt format with open(args.output, 'w', encoding='utf-8') as f: for i, post in enumerate(posts, 1): f.write(f"{'='*60}\n") f.write(f"POST {i}: {post['title']}\n") f.write(f"Author: @{post['author']}\n") f.write(f"Created: {post['created']}\n") f.write(f"URL: {post['url']}\n") f.write(f"AuthorPerm: {post['authorperm']}\n") f.write(f"Tags: {', '.join(post['tags'])}\n") f.write(f"{'='*60}\n\n") f.write(post['body']) f.write(f"\n\n{'='*60}\n\n") print(f"✅ Saved to {args.output}") else: for i, post in enumerate(posts, 1): print(f"\n{i}. {post['title']}") print(f" Created: {post['created']}") print(f" URL: {post['url']}") print(f" Tags: {', '.join(post['tags'])}") else: print(f"Error: {result['error']}") else: parser.print_help() print("\nExamples:") print(" # Fetch user posts as JSON") print(" python hive_fetcher.py --user completenoobs --limit 10 --output posts.json") print("") print(" # Fetch user posts as XML") print(" python hive_fetcher.py --user completenoobs --output posts.xml") print("") print(" # Fetch user posts as Wiki syntax") print(" python hive_fetcher.py --user completenoobs --output posts.wiki") print("") print(" # Fetch specific post by URL") print(" python hive_fetcher.py --url 'https://hive.blog/completenoobs/@completenoobs/completenoobs-genesis'") print("") print(" # Fetch specific post by authorperm") print(" python hive_fetcher.py --post '@completenoobs/completenoobs-genesis' --output genesis.xml") if __name__ == "__main__": main() </pre> ===How to use script === <pre> usage: hive-fetch.py [-h] [--user USER] [--post POST] [--url URL] [--limit LIMIT] [--output OUTPUT] [--format {json,xml,wiki,txt}] Fetch posts from Hive blockchain options: -h, --help show this help message and exit --user USER Username to fetch posts from --post POST Single post to fetch (format: @author/permlink or full URL) --url URL Hive blog URL to fetch (e.g., https://hive.blog/@user/post) --limit LIMIT Limit number of posts to fetch --output OUTPUT Output file name (extension determines format) --format {json,xml,wiki,txt} Output format (json, xml, wiki, txt) Examples: # Fetch user posts as JSON python hive_fetcher.py --user completenoobs --limit 10 --output posts.json # Fetch user posts as XML python hive_fetcher.py --user completenoobs --output posts.xml # Fetch user posts as Wiki syntax python hive_fetcher.py --user completenoobs --output posts.wiki # Fetch specific post by URL python hive_fetcher.py --url 'https://hive.blog/completenoobs/@completenoobs/completenoobs-genesis' # Fetch specific post by authorperm python hive_fetcher.py --post '@completenoobs/completenoobs-genesis' --output genesis.xml </pre> ===Examples=== * <b>syntax_wiki</b> example post: https://hive.blog/hive-138301/@completenoobs/find-hive-users-memo-key-and-send-encrypted-message-l7a * <b>syntax_mark<b> example post: https://hive.blog/completenoobs/@completenoobs/n33bcoin-how-to-fork-bitcoin-for-learning-by-tinkering ====To print text of post to terminal:==== <code>python3 hive-fetch.py --url https://hive.blog/hive-138301/@completenoobs/find-hive-users-memo-key-and-send-encrypted-message-l7a</code> ====To print syntax_wiki to file==== <code>python3 hive-fetch.py --url "https://hive.blog/hive-138301/@completenoobs/find-hive-users-memo-key-and-send-encrypted-message-l7a" --output test.wiki</code> ====To print syntax_markdown to syntax_wiki - BUGGY==== <code>python3 hive-fetch.py --url "https://hive.blog/completenoobs/@completenoobs/n33bcoin-how-to-fork-bitcoin-for-learning-by-tinkering" --output test2.wiki</code> bgyq29cjqidpzj42e97tt5jj65o2gg8 571 570 2025-06-16T05:20:22Z AwesomO 5 571 wikitext text/x-wiki * Fetching a syntax_wiki post from HIVE * https://peakd.com/hive-138301/@completenoobs/how-to-download-pages-from-hive-blockchain ==Container Setup== * create container <code>lxc launch ubuntu:24.04 hive</code> * Login to container <code>lxc exec hive bash</code> * switch to user ubuntu <code>su - ubuntu</code> ===Update System and Install Dependencies=== * Update package lists <code>sudo apt update && sudo apt upgrade -y</code> * Install essential packages <code>sudo apt install -y python3 python3-pip python3-venv git build-essential</code> * Install development libraries needed for compilation <code>sudo apt install -y libssl-dev libffi-dev python3-dev</code> * Verify Python installation <code>python3 --version</code><br> <code>pip3 --version</code> ===Create Virtual Environment (Recommended) === * Create a virtual environment <code>python3 -m venv hive_beem_env</code> * Activate the virtual environment <code>source hive_beem_env/bin/activate</code> * Verify you're in the virtual environment (should show the path) <pre> (hive_beem_env) ubuntu@hive:~$ </pre> ===Install Beem=== * Install beem from PyPI * NOTE: Beem is installed in Virtual Environment to avoid <code>error: externally-managed-environment</code> <code>pip install beem</code> == Script to Fetch Post from HIVE == <code>$EDITOR hive-fetch.py</code> * <b>WARNING THIS SCRIPT IS EARLY CONCEPT DRAFT BUGGY!</b> <pre> #!/usr/bin/env python3 """ Hive Post Fetcher using Beem Fetches raw markdown content from Hive blockchain posts """ import argparse import json import time import xml.etree.ElementTree as ET import xml.dom.minidom as minidom import re from datetime import datetime from urllib.parse import urlparse from beem import Hive from beem.comment import Comment from beem.account import Account class HivePostFetcher: def __init__(self, nodes=None): if nodes is None: nodes = [ "https://api.hive.blog", "https://rpc.ecency.com", "https://api.deathwing.me", "https://fin.hive.3speak.co" ] self.hive = Hive(node=nodes) def parse_hive_url(self, url): """Parse Hive blog URL to extract author and permlink""" try: # Remove trailing slash if present url = url.rstrip('/') # Handle different URL formats: # https://hive.blog/completenoobs/@completenoobs/completenoobs-genesis # https://hive.blog/@completenoobs/completenoobs-genesis # https://peakd.com/@completenoobs/completenoobs-genesis # Extract the path part parsed = urlparse(url) path = parsed.path # Split and filter empty parts parts = [p for p in path.split('/') if p] if len(parts) >= 2: # Find the author (starts with @) author_part = None permlink_part = None for i, part in enumerate(parts): if part.startswith('@'): author_part = part[1:] # Remove @ if i + 1 < len(parts): permlink_part = parts[i + 1] break if author_part and permlink_part: return f"@{author_part}/{permlink_part}" return None except Exception as e: print(f"Error parsing URL: {e}") return None def fetch_single_post(self, authorperm_or_url): """Fetch a single post by author/permlink or URL""" try: # Check if input is a URL if authorperm_or_url.startswith('http'): authorperm = self.parse_hive_url(authorperm_or_url) if not authorperm: return {'success': False, 'error': 'Could not parse URL format'} print(f"Parsed URL to: {authorperm}") else: authorperm = authorperm_or_url post = Comment(authorperm, blockchain_instance=self.hive) return { 'success': True, 'data': { 'title': post.get('title', 'No Title'), 'author': post['author'], 'permlink': post['permlink'], 'authorperm': post['authorperm'], 'created': str(post['created']), 'body': post['body'], 'url': f"https://hive.blog/@{post['author']}/{post['permlink']}", 'tags': post.get('json_metadata', {}).get('tags', []) if post.get('json_metadata') else [], 'category': post.get('category', ''), 'votes': len(post.get('active_votes', [])), 'payout': str(post.get('pending_payout_value', '0.000 HBD')) } } except Exception as e: return {'success': False, 'error': str(e)} def fetch_user_posts(self, username, limit=50): """Fetch all posts by a user using get_account_posts""" try: account = Account(username, blockchain_instance=self.hive) posts = [] # Use get_account_posts method (correct approach) for post in account.get_account_posts(sort="posts", limit=limit): try: posts.append({ 'title': post.get('title', 'No Title'), 'author': post['author'], 'permlink': post['permlink'], 'authorperm': post['authorperm'], 'created': str(post.get('created', '')), 'body': post['body'], 'url': f"https://hive.blog/@{post['author']}/{post['permlink']}", 'tags': post.get('json_metadata', {}).get('tags', []) if post.get('json_metadata') else [], 'category': post.get('category', ''), 'votes': len(post.get('active_votes', [])), 'payout': str(post.get('pending_payout_value', '0.000 HBD')) }) time.sleep(0.3) # Be nice to the API except Exception as e: print(f"Error processing post: {e}") continue return {'success': True, 'data': posts} except Exception as e: return {'success': False, 'error': str(e)} def save_as_json(self, posts, filename): """Save posts as JSON""" with open(filename, 'w', encoding='utf-8') as f: json.dump(posts, f, indent=2, ensure_ascii=False) print(f"✅ Saved {len(posts)} posts to {filename}") def save_as_xml(self, posts, filename): """Save posts as XML""" root = ET.Element("hive_posts") root.set("generated", datetime.now().isoformat()) root.set("count", str(len(posts))) for post in posts: post_elem = ET.SubElement(root, "post") # Add post attributes for key, value in post.items(): if key == 'tags' and isinstance(value, list): tags_elem = ET.SubElement(post_elem, "tags") for tag in value: tag_elem = ET.SubElement(tags_elem, "tag") tag_elem.text = str(tag) elif key == 'body': # Handle body content with CDATA body_elem = ET.SubElement(post_elem, "body") body_elem.text = str(value) else: elem = ET.SubElement(post_elem, key) elem.text = str(value) # Pretty print XML rough_string = ET.tostring(root, encoding='unicode') reparsed = minidom.parseString(rough_string) pretty_xml = reparsed.toprettyxml(indent=" ") with open(filename, 'w', encoding='utf-8') as f: f.write(pretty_xml) print(f"✅ Saved {len(posts)} posts to {filename}") def save_as_wiki(self, posts, filename): """Save posts as MediaWiki syntax""" with open(filename, 'w', encoding='utf-8') as f: f.write("= Hive Posts Export =\n\n") f.write(f"Generated: {datetime.now().strftime('%Y-%m-%d %H:%M:%S')}\n") f.write(f"Total Posts: {len(posts)}\n\n") for i, post in enumerate(posts, 1): # Post header f.write(f"== Post {i}: {post['title']} ==\n\n") # Post metadata table f.write("{| class=\"wikitable\"\n") f.write("|-\n") f.write("! Property !! Value\n") f.write("|-\n") f.write(f"| Author || @{post['author']}\n") f.write("|-\n") f.write(f"| Created || {post['created']}\n") f.write("|-\n") f.write(f"| URL || [{post['url']} View on Hive]\n") f.write("|-\n") f.write(f"| AuthorPerm || {post['authorperm']}\n") f.write("|-\n") f.write(f"| Category || {post.get('category', 'N/A')}\n") f.write("|-\n") f.write(f"| Votes || {post.get('votes', 0)}\n") f.write("|-\n") f.write(f"| Payout || {post.get('payout', 'N/A')}\n") # Tags if post.get('tags'): tags_str = ', '.join([f"[[{tag}]]" for tag in post['tags']]) f.write("|-\n") f.write(f"| Tags || {tags_str}\n") f.write("|}\n\n") # Post content f.write("=== Content ===\n\n") # Convert markdown to wiki syntax (basic conversion) wiki_content = self.markdown_to_wiki(post['body']) f.write(wiki_content) f.write("\n\n") f.write("----\n\n") # Horizontal rule between posts print(f"✅ Saved {len(posts)} posts to {filename}") def markdown_to_wiki(self, markdown_text): """Basic conversion from Markdown to MediaWiki syntax""" wiki_text = markdown_text # Headers wiki_text = re.sub(r'^# (.*)', r'= \1 =', wiki_text, flags=re.MULTILINE) wiki_text = re.sub(r'^## (.*)', r'== \1 ==', wiki_text, flags=re.MULTILINE) wiki_text = re.sub(r'^### (.*)', r'=== \1 ===', wiki_text, flags=re.MULTILINE) wiki_text = re.sub(r'^#### (.*)', r'==== \1 ====', wiki_text, flags=re.MULTILINE) # Bold and italic wiki_text = re.sub(r'\*\*(.*?)\*\*', r"'''\1'''", wiki_text) # Bold wiki_text = re.sub(r'\*(.*?)\*', r"''\1''", wiki_text) # Italic # Links wiki_text = re.sub(r'\[([^\]]+)\]\(([^)]+)\)', r'[\2 \1]', wiki_text) # Code blocks wiki_text = re.sub(r'```(\w*)\n(.*?)```', r'<syntaxhighlight lang="\1">\n\2</syntaxhighlight>', wiki_text, flags=re.DOTALL) wiki_text = re.sub(r'`([^`]+)`', r'<code>\1</code>', wiki_text) # Lists (basic conversion) wiki_text = re.sub(r'^- (.*)', r'* \1', wiki_text, flags=re.MULTILINE) wiki_text = re.sub(r'^\d+\. (.*)', r'# \1', wiki_text, flags=re.MULTILINE) return wiki_text def main(): parser = argparse.ArgumentParser(description='Fetch posts from Hive blockchain') parser.add_argument('--user', type=str, help='Username to fetch posts from') parser.add_argument('--post', type=str, help='Single post to fetch (format: @author/permlink or full URL)') parser.add_argument('--url', type=str, help='Hive blog URL to fetch (e.g., https://hive.blog/@user/post)') parser.add_argument('--limit', type=int, default=20, help='Limit number of posts to fetch') parser.add_argument('--output', type=str, help='Output file name (extension determines format)') parser.add_argument('--format', type=str, choices=['json', 'xml', 'wiki', 'txt'], default='json', help='Output format (json, xml, wiki, txt)') args = parser.parse_args() fetcher = HivePostFetcher() # Handle single post (either --post or --url) single_post_input = args.post or args.url if single_post_input: result = fetcher.fetch_single_post(single_post_input) if result['success']: post_data = result['data'] print(f"Title: {post_data['title']}") print(f"Author: @{post_data['author']}") print(f"Created: {post_data['created']}") print(f"URL: {post_data['url']}") print(f"Category: {post_data['category']}") print(f"Tags: {', '.join(post_data['tags'])}") print(f"Votes: {post_data['votes']}") print(f"Payout: {post_data['payout']}") print("\n" + "="*60 + "\n") print(post_data['body']) # Save single post if output specified if args.output: posts_list = [post_data] output_format = args.format # Auto-detect format from filename extension if not specified if '.' in args.output: ext = args.output.split('.')[-1].lower() if ext in ['json', 'xml', 'wiki', 'txt']: output_format = ext if output_format == 'json': fetcher.save_as_json(posts_list, args.output) elif output_format == 'xml': fetcher.save_as_xml(posts_list, args.output) elif output_format == 'wiki': fetcher.save_as_wiki(posts_list, args.output) else: # txt format with open(args.output, 'w', encoding='utf-8') as f: f.write(f"Title: {post_data['title']}\n") f.write(f"Author: @{post_data['author']}\n") f.write(f"Created: {post_data['created']}\n") f.write(f"URL: {post_data['url']}\n") f.write(f"AuthorPerm: {post_data['authorperm']}\n") f.write("="*60 + "\n\n") f.write(post_data['body']) print(f"✅ Saved to {args.output}") else: print(f"Error: {result['error']}") elif args.user: result = fetcher.fetch_user_posts(args.user, args.limit) if result['success']: posts = result['data'] print(f"Fetched {len(posts)} posts for @{args.user}") if args.output: output_format = args.format # Auto-detect format from filename extension if '.' in args.output: ext = args.output.split('.')[-1].lower() if ext in ['json', 'xml', 'wiki', 'txt']: output_format = ext if output_format == 'json': fetcher.save_as_json(posts, args.output) elif output_format == 'xml': fetcher.save_as_xml(posts, args.output) elif output_format == 'wiki': fetcher.save_as_wiki(posts, args.output) else: # txt format with open(args.output, 'w', encoding='utf-8') as f: for i, post in enumerate(posts, 1): f.write(f"{'='*60}\n") f.write(f"POST {i}: {post['title']}\n") f.write(f"Author: @{post['author']}\n") f.write(f"Created: {post['created']}\n") f.write(f"URL: {post['url']}\n") f.write(f"AuthorPerm: {post['authorperm']}\n") f.write(f"Tags: {', '.join(post['tags'])}\n") f.write(f"{'='*60}\n\n") f.write(post['body']) f.write(f"\n\n{'='*60}\n\n") print(f"✅ Saved to {args.output}") else: for i, post in enumerate(posts, 1): print(f"\n{i}. {post['title']}") print(f" Created: {post['created']}") print(f" URL: {post['url']}") print(f" Tags: {', '.join(post['tags'])}") else: print(f"Error: {result['error']}") else: parser.print_help() print("\nExamples:") print(" # Fetch user posts as JSON") print(" python hive_fetcher.py --user completenoobs --limit 10 --output posts.json") print("") print(" # Fetch user posts as XML") print(" python hive_fetcher.py --user completenoobs --output posts.xml") print("") print(" # Fetch user posts as Wiki syntax") print(" python hive_fetcher.py --user completenoobs --output posts.wiki") print("") print(" # Fetch specific post by URL") print(" python hive_fetcher.py --url 'https://hive.blog/completenoobs/@completenoobs/completenoobs-genesis'") print("") print(" # Fetch specific post by authorperm") print(" python hive_fetcher.py --post '@completenoobs/completenoobs-genesis' --output genesis.xml") if __name__ == "__main__": main() </pre> ===How to use script === <pre> usage: hive-fetch.py [-h] [--user USER] [--post POST] [--url URL] [--limit LIMIT] [--output OUTPUT] [--format {json,xml,wiki,txt}] Fetch posts from Hive blockchain options: -h, --help show this help message and exit --user USER Username to fetch posts from --post POST Single post to fetch (format: @author/permlink or full URL) --url URL Hive blog URL to fetch (e.g., https://hive.blog/@user/post) --limit LIMIT Limit number of posts to fetch --output OUTPUT Output file name (extension determines format) --format {json,xml,wiki,txt} Output format (json, xml, wiki, txt) Examples: # Fetch user posts as JSON python hive_fetcher.py --user completenoobs --limit 10 --output posts.json # Fetch user posts as XML python hive_fetcher.py --user completenoobs --output posts.xml # Fetch user posts as Wiki syntax python hive_fetcher.py --user completenoobs --output posts.wiki # Fetch specific post by URL python hive_fetcher.py --url 'https://hive.blog/completenoobs/@completenoobs/completenoobs-genesis' # Fetch specific post by authorperm python hive_fetcher.py --post '@completenoobs/completenoobs-genesis' --output genesis.xml </pre> ===Examples=== * <b>syntax_wiki</b> example post: https://hive.blog/hive-138301/@completenoobs/find-hive-users-memo-key-and-send-encrypted-message-l7a * <b>syntax_mark<b> example post: https://hive.blog/completenoobs/@completenoobs/n33bcoin-how-to-fork-bitcoin-for-learning-by-tinkering ====To print text of post to terminal:==== <code>python3 hive-fetch.py --url https://hive.blog/hive-138301/@completenoobs/find-hive-users-memo-key-and-send-encrypted-message-l7a</code> ====To print syntax_wiki to file==== <code>python3 hive-fetch.py --url "https://hive.blog/hive-138301/@completenoobs/find-hive-users-memo-key-and-send-encrypted-message-l7a" --output test.wiki</code> ====To print syntax_markdown to syntax_wiki - BUGGY==== <code>python3 hive-fetch.py --url "https://hive.blog/completenoobs/@completenoobs/n33bcoin-how-to-fork-bitcoin-for-learning-by-tinkering" --output test2.wiki</code> mr58lzttnnpczdoce05yc8wg1mjvie0 0 179 585 2025-06-23T12:41:54Z AwesomO 5 Created page with "<div class="toccolours mw-collapsible mw-collapsed"> Set CLi Text <code>$EDITOR</code> - Quick Guide <div class="mw-collapsible-content"> <b>FIND WHICH SHELL YOU ARE USING</b><br> * This command will tell you your current shell. <code>echo $SHELL</code> <br> <b>SH SHELL</b> * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>set EDITOR=nano</code> * Unset the variable: <code>unset EDITOR</code> <br> <b>BASH SHELL</b> *..." 585 wikitext text/x-wiki <div class="toccolours mw-collapsible mw-collapsed"> Set CLi Text <code>$EDITOR</code> - Quick Guide <div class="mw-collapsible-content"> <b>FIND WHICH SHELL YOU ARE USING</b><br> * This command will tell you your current shell. <code>echo $SHELL</code> <br> <b>SH SHELL</b> * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>set EDITOR=nano</code> * Unset the variable: <code>unset EDITOR</code> <br> <b>BASH SHELL</b> * Check if '''EDITOR''' is already set: <code>echo $EDITOR</code> * Set the environment variable: <code>export EDITOR=nano</code> * Unset the variable: ** will export/set EDITOR to empty string <code>export EDITOR=</code> </div> </div> m9k7q0qy4bszjlgacm4a87l4kwny7g6 0 180 588 2025-06-24T14:57:12Z AwesomO 5 Created page with " Options to See If Anyone is visiting your Wiki ==HitCounters== As easy as installing an extension: https://www.mediawiki.org/wiki/Extension:HitCounters * Move to your wiki's extensions directory <code>cd /var/www/html/mediawiki/extensions</code> * Download the extension from GIT <code>git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/HitCounters</code> * Enable it in LocalSettings.php by adding the line: <pre> wfLoadExtension( 'HitCounters' ); </pre> * Ru..." 588 wikitext text/x-wiki Options to See If Anyone is visiting your Wiki ==HitCounters== As easy as installing an extension: https://www.mediawiki.org/wiki/Extension:HitCounters * Move to your wiki's extensions directory <code>cd /var/www/html/mediawiki/extensions</code> * Download the extension from GIT <code>git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/HitCounters</code> * Enable it in LocalSettings.php by adding the line: <pre> wfLoadExtension( 'HitCounters' ); </pre> * Run the MediaWiki update script to create necessary database tables: <code>php /var/www/html/mediawiki/maintenance/update.php</code> * Check <b>Special:PopularPages</b> <code>https://www.completenoobs.com/noobs/Special:PopularPages</code> * Can add the line in a wiki page to link to PopluarPages <pre> {{Special:PopularPages/10}} </pre> ===Error Warning=== for some reason i had a clash with <b>ContributionScores</b> , i did not take notes on the error, it was trying to use a database entrie that was not avable (this only happened after installing HitCounters), Error only on Main_Page * Solved: Commented out all ContributionScores lines in LocalSettings.php, re-ran wiki update <code>php /var/www/html/mediawiki/maintenance/update.php</code>, worked, uncommented all ContributionScores and updated wiki again, and so some reason it worked! now both are running on wiki. ==Google Analytics== * Extension used:Google Analytics Integration https://www.mediawiki.org/wiki/Extension:Google_Analytics_Integration * Requires an Google Account === Extension Install === * Go to your wiki's extensions directory <code>cd /var/www/html/mediawiki/extensions</code> * Download the extension from GIT <code>git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/googleAnalytics</code> * This part is done for now, go to Google Analytics Page to create a DataStream For your wiki. === Google Account === * ADD STREAM > WEB > Enter WEBSITE URL and give the STREAM a name > Click 'CREATE AND CONTINUE' > Click 'Install manually', there you will see your Unique <b>Measurement ID</b> in the javascript <pre> <!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-T9920YJMQ3"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-T9920YJMQ3'); </script> </pre> * My Unique <b>Measurement ID</b> is: <code>G-T9920YJMQ3</code> ===LocalSettings.php=== * This line is required: <code>require_once "$IP/extensions/googleAnalytics/googleAnalytics.php";</code> * This Line is where you append your unique <b>Measurement ID</b>: <code>$wgGoogleAnalyticsOtherCode = '<script async src="https://www.googletagmanager.com/gtag/js?id=MEASUREMENT_ID"></script>';</code> * In this Example my Measurement ID is <code>G-T9920YJMQ3</code> <pre> # GoogleAnalyticsAccount require_once "$IP/extensions/googleAnalytics/googleAnalytics.php"; $wgGoogleAnalyticsOtherCode = '<script async src="https://www.googletagmanager.com/gtag/js?id=G-T9920YJMQ3"></script>'; </pre> * Should now all be working, If you now test in Google it should good. == Analyze Apache Access Logs with Log Analysis Software == you already have your apache logs: <code>/var/log/apache2/access.log</code> which you can already read with no app, been having problems with all app's i have been trying, will try again later. i6r5e0srhy51rxgkwc3e40hwznz38y5 0 181 589 2025-06-24T14:59:45Z AwesomO 5 Created page with "=Privacy and Cookie Information= This page explains how we collect and use information when you visit our wiki. ==What Information We Collect== ===Essential Wiki Functions=== * '''Page Views''': Tracked via the HitCounters extension to identify popular content. * '''Session Data''': Temporary data to maintain your browsing session. * '''Server Logs''': Apache logs collect basic access information, including IP addresses, browser type, and timestamps. ===Visitor Stati..." 589 wikitext text/x-wiki =Privacy and Cookie Information= This page explains how we collect and use information when you visit our wiki. ==What Information We Collect== ===Essential Wiki Functions=== * '''Page Views''': Tracked via the HitCounters extension to identify popular content. * '''Session Data''': Temporary data to maintain your browsing session. * '''Server Logs''': Apache logs collect basic access information, including IP addresses, browser type, and timestamps. ===Visitor Statistics=== We use the following methods to gather anonymous visitor statistics to improve our wiki: * '''HitCounters Extension''': Tracks page views to identify popular content. * '''Google Analytics''': Provides insights into how visitors navigate our site. * '''Apache Log Analysis''': Monitors site performance and usage trends. ==Why We Collect This Information== * '''Improve Content''': Understanding popular pages helps us focus on valuable content. * '''Site Performance''': Monitoring ensures the wiki loads quickly and functions properly. * '''Security''': Logs help detect and prevent abuse or attacks. * '''Planning''': Visitor patterns inform future improvements. ==How We Protect Your Privacy== * '''No Personal Identification''': We do not collect names, email addresses, or other personal details from anonymous visitors. * '''Server-Side Storage''': Most data is stored on our servers and not shared with third parties, except for Google Analytics. * '''Limited Retention''': Apache log data is periodically rotated and not retained indefinitely. * '''No Cross-Site Tracking''': We only monitor activity on this wiki, not your browsing elsewhere. ==Cookies We Use== ===Essential Cookies=== * '''Session Cookies''': Required for basic wiki functionality; deleted when you close your browser. * '''Login Cookies''': Maintain login status for account holders; removable by logging out. ===Analytics Cookies=== * '''Google Analytics Cookies''': Used to understand site usage; can be disabled in your browser settings without affecting core wiki functionality. ==Your Choices== * '''Browser Settings''': You can disable cookies, though some wiki features may not function properly. * '''Do Not Track''': We respect "Do Not Track" browser settings where technically feasible. * '''Data Inquiries''': Contact us with questions about collected data. ==Technical Details== For details on our visitor tracking methods, see our [[Ubuntu_Mediawiki_Tracking_Visitors| Visitor Tracking Documentation]]. ==Third-Party Services== * '''Google Analytics''': This service may set cookies and follows its own privacy policy at [https://policies.google.com/privacy Google's Privacy Policy]. * '''No Other Third-Party Services''': Only Google Analytics, HitCounters, and Apache logs are used for visitor statistics. fpy9rslzycfmd54jfwinuhp91l22l6p 0 182 606 2025-07-07T13:17:25Z AwesomO 5 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/3.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> You are free to: * Share — copy and redistribute the mat..." 606 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>CC BY Licence</b><br \> More information about the <b>CC BY licence</b> can be found here:<br \> <code>https://creativecommons.org/licenses/by/3.0/</code> <div class="toccolours mw-collapsible mw-collapsed"> Over View <div class="mw-collapsible-content"> You are free to: * Share — copy and redistribute the material in any medium or format for any purpose, even commercially. * Adapt — remix, transform, and build upon the material for any purpose, even commercially. * The licensor cannot revoke these freedoms as long as you follow the license terms. * https://creativecommons.org/licenses/by/3.0/ Under the following terms: * Attribution — You must give [[https://creativecommons.org/licenses/by/3.0/#ref-appropriate-credit| appropriate credit]] , provide a link to the license, and [[https://creativecommons.org/licenses/by/3.0/#ref-indicate-changes indicate if changes were made]] . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. * No additional restrictions — You may not apply legal terms or [[https://creativecommons.org/licenses/by/3.0/#ref-technological-measures| technological measures]] that legally restrict others from doing anything the license permits. Notices: You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable [[https://creativecommons.org/licenses/by/3.0/#ref-exception-or-limitation| exception or limitation]] . No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as [[https://creativecommons.org/licenses/by/3.0/#ref-publicity-privacy-or-moral-rights| publicity, privacy, or moral rights]] may limit how you use the material. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Licence: https://creativecommons.org/licenses/by/3.0/legalcode.en <div class="mw-collapsible-content"> <pre> Attribution 3.0 Unported CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE. License THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. 1. Definitions Adaptation means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License. Collection means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined above) for the purposes of this License. Distribute means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership. Licensor means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License. Original Author means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast. Work means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work. You means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation. Publicly Perform means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images. Reproduce means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium. 2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws. 3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections; to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified."; to Distribute and Publicly Perform the Work including as incorporated in Collections; and, to Distribute and Publicly Perform Adaptations. For the avoidance of doubt: Non-waivable Compulsory License Schemes . In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; Waivable Compulsory License Schemes . In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and, Voluntary License Schemes . The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License. The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f) , all rights not expressly granted by Licensor are hereby reserved. 4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(b) , as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(b) , as requested. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a) , keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and, (iv) consistent with Section 3(b) , in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(b) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise. 5. Representations, Warranties and Disclaimer UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING AND TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO THIS EXCLUSION MAY NOT APPLY TO YOU. 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. Termination This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 8. Miscellaneous Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law. </pre> </div> </div> |} q9ol6l51on4koc6ldl2hxsw82ah3zqj 0 183 608 2025-07-07T15:25:20Z AwesomO 5 Created page with "{{:LICENCE_HEADER_CC_BY_V3}} * forked from https://en.bitcoin.it/wiki/List_of_address_prefixes on 20/08/2024 Blockchain-based currencies use encoded strings, which are in a [[Base58Check encoding]] with the exception of [[Bech32]] encodings. <br> The encoding includes a prefix (traditionally a single ''version byte''), which affects the leading symbol(s) in the encoded result. <br> {| class="wikitable" |- !Decimal prefix !Hex !Example use !Leading symbol(s) !Example..." 608 wikitext text/x-wiki {{:LICENCE_HEADER_CC_BY_V3}} * forked from https://en.bitcoin.it/wiki/List_of_address_prefixes on 20/08/2024 Blockchain-based currencies use encoded strings, which are in a [[Base58Check encoding]] with the exception of [[Bech32]] encodings. <br> The encoding includes a prefix (traditionally a single ''version byte''), which affects the leading symbol(s) in the encoded result. <br> {| class="wikitable" |- !Decimal prefix !Hex !Example use !Leading symbol(s) !Example |- |0 |00 |Pubkey hash ([[Transaction#Pay-to-PubkeyHash|P2PKH address]]) |1 |<tt>17VZNX1SN5NtKa8UQFxwQbFeFc3iqRYhem</tt> |- |5 |05 |Script hash ([[Pay to script hash|P2SH address]]) |3 | <tt>3EktnHQD7RiAE6uzMj2ZifT9YgRrkSgzQX</tt> |- |128 |80 |Private key ([[Wallet import format|WIF]], uncompressed pubkey) |5 |<tt>5Hwgr3u458GLafKBgxtssHSPqJnYoGrSzgQsPwLFhLNYskDPyyA</tt> |- |133 |80 |Private key ([[Wallet import format|WIF]], uncompressed pubkey, Electrum-defined<ref name="electrum-300-wif">[https://github.com/spesmilo/electrum/blob/3.0.0/RELEASE-NOTES#L42]</ref> and now deprecated<ref name="electrum-310-wif">[https://github.com/spesmilo/electrum/blob/3.1.0/RELEASE-NOTES#L58]</ref>) |5 |<tt>5TfQjD9DLFeUFmDiDrzsdtSGQss93o4pvsmQcgmjfcQVLsEgAoM</tt> |- |128 |80 |Private key ([[Wallet import format|WIF]], compressed pubkey) |K ''or'' L |<tt>L1aW4aubDFB7yfras2S1mN3bqg9nwySY8nkoLmJebSLD5BWv3ENZ</tt> |- |129-134 |80 |Private key ([[Wallet import format|WIF]], compressed pubkey, Electrum-defined<ref name="electrum-300-wif" /> and now deprecated<ref name="electrum-310-wif" />) |L |<tt>LkUevPi661korFvRdQQUkEX35rA484oAwzsT93383q6mUqVe5cw2</tt> |- |135 |80 |Private key ([[Wallet import format|WIF]], compressed pubkey, Electrum-defined<ref name="electrum-300-wif" /> and now deprecated<ref name="electrum-310-wif" />) |L ''or'' M |<tt>M3dv4iRtSKb5oHwxjZCGLai1aiZMnuLdGt7iFwjK2ncC3Vu7tRwP</tt> |- |4 136 178 30 |0488B21E |[[BIP 0032|BIP32]] pubkey |xpub |<tt>xpub661MyMwAqRbcEYS8w7XLSVeEsBXy79zSzH1J8vCdxAZningWLdN3 zgtU6LBpB85b3D2yc8sfvZU521AAwdZafEz7mnzBBsz4wKY5e4cp9LB</tt> |- |4 136 173 228 |0488ADE4 |BIP32 private key |xprv |<tt>xprv9s21ZrQH143K24Mfq5zL5MhWK9hUhhGbd45hLXo2Pq2oqzMMo63o StZzF93Y5wvzdUayhgkkFoicQZcP3y52uPPxFnfoLZB21Teqt1VvEHx</tt> |- |111 |6F |Testnet pubkey hash |m ''or'' n |<tt>mipcBbFg9gMiCh81Kj8tqqdgoZub1ZJRfn</tt> |- |196 |C4 |Testnet script hash |2 |<tt>2MzQwSSnBHWHqSAqtTVQ6v47XtaisrJa1Vc</tt> |- |239 |EF |Testnet Private key ([[Wallet import format|WIF]], uncompressed pubkey) |9 |<tt>92Pg46rUhgTT7romnV7iGW6W1gbGdeezqdbJCzShkCsYNzyyNcc</tt> |- |239 |EF |Testnet Private key ([[Wallet import format|WIF]], compressed pubkey) |c |<tt>cNJFgo1driFnPcBdBX8BrJrpxchBWXwXCvNH5SoSkdcF6JXXwHMm</tt> |- |4 53 135 207 |043587CF |Testnet BIP32 pubkey |tpub |<tt>tpubD6NzVbkrYhZ4WLczPJWReQycCJdd6YVWXubbVUFnJ5KgU5MDQrD9 98ZJLNGbhd2pq7ZtDiPYTfJ7iBenLVQpYgSQqPjUsQeJXH8VQ8xA67D</tt> |- |4 53 131 148 |04358394 |Testnet BIP32 private key |tprv |<tt>tprv8ZgxMBicQKsPcsbCVeqqF1KVdH7gwDJbxbzpCxDUsoXHdb6SnTPY xdwSAKDC6KKJzv7khnNWRAJQsRA8BBQyiSfYnRt6zuu4vZQGKjeW4YF</tt> |- | | |Bech32 pubkey hash or script hash |bc1 |<tt>bc1qw508d6qejxtdg4y5r3zarvary0c5xw7kv8f3t4</tt> |- | | |Bech32 testnet pubkey hash or script hash |tb1 |<tt>tb1qw508d6qejxtdg4y5r3zarvary0c5xw7kxpjzsx</tt> |} Note that private keys for compressed and uncompressed bitcoin public keys use the same version byte. The reason for the compressed form starting with a different character is because a 0x01 byte is appended to the private key before base58 encoding. The following table shows the leading symbol(s) and address length(s) for 160 bit hashes for each of the possible decimal version values: {| class="wikitable" |- !Decimal version !Leading symbol !Address length |- |0 |1 |up to 34 |- |1 |Q-Z, a-k, m-o |33 |- |2 |o-z, 2 |33 or 34 |- |3 |2 |34 |- |4 |2 or 3 |34 |- |5-6 |3 |34 |- |7 |3 or 4 |34 |- |8 |4 |34 |- |9 |4 or 5 |34 |- |10-11 |5 |34 |- |12 |5 or 6 |34 |- |13 |6 |34 |- |14 |6 or 7 |34 |- |15-16 |7 |34 |- |17 |7 or 8 |34 |- |18 |8 |34 |- |19 |8 or 9 |34 |- |20-21 |9 |34 |- |22 |9 or A |34 |- |23 |A |34 |- |24 |A or B |34 |- |25-26 |B |34 |- |27 |B or C |34 |- |28 |C |34 |- |29 |C or D |34 |- |30-31 |D |34 |- |32 |D or E |34 |- |33 |E |34 |- |34 |E or F |34 |- |35-36 |F |34 |- |37 |F or G |34 |- |38 |G |34 |- |39 |G or H |34 |- |40-41 |H |34 |- |42 |H or J |34 |- |43 |J |34 |- |44 |J or K |34 |- |45-46 |K |34 |- |47 |K or L |34 |- |48 |L |34 |- |49 |L or M |34 |- |50-51 |M |34 |- |52 |M or N |34 |- |53 |N |34 |- |54 |N or P |34 |- |55-56 |P |34 |- |57 |P or Q |34 |- |58 |Q |34 |- |59 |Q or R |34 |- |60-61 |R |34 |- |62 |R or S |34 |- |63 |S |34 |- |64 |S or T |34 |- |65-66 |T |34 |- |67 |T or U |34 |- |68 |U |34 |- |69 |U or V |34 |- |70-71 |V |34 |- |72 |V or W |34 |- |73 |W |34 |- |74 |W or X |34 |- |75-76 |X |34 |- |77 |X or Y |34 |- |78 |Y |34 |- |79 |Y or Z |34 |- |80-81 |Z |34 |- |82 |Z or a |34 |- |83 |a |34 |- |84 |a or b |34 |- |85 |b |34 |- |86 |b or c |34 |- |87-88 |c |34 |- |89 |c or d |34 |- |90 |d |34 |- |91 |d or e |34 |- |92-93 |e |34 |- |94 |e or f |34 |- |95 |f |34 |- |96 |f or g |34 |- |97-98 |g |34 |- |99 |g or h |34 |- |100 |h |34 |- |101 |h or i |34 |- |102-103 |i |34 |- |104 |i or j |34 |- |105 |j |34 |- |106 |j or k |34 |- |107-108 |k |34 |- |109 |k or m |34 |- |110 |m |34 |- |111 |m or n |34 |- |112-113 |n |34 |- |114 |n or o |34 |- |115 |o |34 |- |116 |o or p |34 |- |117-118 |p |34 |- |119 |p or q |34 |- |120 |q |34 |- |121 |q or r |34 |- |122-123 |r |34 |- |124 |r or s |34 |- |125 |s |34 |- |126 |s or t |34 |- |127-128 |t |34 |- |129 |t or u |34 |- |130 |u |34 |- |131 |u or v |34 |- |132-133 |v |34 |- |134 |v or w |34 |- |135 |w |34 |- |136 |w or x |34 |- |137-138 |x |34 |- |139 |x or y |34 |- |140 |y |34 |- |141 |y or z |34 |- |142-143 |z |34 |- |144 |z or 2 |34 or 35 |- |145-255 |2 |35 |} p4uxdrvayzqznd7jslq6wxgghypl58e 2 184 611 2025-07-09T00:05:10Z HumbertoRoney 18 Created page with "Hello, dear friend! My name is Lisette. I am pleased that I can unify to the entire globe. I live in Poland, in the NA region. I dream to check out the different nations, to obtain acquainted with appealing people." 611 wikitext text/x-wiki Hello, dear friend! My name is Lisette. I am pleased that I can unify to the entire globe. I live in Poland, in the NA region. I dream to check out the different nations, to obtain acquainted with appealing people. 9kl1lrsp1a0rzbxnhdlub1mel8ecp8j 613 611 2025-07-10T13:59:17Z Noob 1 Replaced content with "Bot account" 613 wikitext text/x-wiki Bot account jkld64xxw74ed2dst0vksru2a054u5b 622 613 2025-07-17T09:42:10Z HumbertoRoney 18 622 wikitext text/x-wiki My name is Bridget Maudsley. I life in Versoix Le Bourg (Switzerland). se4tbtokecs6f03dnwecaoz07w05cla 624 622 2025-07-23T14:01:08Z HumbertoRoney 18 624 wikitext text/x-wiki My name is Reynaldo Braud. I life in Montigny-Les-Metz (France). hmuxdkpmll8mgf35ir9za2szxu6vkli 0 185 612 2025-07-09T21:28:44Z AwesomO 5 Created page with "Going to learn the basics of GPG in a quick walk through * <b>IMPORTANT NOTE</b>: In the <b>LXC Containers</b> <code>sudo</code> is required - not 100% sure why - is not required when using on normal host (not container) == Step one creating conatiners and logging in == * Create 2 ubuntu 24.04 containers foo and bar <pre> lxc launch ubuntu:24.04 foo lxc exec foo bash su - ubuntu </pre> <pre> lxc launch ubuntu:24.04 bar lxc exec bar bash su - ubuntu </pre> and have 2..." 612 wikitext text/x-wiki Going to learn the basics of GPG in a quick walk through * <b>IMPORTANT NOTE</b>: In the <b>LXC Containers</b> <code>sudo</code> is required - not 100% sure why - is not required when using on normal host (not container) == Step one creating conatiners and logging in == * Create 2 ubuntu 24.04 containers foo and bar <pre> lxc launch ubuntu:24.04 foo lxc exec foo bash su - ubuntu </pre> <pre> lxc launch ubuntu:24.04 bar lxc exec bar bash su - ubuntu </pre> and have 2 terminals open logged into both as user ubuntu == Step 2 - update container and install GPG == * Update and install <code>gnupg2</code> in both containers * <b>gnupg2</b> installs the `gnupg` package, which includes the `gpg` command. <code>sudo apt update && sudo apt upgrade -y && sudo apt install gnupg2 -y</code> * Verify installation <code>gpg --version</code> == Step 3 - Creating KeyPairs == * <b>IMPORTANT NOTE</b>: In the <b>LXC Containers</b> <code>sudo</code> is required - not 100% sure why - is not required when using on normal host (not container) ===Create Key Pair for Container Foo === * Generate new GPG key pair <code>sudo gpg --full-generate-key</code> * Follow prompts: # Choose key type: (9) ECC (default) # Key size: 1024 to 4096 bits ( 3072 default) # Key expiration: 0 = key does not expire # Real name: foo # Email: foo@foo.com # Comment: i am foo # Passphrase: choose a secure passphrase <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo gpg --full-generate-key</code> OutPut: <div class="mw-collapsible-content"> <pre> ubuntu@foo:~$ sudo gpg --full-generate-key gpg (GnuPG) 2.4.4; Copyright (C) 2024 g10 Code GmbH This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. gpg: directory '/root/.gnupg' created gpg: keybox '/root/.gnupg/pubring.kbx' created Please select what kind of key you want: (1) RSA and RSA (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) (9) ECC (sign and encrypt) *default* (10) ECC (sign only) (14) Existing key from card Your selection? Please select which elliptic curve you want: (1) Curve 25519 *default* (4) NIST P-384 (6) Brainpool P-256 Your selection? Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) Key does not expire at all Is this correct? (y/N) y GnuPG needs to construct a user ID to identify your key. Real name: foo Email address: foo@foo.com Comment: i am foo You selected this USER-ID: "foo (i am foo) <foo@foo.com>" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: /root/.gnupg/trustdb.gpg: trustdb created gpg: directory '/root/.gnupg/openpgp-revocs.d' created gpg: revocation certificate stored as '/root/.gnupg/openpgp-revocs.d/107B0222408951691EF6C91B4D9C986B00A60CFE.rev' public and secret key created and signed. pub ed25519 2025-07-08 [SC] 107B0222408951691EF6C91B4D9C986B00A60CFE uid foo (i am foo) <foo@foo.com> sub cv25519 2025-07-08 [E] </pre> </div> </div> ===Create Key Pair for Container Bar === * Generate new GPG key pair <code>sudo gpg --full-generate-key</code> * Follow prompts: # Choose key type: (1) RSA # Key size: 1024 to 4096 bits ( 3072 default) # Key expiration: 0 = key does not expire # Real name: bar # Email: bar@bar.com # Comment: i am bar # Passphrase: choose a secure passphrase <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo gpg --full-generate-key</code>: <div class="mw-collapsible-content"> <pre> ubuntu@bar:~$ sudo gpg --full-generate-key gpg (GnuPG) 2.4.4; Copyright (C) 2024 g10 Code GmbH This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. gpg: directory '/root/.gnupg' created gpg: keybox '/root/.gnupg/pubring.kbx' created Please select what kind of key you want: (1) RSA and RSA (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) (9) ECC (sign and encrypt) *default* (10) ECC (sign only) (14) Existing key from card Your selection? 1 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (3072) Requested keysize is 3072 bits Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) Key does not expire at all Is this correct? (y/N) y GnuPG needs to construct a user ID to identify your key. Real name: bar Email address: bar@bar.com Comment: i am bar You selected this USER-ID: "bar (i am bar) <bar@bar.com>" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: /root/.gnupg/trustdb.gpg: trustdb created gpg: directory '/root/.gnupg/openpgp-revocs.d' created gpg: revocation certificate stored as '/root/.gnupg/openpgp-revocs.d/56107DF2FB1A226BDFED3CC362C74C327D5EB42B.rev' public and secret key created and signed. pub rsa3072 2025-07-09 [SC] 56107DF2FB1A226BDFED3CC362C74C327D5EB42B uid bar (i am bar) <bar@bar.com> sub rsa3072 2025-07-09 [E] </pre> </div> </div> == Exchanging Keys == * List Keys <code>sudo gpg --list-keys</code> <pre> ubuntu@bar:~$ sudo gpg --list-keys /root/.gnupg/pubring.kbx ------------------------ pub rsa3072 2025-07-09 [SC] 56107DF2FB1A226BDFED3CC362C74C327D5EB42B uid [ultimate] bar (i am bar) <bar@bar.com> sub rsa3072 2025-07-09 [E] </pre> === Export Public Key === * Container Bar <code>sudo gpg --armor --export bar@bar.com > me_bar_pub_key.asc</code> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat me_bar_pub_key.asc</code> output: <div class="mw-collapsible-content"> <pre> ubuntu@bar:~$ cat me_bar_pub_key.asc -----BEGIN PGP PUBLIC KEY BLOCK----- mQGNBGhutlMBDACZEFt39BkE9ECxJ9mGhDE/kqylsuO8+gPFDe+0uQfjBjS+wMnt eMTloQ239/xpMvGhftTRu7jZoHCKlK/EhTQKsOYTHTwJhI8z/UC558Dze2PWmSkf wd86aZBaaZtktsmv+0iGJsXUiw+gb46tg79yHKQ9ZLayB3e5Ecv/HhZ1Xq0ALpQH 1lfEMEfxVeHYf7leFb1QyDbuwPXEMSejUFUY324GigNorZJn7CkbFgooGQl/nZ/S F08Eu2n4NoZvN5+/IMQw9jz9II+bpuu8mwY1oFLdnzYdnbom3he/1FPsMKXyx7l/ ribk1z/EHRqyS+K/88Hn9sfafICIFWKrd5N8377nmkrZ+hQ/0G0zOxbi8DHSWSGs +1+cIkafqq7wgGdXaOwoscg8m+/vC1KwozMUjO+rtheKm4xqUHwu/mBU1h5lLxL4 uL1HSEZIhM0KC6DgCQlzTQvvijx86v7QDi3YSp+5MxOJ9y9VuRuvAghhtu83Q+J4 82Qn3Ds9S9xefTMAEQEAAbQcYmFyIChpIGFtIGJhcikgPGJhckBiYXIuY29tPokB 0QQTAQoAOxYhBFYQffL7GiJr3+08w2LHTDJ9XrQrBQJobrZTAhsDBQsJCAcCAiIC BhUKCQgLAgQWAgMBAh4HAheAAAoJEGLHTDJ9XrQrkLMMAJUsj35tfwPoWcsoHaEM irrLbHhqC+C39zr6Msuh3OZQ/jaZJqqB8lgqiWweDMB80U0fG1eb6e2hmKwWDxvc Ium6KJMcFVGrZt7sRrxYF2o5jtpEWqsasXWHn0PO0pu4N7guJQ+q7HVdpygBiEQ7 cm4DI01L+KCbZjFvrlNvdVKV6lhHUN3wi45wqr1GdEE3ssUImXQk33zeWy9dOotT BCsNLCP6vA/97J8GB9gH6wTBt20+zN2mKuG73x/myB2TvWaxoOBKjWSWJhemJ6ER 1ORzp5ill2K23FSbUJWSWf6q5Vnz0x0PGgTkXzcYM/kZlTDKN/VBEjGj8GS5MWDS SS2J4qYCv1kdDQItDDB32ibUQR/Mgha6yGcYG+0w2gPfSpHCQm1teAnq59zqNiif WzMOM08zinyI0VbgTo6uuBMhitxQ2xNYPD5JAuQ3M77DY5tIk+Pje15pCT2TxqxK DKoMF8YoRbb+1095a7g+rP3Nbx8kTDjjDVmnfKEIwoegerkBjQRobrZTAQwA5Xq1 a/1SOTg6Ybak5lTbsude+AVdhca4Obl1NIhHwX7LWRCfaHuMiEccqDvGrSSbeFoc SDlCqwR+lg83HaEU+mVZVOIdb8XXPFcRAfzxBHT0Z0Fa/cFOni9DjftV0U5xpLPZ CAvAFgEYJWnA6zyj0wmTyb9gSo4ejW1Q8S4daBvKi5Ai68hYdGr86k5Rc16KkDAP enVdPReW8bgEWlB3ui09kCVPrW51KZoBO9sdnZMjE3HVoU0B5pr+O0My35jasLw9 zIcYMxR9X9KwcKL3jB4iSZ+g8JQSZ2LeBf1PX9hfHpVbjfWlbrzdwtD+T/pkHO5B n29r5/6cJfGXJgR5VQ7XOxH6GO9I55aUGaTUSDPr+SLumJY91mVPpvxKW64+mTzt U/LfZIbLl76mIs/R1mrG4Sk3/x7KPwoZbvOZn+TFCcAPbtKpvBMCIhWDCXTUD6lm YIgCho8f7CpBXa/M+5EOjIR7OkaCgUqunC0y14BjKwfSHOtpqDg3QCJ6JZNLABEB AAGJAbYEGAEKACAWIQRWEH3y+xoia9/tPMNix0wyfV60KwUCaG62UwIbDAAKCRBi x0wyfV60K0LQC/9NBGhAGk5U7rQGs4cCSho10mWAuR2JSWrxDsXrz5MXEDtUjIrl rEQd/jcRwIdXUeTL5VIQc6vjnsbRE11DKUIpSAT4RJ53vE6qPPNBUqb/IeWcvXye LuO5SsABo0Jeg4pFIMLKpyJbucze/mW8OmJRkaSdjIOzvGdeDFfpoyNRS1y0ml+L mUV7LmCjWX3evS3VYxuCPnFh9ws0CP+Bqhd1M4XdNvQ+UOlRjLpOgF+sok55uoX2 qmpbaEdbhsfzJoU+fkmuX1gVNU1tp6AHrNsRE8s1cbUWFF7otC7lZX7XmmnVWlMT ebuEdsaaVd37kh3GEgwk7DBkeAfKaPTKBqd0yXvspM6rTiO/HX0/A7qQbAvmKrlT s9FmsOHDeIIHJM9LyGHKI5n9w5WzoW4n1IyJAuLibr4PlTv0Ck5Uomj2n9V8mJyC 9DtMDbPIqaolLRKmYxFWJmAYNGVJKC2cgmTs9/f9PTBp7XOlL6PUuJnkju5k7ZSr fDRVOWaor6+4jz0= =sRdV -----END PGP PUBLIC KEY BLOCK----- </pre> </div> </div> * Container Foo <code>sudo gpg --armor --export foo@foo.com > me_foo_pub_key.asc</code> <div class="toccolours mw-collapsible mw-collapsed"> <code>cat me_foo_pub_key.asc</code> output: <div class="mw-collapsible-content"> <pre> ubuntu@foo:~$ cat me_foo_pub_key.asc -----BEGIN PGP PUBLIC KEY BLOCK----- mDMEaGzhvxYJKwYBBAHaRw8BAQdAreSi7V/fTPbOtIDqPfqcp8gCUA7kxJ45s+yP 7GlrsU20HGZvbyAoaSBhbSBmb28pIDxmb29AZm9vLmNvbT6IkwQTFgoAOxYhBBB7 AiJAiVFpHvbJG02cmGsApgz+BQJobOG/AhsDBQsJCAcCAiICBhUKCQgLAgQWAgMB Ah4HAheAAAoJEE2cmGsApgz+0EwBAPQEdUfNPZsSg3z5IWzKi3Z6eZXPk2Jz5mdn /T7RcL5XAPwPfPCPyVjxu6MJ+5ptRtXXe0Qruchbkn09bY/G+HIvCrg4BGhs4b8S CisGAQQBl1UBBQEBB0C7bpVfaiEpBLBrtL4flajkeYP8RppnrU8/PYy4Y5STLgMB CAeIeAQYFgoAIBYhBBB7AiJAiVFpHvbJG02cmGsApgz+BQJobOG/AhsMAAoJEE2c mGsApgz+BLMA+wVv5cYQbz3e7cKOARYXQ0nfzYVBcdo690ehVXixRWZ3AQDbYe3X atp32bolscNX8YBRO47eMuDONZ3mVikRjH7VBQ== =aMeG -----END PGP PUBLIC KEY BLOCK----- </pre> </div> </div> === Import Public Key === <div class="toccolours mw-collapsible mw-collapsed"> Swap Key Pairs in LXC - copy nad paste OR push and pull : <div class="mw-collapsible-content"> * <b>Option 1</b> - Copy and Paste <code>cat me_foo_pub_key.asc</code><br> Copy content and paste in a file in <b>bar</b> container <code>bar-pub.asc</code> and vice versa. * Note: file containing pub key can be called anything, does not require extension <code>.asc</code> as long as you know what it is * <b>Option 2</b> - Push and Pull Optional: Create a Dir for the swap on host:<br> <pre> noob@noob-ThinkPad-T470:~$ mkdir keyswap noob@noob-ThinkPad-T470:~$ cd keyswap/ noob@noob-ThinkPad-T470:~/keyswap$ lxc file pull bar/home/ubuntu/me_bar_pub_key.asc . noob@noob-ThinkPad-T470:~/keyswap$ lxc file pull foo/home/ubuntu/me_foo_pub_key.asc . noob@noob-ThinkPad-T470:~/keyswap$ ls me_bar_pub_key.asc me_foo_pub_key.asc noob@noob-ThinkPad-T470:~/keyswap$ lxc file push me_bar_pub_key.asc foo/home/ubuntu/ noob@noob-ThinkPad-T470:~/keyswap$ lxc file push me_foo_pub_key.asc bar/home/ubuntu/ </pre> </div> </div> * In Container Foo we are going to Import the Public Key for Bar <code>sudo gpg --import me_bar_pub_key.asc</code><br> OutPut:<pre> ubuntu@foo:~$ sudo gpg --import me_bar_pub_key.asc gpg: key 62C74C327D5EB42B: public key "bar (i am bar) <bar@bar.com>" imported gpg: Total number processed: 1 gpg: imported: 1 </pre> * Verify import <code>sudo gpg --list-keys</code><br> OutPut: <pre> ubuntu@foo:~$ sudo gpg --list-keys gpg: checking the trustdb gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u /root/.gnupg/pubring.kbx ------------------------ pub ed25519 2025-07-08 [SC] 107B0222408951691EF6C91B4D9C986B00A60CFE uid [ultimate] foo (i am foo) <foo@foo.com> sub cv25519 2025-07-08 [E] pub rsa3072 2025-07-09 [SC] 56107DF2FB1A226BDFED3CC362C74C327D5EB42B uid [ unknown] bar (i am bar) <bar@bar.com> sub rsa3072 2025-07-09 [E] </pre> * Do the same for other container - vice versa === Trust Level for Imported Key === * Just do this on one container for now - <b>In container Foo</b><br> * Edit Bar's key to set trust <code>sudo gpg --edit-key bar@bar.com</code> * At gpg prompt, type: <code>trust</code> * Choose option 5 (ultimate trust) <code>quit</code> <div class="toccolours mw-collapsible mw-collapsed"> Example of not trusting a public key: <div class="mw-collapsible-content"> * Bar did not place/mark Foo's public key as trusted - and was prompted if sure when encrypting to that recipients public key. <pre> ubuntu@bar:~$ sudo gpg --armor --encrypt --recipient foo@foo.com test.txt gpg: 50307AF320586962: There is no assurance this key belongs to the named user sub cv25519/50307AF320586962 2025-07-08 foo (i am foo) <foo@foo.com> Primary key fingerprint: 107B 0222 4089 5169 1EF6 C91B 4D9C 986B 00A6 0CFE Subkey fingerprint: 4A5D 347A EA1A 88D6 A69C 51CA 5030 7AF3 2058 6962 It is NOT certain that the key belongs to the person named in the user ID. If you *really* know what you are doing, you may answer the next question with yes. Use this key anyway? (y/N) y </pre> </div> </div> ==Encrypt file from Foo to Bar == * Create super secret file: <code>echo "This is a secret message from Foo to Bar!" > secret.txt</code> * Encrypt for Bar <code>sudo gpg --armor --encrypt --recipient bar@bar.com secret.txt</code> * This creates a file encrypted to bar's public key with an <code>.asc</code> extension. <pre> secret.txt.asc </pre> * Send this file to Bar File Contents: <pre> ubuntu@foo:~$ cat secret.txt.asc -----BEGIN PGP MESSAGE----- hQGMA44ulauDXPBRAQwA23c4BIk9J3CgLno+/M0y15394m6nfqCXDZ272LsaBEcR xnbOvJFGdDpqPKVphU/2T4hJ2INqq6f47jZt3xinADPIcLD4r6uIhAeRAIEGUFcq MkfeBuFTlMNDgS8e+B3HSEu58UyBSHxLfGzQF2Y/msG4GV3Em7/C32qEaXlw+5J3 GbYM6xFcR0kKM3rjGQyPPHUTiipR1THHW8C5uUbiywtZqYXBHfj4ahd5iazyBW8f 2Q+abJR987KlEYhcabEvbem/vYjSQIqspXOLgAR+KmSO0w9epbCAkSuwAtHePMT9 QFSBP73+CH9wvdA70EA6mzXY1rer5sDSefMd6w1i95/jxxwQ0jKBS4oJjuzH+L7C P0Io6iUrKsZ+KOVPSW2+gTQaOpg/N0TGK9SyMVSWnrvqKO+joMkfMmSt/i166UXW /PQfn8l4ToUflplzHAmdVQ138XJaaEH9Ul6pUEKrsIZ38Vh/AysXpxukDW3JJAUa qDneeJy0xXSY+CIffcro1HMBCQIQvXTlUw1MexSnpGCbr2y6e/ymT6u3MaZ8lO/T tCpmKzItlOSLRmbpCNfIEInbNJ94oPCNWLue/tJKsHJvCW9nK9Aq2qDN27o6pUGy c2wRHN+nOJIYcAcGIsNAogsQVHmLFUm9L3eaA/LZsLsRAic7 =Vdc9 -----END PGP MESSAGE----- </pre> ===Decrypting file=== * In container Bar <code>sudo gpg --decrypt secret.txt.asc > decrypted_secret.txt</code> <br>Will Be Prompted for your Passphase:<br> <code>cat decrypted_secret.txt</code> <pre> This is a secret message from Foo to Bar! </pre> ==Encryption Image== * Encrypting a image is the same as encrypting a file <code>sudo gpg --armor --encrypt --recipient bar@bar.com test_image.jpg</code> * Will end up with a file with the <code>.asc</code> extension <code>test_image.jpg.asc</code> === Decrypt Image=== <code>sudo gpg --decrypt test_image.jpg.asc > decrypted_image.jpg</code> ==Encryption Directory == * To Encrypt a Directory just Archive the Directory and encrypt that <code>tar -czf secret_folder.tar.gz secret_folder/</code> * And Encrypt the Archive <code>sudo gpg --armor --encrypt --recipient bar@bar.com secret_folder.tar.gz</code> * secret_folder.tar.gz.asc now encrypted and safe to send over network. ===Decrypt Directory=== * Decrypt the archive <code>sudo gpg --decrypt secret_folder.tar.gz.asc > decrypted_folder.tar.gz</code> * Extract the archive <code>tar -xzf decrypted_folder.tar.gz</code> ==Symmetric Encryption (Password-based)== * Will be prompted to enter PassPhase (this is gonna be the password required to decrypt) <code>sudo gpg --armor --symmetric msg.txt</code> * A file with <code>.asc</code> entension will be created. <code>msg.txt.asc</code> ===Decrypt Symmetric Encryption=== * Will be prompted for password <code>sudo sudo gpg --decrypt msg.txt.asc</code> * The above command will print text file content on terminal, if you want decrypted content stored to file, then: <code>sudo sudo gpg --decrypt msg.txt.asc > decrypted-file.txt</code> == Signing and Verifying Files == * <b>IMPORTANT NOTE</b>: In the <b>LXC Containers</b> <code>sudo</code> is required for signing and verifying due to the same issue as key generation (likely missing <code>/run/user/<uid></code> directory). This is not typically required on a normal host. === Signing and Encrypting a File (Foo to Bar) === * In container Foo, create a file to sign and encrypt: <code>echo "This is a signed and encrypted message from Foo to Bar!" > secret_signed.txt</code> * Sign and encrypt the file for Bar's public key: <code>sudo gpg --armor --sign --encrypt --recipient bar@bar.com secret_signed.txt</code> * This creates <code>secret_signed.txt.asc</code>, which is signed by Foo's private key and encrypted for Bar's public key. <div class="toccolours mw-collapsible mw-collapsed"> <code>cat secret_signed.txt.asc</code> output: <div class="mw-collapsible-content"> <pre> ubuntu@foo:~$ cat secret_signed.txt.asc -----BEGIN PGP MESSAGE----- hQGMA44ulauDXPBRAQv/U/tg2p/YuYCA5KLrmRDSLEULp7P7rlQyCWSdCW3N4uL8 vZSDioA7PX/ferpIZWJgh4ulvLG0rWWRWSuzN15C8CCnaFNXd2wzMileMEey6I7b m+kNO6z6CHWc8K+NU2tFZLr/41s71dNiq2zh9gF4D+MOeGHnVXJWOJoG8bVLI1Db jGZiwD23rwzzJR+fuIyufO9g/dLkvBzrTbQVgo7o/BLQrzb9osfoQTOeNa+zGYGe d4728qBmL+vx99yNqA1npw3DpwQSodbMWDTP6VINRzuKFFbNYcz6EqTAyrPInYyi Rko3qPOAadHWeggdnDse3eKS/Kn5omt7uo5gMrl9G6uX7/xUMQ8yicv3By5RrVS1 O8/4R+ZN2Q8kpsyCRY+NiYisBx+Ekx5+EQHws5L5Ez/YR3hlJEc3hJC9/VhvcPR1 rT3RnHoGo2j+fcOLs41XPezAXSd2DtSxVl/m2O7zg4FIx2DMiVAEGCmPw6eKkDQB Xo2SjiG5kcs0bvZTAlv71MBDAQkCEADDE0u8CdcQgc6kW/OU8/bHnws1M2qeZjPQ 5pRgWpH49BKBi4eT4TR0Iq7uMjJuInnzEO+CTims+7CC3T6kXv7GOL3EDwbQ0VjJ mmP4VGvGYu0FaNeJOVkLrMKXepwIFaqjoYWsHDl79h0NdLTdIM6E1BGcDA+A5jJc ydWR3TEQQE+xC/Rt2hem+OKZE5PZpvAXoIz9rVpE/SHi0+2WrHdw9YjQlcE1Tp1M /ZFeuX14pnS0dAmpYWXdm9b1uq4aCPSbyMgAUz1NTRLRD79Ya3qL7DqeLUBUY2vN 4WVCmdV22FhbpGniGxld2zhoyjn2LMiuBPF6eUtRPnvcLt6n4Q== =nKdq -----END PGP MESSAGE----- </pre> </div> </div> * Send <code>secret_signed.txt.asc</code> to Bar (e.g., via <code>lxc file push</code> or copy-paste). === Checking the Signer (Encrypted File) === * In Container Bar we did not Trust Foo's public key * Decrypt and verify the signed file: <code>sudo gpg --decrypt secret_signed.txt.asc > decrypted_signed.txt</code> * GPG will decrypt the file using Bar's private key and verify the signature using Foo's public key. You will be prompted for Bar's passphrase. <div class="toccolours mw-collapsible mw-collapsed"> <code>sudo gpg --decrypt secret_signed.txt.asc > decrypted_signed.txt</code> output: <div class="mw-collapsible-content"> <pre> ubuntu@bar:~$ sudo gpg --decrypt secret_signed.txt.asc > decrypted_signed.txt gpg: encrypted with rsa3072 key, ID 8E2E95AB835CF051, created 2025-07-09 "bar (i am bar) <bar@bar.com>" gpg: Signature made Wed Jul 9 21:00:20 2025 UTC gpg: using EDDSA key 107B0222408951691EF6C91B4D9C986B00A60CFE gpg: Good signature from "foo (i am foo) <foo@foo.com>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 107B 0222 4089 5169 1EF6 C91B 4D9C 986B 00A6 0CFE </pre> </div> </div> * The output shows the file was signed by <code>foo (i am foo) <foo@foo.com></code>. "Good signature" confirms the signature is valid (file is authentic and unaltered). * The output shows you did not add 'foo' to trusted signers <code>WARNING: This key is not certified with a trusted signature!</code> * Check the decrypted content: <code>cat decrypted_signed.txt</code> <pre> This is a signed and encrypted message from Foo to Bar! </pre> == Signing Without Encryption == * In container Foo, sign a file without encrypting it: <code>echo "This is a signed but not encrypted message from Foo!" > public_signed.txt</code> <code>sudo gpg --armor --sign public_signed.txt</code> * This creates <code>public_signed.txt.asc</code>, signed by Foo's private key but readable by anyone. * This file <code>public_signed.txt.asc</code> appears as encrypted when you read content but is not - no password required to make readable. <div class="toccolours mw-collapsible mw-collapsed"> <code>cat public_signed.txt.asc</code> output: <div class="mw-collapsible-content"> <pre> ubuntu@bar:~$ cat public_signed.txt.asc -----BEGIN PGP MESSAGE----- owEBEwLs/ZANAwAKAWLHTDJ9XrQrAaxMYhFwdWJsaWNfc2lnbmVkLnR4dGhu2+RU aGlzIGlzIGEgc2lnbmVkIGJ1dCBub3QgZW5jcnlwdGVkIG1lc3NhZ2UgZnJvbSBG b28hCokBswQAAQoAHRYhBFYQffL7GiJr3+08w2LHTDJ9XrQrBQJobtvkAAoJEGLH TDJ9XrQrtQIL/3xU9S/YekqNt+dx5axx8/elK7gm4CMBvrkxugILdb7H1s2XS/d1 hxBDcRf955vFhiJM3rlC1EpVLEOkrFDIEvIu0NH5A6D6TDNT6ThS+Mcch+35HtFo dAgZv5nBia4Z9uV2PXSS3JhHxZitFmWNX/YCpPaDaMSPCGZHWSq6Li2gBZ74FvzJ A91NVSst2cPXdHbuNyScpHl4E/FegLjQlfUwTq/oGvJ8PWW4Ny5zkzpo+QsNO7O7 DU6vcRrry66AzASanUV8NS6fAjuvxWOaRDRaIn3MctzlEXsQPa6rsS9l3/eNcXT2 qYf7xfF5bMOHk4/c2zxM1+vhooPYg5423OGprvU74T4taSaYvbEm08ul+C9L805c Kk/Z41EDgsDfxGjwf0c3ZfdxkCdVE2xnGxhypxyHan0qTscT+kEnEd67vSGWOXJF B2Y6JvDj6K4ToUDd27gYZtO29jyIA7Ggj+6GpmqbNYgr8nHpaR7xeixLiLz2snuu nBrQq8ixE+Z67Q== =I0Gt -----END PGP MESSAGE----- </pre> </div></div> ===Make Signed Content Readable === * This command will take the signed content and output to a readable file called decrypted-file.txt and gpg wil verify signatory. <code>sudo gpg --output decrypted-file.txt --decrypt public_signed.txt.asc</code> * Note: bar imported and trusted foo's public key <pre> ubuntu@bar:~$ sudo gpg --output decrypted-file.txt --decrypt public_signed.txt.asc gpg: Signature made Wed Jul 9 21:15:16 2025 UTC gpg: using RSA key 56107DF2FB1A226BDFED3CC362C74C327D5EB42B gpg: Good signature from "bar (i am bar) <bar@bar.com>" [ultimate] </pre> lmu09w4yq3jf05jcjnrmchh0xb2gzrs 2 186 614 2025-07-11T13:26:55Z HelaineB72 19 Created page with "I'm a 33 years old and working at the university (English Literature).<br>In my spare time I learn Hindi. I've been there and look forward to go there sometime near future. I love to read, preferably on my kindle. I like to watch The Vampire Diaries and Family Guy as well as documentaries about nature. I love College football." 614 wikitext text/x-wiki I'm a 33 years old and working at the university (English Literature).<br>In my spare time I learn Hindi. I've been there and look forward to go there sometime near future. I love to read, preferably on my kindle. I like to watch The Vampire Diaries and Family Guy as well as documentaries about nature. I love College football. aph2aw9bevdnbuj17jbonz93xgopmrd 616 614 2025-07-11T19:13:15Z AwesomO 5 616 wikitext text/x-wiki i really got to work out how these bots do the mysql inject thingly , before i nuke and pave wiki. This is a bot account. 7wusu4c1rses918fp0moey2fajhizdp 623 616 2025-07-17T11:03:19Z HelaineB72 19 623 wikitext text/x-wiki My hobby is mainly Vintage car. <br>I also to learn Spanish in my spare time. razalqpkqq07kd2xtz8kbwulq7ux1jv 626 623 2025-07-27T13:24:50Z HelaineB72 19 626 wikitext text/x-wiki I'm Helaine (22) from Skoghall, Sweden. <br>I'm learning Japanese literature at a local university and I'm just about to graduate.<br>I have a part time job in a college. jtm98z4nqvdbrb8nhuo87o7iikfx3p6 627 626 2025-07-28T23:40:56Z HelaineB72 19 627 wikitext text/x-wiki Hi there! :) My name is Cierra, I'm a student studying Athletics and Physical Education from Oisterwijk, Netherlands. ecnv78gfhq4q3o8zkea54bz64y9a050 629 627 2025-07-30T02:41:41Z HelaineB72 19 629 wikitext text/x-wiki Im Abraham and was born on 7 January 1981. My hobbies are Nordic skating and Fishkeeping. ifwgp4261migr0m9mcr3846z19599fp 631 629 2025-07-31T08:29:32Z HelaineB72 19 631 wikitext text/x-wiki I am Albert from Les Ulis. I love to play Tuba. Other hobbies are Airsoft. q7xuptaojo4wh7e5ue24zzrw071xarw 632 631 2025-08-01T00:10:49Z AwesomO 5 632 wikitext text/x-wiki Thank you for not posting malicious links, It's appreciated. Before i reboot the wiki in a docker container i have a question: How do you do it? Can you show how you do it in a easy to follow, reproducable walk through tutorial? ilyg640qltpea1ml01fjn8drmgti9iw 638 632 2025-08-12T15:09:52Z HelaineB72 19 638 wikitext text/x-wiki Hi! <br>My name is Ima and I'm a 30 years old girl from Switzerland. ct3nknzcdj1pkpzxufibhnuc1h6w86s 640 638 2025-08-20T14:29:37Z HelaineB72 19 640 wikitext text/x-wiki I'm Cathy (27) from Schnabelwaid, Germany. <br>I'm learning French literature at a local high school and I'm just about to graduate.<br>I have a part time job in a college. 5ou9xs2j7yhzhfjqr3ashmd4sqi5oa7 641 640 2025-08-27T22:44:01Z HelaineB72 19 641 wikitext text/x-wiki Hello, dear friend! I am Dallas. I smile that I could unify to the entire world. I live in United Kingdom, in the south region. I dream to visit the different countries, to get acquainted with appealing people. c3m8bpjganmp6ece5w2fribzigy1vly 679 641 2025-09-09T16:14:47Z HelaineB72 19 679 wikitext text/x-wiki My name is Kerstin (26 years old) and my hobbies are Skiing and Sewing. fsp4mt1uagizjvwx0nzrevzay4y8vjv 681 679 2025-09-16T02:58:28Z HelaineB72 19 681 wikitext text/x-wiki Got nothing to say about me at all.<br>Great to be a part of completenoobs.com.<br>I really hope I'm useful at all k6oq1ukgsoz2yzxd54l7jyxxtogayc6 683 681 2025-09-16T06:10:48Z HelaineB72 19 683 wikitext text/x-wiki I'm a 31 years old, married and work at the college (Social Science Education).<br>In my spare time I try to learn Portuguese. I have been there and look forward to go there anytime soon. I like to read, preferably on my ipad. I like to watch NCIS and Doctor Who as well as docus about anything scientific. I enjoy Microscopy. avd9lalbnyuol9jvwcxnkchu23nuaiq 684 683 2025-09-24T17:23:08Z HelaineB72 19 684 wikitext text/x-wiki I'm a 42 years old and working at the university (Japanese Studies).<br>In my free time I try to teach myself German. I've been twicethere and look forward to go there sometime in the future. I like to read, preferably on my kindle. I like to watch The Big Bang Theory and NCIS as well as docus about anything technological. I love Hunting. 7ceyotub03z4rvncxp50fevhzdjk4iu 687 684 2025-10-13T10:52:18Z HelaineB72 19 687 wikitext text/x-wiki Hi, everybody! <br>I'm Hindi female ;=). <br>I really love College football! qewpkbr6cblz6dltp44t7zybhq7eyl3 688 687 2025-10-14T22:04:49Z HelaineB72 19 688 wikitext text/x-wiki Hi there! :) My name is Delbert, I'm a student studying Philosophy from Guyancourt, France. j70v81jccgddj391z185fqm2y0dk8ui 691 688 2025-10-31T21:12:57Z HelaineB72 19 691 wikitext text/x-wiki I'm Eve and I live in Lodz. <br>I'm interested in Art, Baton twirling and Bengali art. I like travelling and watching Psych. answxf794ro5ngtl0q2aokt3h08kd4w 693 691 2025-11-10T08:10:54Z HelaineB72 19 693 wikitext text/x-wiki I'm Omar (30) from Tveit, Norway. <br>I'm learning Chinese literature at a local high school and I'm just about to graduate.<br>I have a part time job in a college. cvm06jw11f5kdzx7y7rmzy1n8zacpj1 0 187 615 2025-07-11T19:06:27Z AwesomO 5 Created page with "This is very useful for when you have to use an older ubuntu version and want updates. Ubuntu Pro is particularly valuable for older Ubuntu releases (e.g., LTS versions like 16.04, 18.04, etc.) that may no longer receive standard updates. With Ubuntu Pro, you get Expanded Security Maintenance (ESM), which provides security updates and patches for up to 10 years, even for packages in the Ubuntu Main and Universe repositories. This is a lifesaver for legacy systems th..." 615 wikitext text/x-wiki This is very useful for when you have to use an older ubuntu version and want updates. Ubuntu Pro is particularly valuable for older Ubuntu releases (e.g., LTS versions like 16.04, 18.04, etc.) that may no longer receive standard updates. With Ubuntu Pro, you get Expanded Security Maintenance (ESM), which provides security updates and patches for up to 10 years, even for packages in the Ubuntu Main and Universe repositories. This is a lifesaver for legacy systems that need to stay secure. * Ubuntu offers this for free for 5 Machines. == Sign up to ubuntu.com == * https://ubuntu.com/pro/dashboard Login or Create a Ubuntu.com account and on the page https://ubuntu.com/pro/dashboard you will see your token: * a Token will look something like this <code>C18WtPsAUKgzV59TN77FVhrSJvztp4</code> == Active Ubuntu Pro== * Command to attach a machine: <code>sudo pro attach C18WtPsAUKgzV59TN77FVhrSJvztp4</code> * Syntax:<code>sudo pro attach <YOUR_TOKEN></code> == Check Status == <code>sudo pro status</code> == Remove from Pro == <code>sudo pro detach</code> <br> <code>sudo pro detach --assume-yes</code> 94ub7hiu0kp92mtwazngksm4duhkwwv 0 189 618 2025-07-11T19:26:46Z AwesomO 5 Created page with "{|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>UnLicense</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> This is free and unencumbered software released into the public domain. Anyone is free to copy, modify, publish, use, compile, sell, or distribute this software, either in source code form..." 618 wikitext text/x-wiki {|style="border-style: solid; boarder-width: 20px;" align="center" | <b>LICENCE</b>: When you edit this page, you agree to release your contribution under the <b>UnLicense</b><br \> <div class="toccolours mw-collapsible mw-collapsed"> LICENCE <div class="mw-collapsible-content"> This is free and unencumbered software released into the public domain. Anyone is free to copy, modify, publish, use, compile, sell, or distribute this software, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means. In jurisdictions that recognize copyright laws, the author or authors of this software dedicate any and all copyright interest in the software to the public domain. We make this dedication for the benefit of the public at large and to the detriment of our heirs and successors. We intend this dedication to be an overt act of relinquishment in perpetuity of all present and future rights to this software under copyright law. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. For more information, please refer to <https://unlicense.org> </div> </div> |} 5ksdyrpjo4gi4ujbypc590sl7vil8k6 2 190 625 2025-07-24T01:12:05Z ACNAndy77580 20 Created page with "Hi there! :) My name is Karolyn, I'm a student studying Comparative Politics from Eindhoven, Netherlands." 625 wikitext text/x-wiki Hi there! :) My name is Karolyn, I'm a student studying Comparative Politics from Eindhoven, Netherlands. g7ga98xdr0b4ic8mbw9ypihvzhfqs2i 680 625 2025-09-13T18:04:52Z ACNAndy77580 20 680 wikitext text/x-wiki Hello from Austria. I'm glad to be here. My first name is Isidro. <br>I live in a small city called Sperledt in east Austria.<br>I was also born in Sperledt 27 years ago. Married in December year 2001. I'm working at the university. 5behl0d6gmn2p4v0pe6xym13iqhgcws 682 680 2025-09-16T03:48:24Z ACNAndy77580 20 682 wikitext text/x-wiki I'm Irish and I live in a seaside city in northern Denmark, Kobenhavn V. I'm 36 and I'm will soon finish my study at Creative Writing. k6wxcann8nnea9a9z0vs51agbjm66n1 685 682 2025-10-08T02:50:38Z ACNAndy77580 20 685 wikitext text/x-wiki My name is Lavina (44 years old) and my hobbies are Speed skating and Vintage car. enelockdx5skvx3r9fmiv7hg2j2ku3m 686 685 2025-10-13T10:24:23Z ACNAndy77580 20 686 wikitext text/x-wiki My name is Simone Furr. I life in Bruay-La-Buissiere (France). 52ly87l4f4wq9mid5jb22ql5q5pd1qg 689 686 2025-10-15T17:36:11Z ACNAndy77580 20 689 wikitext text/x-wiki I like Association football. Appears boring? Not at all!<br>I to learn Japanese in my free time. 13j9a4siow0w4h2hj4jrdruszut2ja2 690 689 2025-10-30T01:30:35Z ACNAndy77580 20 690 wikitext text/x-wiki I'm Ervin and I live in a seaside city in northern Italy, Tor Vaianica. I'm 27 and I'm will soon finish my study at American Studies. suxqg66aol5e4zm6cqrjild55onadj3 692 690 2025-11-01T17:35:13Z ACNAndy77580 20 692 wikitext text/x-wiki Hi, everybody! My name is Lila. <br>It is a little about myself: I live in Belgium, my city of Jamiolle. <br>It's called often Eastern or cultural capital of WNA. I've married 3 years ago.<br>I have two children - a son (Humberto) and the daughter (Ralph). We all like Canoeing. 7gk0lpas6nwng4yovl1yca5zljeoyjn 694 692 2025-12-07T07:44:57Z ACNAndy77580 20 694 wikitext text/x-wiki Hi, everybody! <br>I'm Hindi male :D. <br>I really like How I Met Your Mother! dh8ahwgxb3gkvvybym6zbuzkqu0pxw5 717 694 2026-03-10T08:48:28Z ACNAndy77580 20 717 wikitext text/x-wiki I am 27 years old and my name is Hollie Stinnett. I life in Hamburg Sasel (Germany). tfykt3nza1he5zp11hlpvwdph79qoph 718 717 2026-03-14T02:40:40Z ACNAndy77580 20 718 wikitext text/x-wiki Hello! <br>My name is Makayla and I'm a 19 years old boy from Sweden. r3cf5vn3uz9lj1i9jyo0fj5uu7evgcn 719 718 2026-03-15T09:08:05Z ACNAndy77580 20 719 wikitext text/x-wiki I'm Veronica and I live with my husband and our two children in Stuttgart West, in the BW south part. My hobbies are Bird watching, Judo and Bonsai. 25fma2hakd8xwl7enop5p8iwyvi43o8 720 719 2026-03-17T20:50:25Z ACNAndy77580 20 720 wikitext text/x-wiki My name: Cortney Amiet<br>My age: 38 years old<br>Country: Sweden<br>City: Munkfors <br>Post code: 684 00<br>Street: Bottna Knutsgard 68 467r0jl50jyzstaz1qs16dpow9kc2x8 721 720 2026-03-21T15:21:56Z ACNAndy77580 20 721 wikitext text/x-wiki My name: Lottie Hayman<br>My age: 23<br>Country: France<br>Home town: Pontoise <br>Post code: 95000<br>Street: 34 Rue De Penthievre 00okw4vdwnerdrxat2rflg9kaualgh1 722 721 2026-03-23T08:25:15Z ACNAndy77580 20 722 wikitext text/x-wiki There is nothing to say about myself at all.<br>Great to be a part of this site.<br>I really hope Im useful at all 62v6atsoh58dbpvhpkq1aepqwp9o3bk 723 722 2026-03-24T09:55:35Z ACNAndy77580 20 723 wikitext text/x-wiki Hello! <br>My name is Juana and I'm a 21 years old boy from Netherlands. 8mzavc11nsuhp248zlzmtqwxjvn8c3z 724 723 2026-03-27T22:42:12Z ACNAndy77580 20 724 wikitext text/x-wiki I'm Michal (29) from Dalmsholte, Netherlands. <br>I'm learning Italian literature at a local college and I'm just about to graduate.<br>I have a part time job in a university. csmcq89zsnw12m7zx1lwppw3jim9orm 726 724 2026-04-07T21:17:46Z ACNAndy77580 20 726 wikitext text/x-wiki My name is Phillipp Kenneally. I life in Marseille (France). jwz18h13l7wk510i7croekr5g0li01v 727 726 2026-04-10T18:13:44Z ACNAndy77580 20 727 wikitext text/x-wiki I'm Kendrick and I live with my husband and our 2 children in Le Mans, in the CENTRE south part. My hobbies are Slot Car Racing, Videophilia (Home theater) and Jukskei. muoqemno31m5cwx7176qst1dpkg43yt 728 727 2026-04-12T03:17:52Z ACNAndy77580 20 728 wikitext text/x-wiki Hi, everybody! My name is Anglea. <br>It is a little about myself: I live in Belgium, my city of Rossignol. <br>It's called often Eastern or cultural capital of WHT. I've married 2 years ago.<br>I have 2 children - a son (Jami) and the daughter (Keisha). We all like Insect collecting. 9nq8wxn3s1a0th1etc6hx534uh7dkip 729 728 2026-04-12T10:41:10Z ACNAndy77580 20 729 wikitext text/x-wiki My hobby is mainly Videophilia (Home theater). Sounds boring? Not at all!<br>I try to learn Portuguese in my free time. 1v8e8gqz5r1h9qc2dwaea4cbt9l91kg 730 729 2026-04-15T01:08:48Z ACNAndy77580 20 730 wikitext text/x-wiki I'm Kenny and was born on 2 May 1971. My hobbies are Fishing and Coloring. 1rm105sjk4s911bna9j1qnnwj67gyta 2 191 628 2025-07-29T13:09:44Z MarcellaCain 21 Created page with "Hi! <br>My name is Marcella and I'm a 17 years old girl from Brazil.<br><br>My web blog [https://www.madisondia.com/zh "VVS2 培育鑽石"]" 628 wikitext text/x-wiki Hi! <br>My name is Marcella and I'm a 17 years old girl from Brazil.<br><br>My web blog [https://www.madisondia.com/zh "VVS2 培育鑽石"] hlvatu6d5pxju39c63dhs60gzujld1f 2 192 630 2025-07-30T18:38:49Z MeganTober 23 Created page with "I'm Brodie (21) from Oppido Mamertina, Italy. <br>I'm learning Japanese literature at a local high school and I'm just about to graduate.<br>I have a part time job in a backery.<br><br>Feel free to visit my page [https://almeriapedia.wikanda.es/wiki/Usuario:EllisRipley "高級ジュエリー 日本"]" 630 wikitext text/x-wiki I'm Brodie (21) from Oppido Mamertina, Italy. <br>I'm learning Japanese literature at a local high school and I'm just about to graduate.<br>I have a part time job in a backery.<br><br>Feel free to visit my page [https://almeriapedia.wikanda.es/wiki/Usuario:EllisRipley "高級ジュエリー 日本"] t2tnlynl60339fbwh3rncyx2d152668 633 630 2025-08-03T23:47:48Z Noob 1 Replaced content with "Spam bot" 633 wikitext text/x-wiki Spam bot 6la1kzobtztyguq7fsa7g2q692djba9 0 193 634 2025-08-10T20:11:26Z AwesomO 5 Created page with "Docker install guides Ubuntu2404_Install_Docker_and_Docker_Compose| Ubuntu 24.04 Install Docker and Docker Compose" 634 wikitext text/x-wiki Docker install guides [[Ubuntu2404_Install_Docker_and_Docker_Compose| Ubuntu 24.04 Install Docker and Docker Compose] qvns7scxteac8wn8gclyc0sxuuq2bc4 636 634 2025-08-10T20:12:53Z AwesomO 5 forgot ] 636 wikitext text/x-wiki Docker install guides <nowiki>[[Ubuntu2404_Install_Docker_and_Docker_Compose| Ubuntu 24.04 Install Docker and Docker Compose]]</nowiki> 4kifle7rbnux2tvs8a8czdl3rfexh3m 637 636 2025-08-10T20:13:43Z AwesomO 5 637 wikitext text/x-wiki Docker install guides [[Ubuntu2404_Install_Docker_and_Docker_Compose| Ubuntu 24.04 Install Docker and Docker Compose]] 265fmtvb9fhvmt1xcxyd7f2ajd0xu44 0 194 635 2025-08-10T20:12:14Z AwesomO 5 Created page with "=== Preparation === Before we begin, make sure you're logged in with a user account that has sudo privileges. === Update System Packages === Update your package list to ensure you have the latest versions of packages: <source lang="bash"> sudo apt update && sudo apt upgrade -y </source> === Install Docker Prerequisites === Install the necessary packages for Docker setup: <source lang="bash"> sudo apt install -y apt-transport-https ca-certificates curl software-pro..." 635 wikitext text/x-wiki === Preparation === Before we begin, make sure you're logged in with a user account that has sudo privileges. === Update System Packages === Update your package list to ensure you have the latest versions of packages: <source lang="bash"> sudo apt update && sudo apt upgrade -y </source> === Install Docker Prerequisites === Install the necessary packages for Docker setup: <source lang="bash"> sudo apt install -y apt-transport-https ca-certificates curl software-properties-common </source> === Setup Docker Repository === * '''Add Docker's Official GPG Key''': <source lang="bash"> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg </source> * '''Add the Docker Repository''': <source lang="bash"> echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null </source> === Install Docker and Docker Compose === * '''Update Package List Again''': <source lang="bash"> sudo apt update </source> * '''Install Docker Engine, CLI, Containerd, and Additional Tools''': <source lang="bash"> sudo apt install -y docker-ce docker-ce-cli containerd.io python3-bs4 python3-requests docker-compose </source> * '''Install Docker Compose''': Here we're downloading the latest version of Docker Compose: <source lang="bash"> sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose </source> Make the Docker Compose binary executable: <source lang="bash"> sudo chmod +x /usr/local/bin/docker-compose </source> === Verify Installation === Check if Docker and Docker Compose are installed correctly: <source lang="bash"> docker --version docker-compose --version </source> === Configure User Permissions === To run Docker commands without <code>sudo</code>, add your user to the <code>docker</code> group: <source lang="bash"> sudo usermod -aG docker $USER </source> '''Note''': After adding your user to the docker group, you'll need to '''log out and log back in''' for the changes to take effect. If you do not log out and back in, Or you do not add your $USER to the docker group, you will be required to use sudo in some cases. such as .. <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip: <div class="mw-collapsible-content"> <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. <b>Remember</b>, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> pcwfaz7lqhdksfkbvau58xq9925tu7i 649 635 2025-08-30T14:40:45Z AwesomO 5 /* Install Docker and Docker Compose */ 649 wikitext text/x-wiki === Preparation === Before we begin, make sure you're logged in with a user account that has sudo privileges. === Update System Packages === Update your package list to ensure you have the latest versions of packages: <source lang="bash"> sudo apt update && sudo apt upgrade -y </source> === Install Docker Prerequisites === Install the necessary packages for Docker setup: <source lang="bash"> sudo apt install -y apt-transport-https ca-certificates curl software-properties-common </source> === Setup Docker Repository === * '''Add Docker's Official GPG Key''': <source lang="bash"> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg </source> * '''Add the Docker Repository''': <source lang="bash"> echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null </source> === Install Docker and Docker Compose === * '''Update Package List Again''': <source lang="bash"> sudo apt update </source> * '''Install Docker Engine, CLI, Containerd, and Additional Tools''': <source lang="bash"> sudo apt install -y docker-ce docker-ce-cli containerd.io python3-bs4 python3-requests docker-compose </source> <!-- * '''Install Docker Compose''': Here we're downloading the latest version of Docker Compose: <source lang="bash"> sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose </source> Make the Docker Compose binary executable: <source lang="bash"> sudo chmod +x /usr/local/bin/docker-compose </source> --> === Verify Installation === Check if Docker and Docker Compose are installed correctly: <source lang="bash"> docker --version docker-compose --version </source> === Configure User Permissions === To run Docker commands without <code>sudo</code>, add your user to the <code>docker</code> group: <source lang="bash"> sudo usermod -aG docker $USER </source> '''Note''': After adding your user to the docker group, you'll need to '''log out and log back in''' for the changes to take effect. If you do not log out and back in, Or you do not add your $USER to the docker group, you will be required to use sudo in some cases. such as .. <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip: <div class="mw-collapsible-content"> <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. <b>Remember</b>, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> 7rwtgn9dsaai4f3p5n9e8y3r8t0hnlr 650 649 2025-09-01T17:34:45Z AwesomO 5 650 wikitext text/x-wiki === Preparation === Before we begin, make sure you're logged in with a user account that has sudo privileges. === Update System Packages === Update your package list to ensure you have the latest versions of packages: <source lang="bash"> sudo apt update && sudo apt upgrade -y </source> === Install Docker Prerequisites === Install the necessary packages for Docker setup: <source lang="bash"> sudo apt install -y apt-transport-https ca-certificates curl software-properties-common </source> === Setup Docker Repository === * '''Add Docker's Official GPG Key''': <source lang="bash"> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg </source> * '''Add the Docker Repository''': <source lang="bash"> echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null </source> === Install Docker and Docker Compose === * '''Update Package List Again''': <source lang="bash"> sudo apt update </source> * '''Install Docker Engine, CLI, Containerd, and Additional Tools''': <source lang="bash"> sudo apt install -y docker-ce docker-ce-cli containerd.io python3-bs4 python3-requests docker-compose </source> <!-- * '''Install Docker Compose''': Here we're downloading the latest version of Docker Compose: <source lang="bash"> sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose </source> Make the Docker Compose binary executable: <source lang="bash"> sudo chmod +x /usr/local/bin/docker-compose </source> --> === Verify Installation === Check if Docker and Docker Compose are installed correctly: <source lang="bash"> docker --version docker-compose --version </source> === Configure User Permissions === To run Docker commands without <code>sudo</code>, add your user to the <code>docker</code> group: <source lang="bash"> sudo usermod -aG docker $USER </source> '''Note''': After adding your user to the docker group, you'll need to '''log out and log back in''' for the changes to take effect. If you do not log out and back in, Or you do not add your $USER to the docker group, you will be required to use sudo in some cases. such as .. <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip: <div class="mw-collapsible-content"> <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. <b>Remember</b>, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===If Installing Docker messed up your LXC/LXD Networking=== To resolve networking conflicts between Docker and LXC containers on Ubuntu 24.04, enable IP forwarding on the host system: * Open the sysctl configuration file in your preferred editor <code>sudo $EDITOR /etc/sysctl.conf</code> * Uncomment or add the following line (around line 28): <pre>net.ipv4.ip_forward=1</pre> * Apply the updated configuration to enable IP forwarding: <code>sysctl -p</code><br> * Restart the system to ensure all changes take effect. This should resolve the networking issue for LXC containers when Docker is installed. ==Install First Container/Image== Download the completenoobs container image, mediawiki with the completenoobs xml installed. <code>docker pull completenoobs/cnoobs-wiki:0.1</code> ===Run container=== * Quick Start <code>docker run -d -p 8080:80 completenoobs/cnoobs-wiki:0.1</code> * Quick Start with Persistent Storage <pre> docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/cnoobs-wiki:0.1 </pre> * Now visit http://localhost:8080 on your browser * Due to (unknown) bug you might need to update the xml to download missing pages: <code>docker exec -it completenoobs_wiki /var/www/html/check_updates.sh</code> <div class="toccolours mw-collapsible mw-collapsed"> Change Admin Password: <div class="mw-collapsible-content"> By default, the admin user's password is <code>AdminPass123!</code>. It's highly recommended to change this immediately. You can do this either through the wiki's web interface or directly in the Docker terminal.<br><br> <b>Method 1: Change Password via Web Interface</b><br> This is the easiest method. You can change your password directly from the wiki itself.<br> 1. Log in to your wiki with the default credentials: <code>admin</code> / <code>AdminPass123!</code>.<br> 2. Once logged in, click your username (<code>admin</code>) in the top-right corner of the page.<br> 3. From the drop-down menu, select <b>Preferences</b>.<br> 4. On the Preferences page, go to the <b>Password</b> tab.<br> 5. Enter the current password (<code>AdminPass123!</code>), then enter your new password twice.<br> 6. Click <b>Change password</b>.<br> Your password is now changed, and you will need to use the new one for future logins.<br><br> <b>Method 2: Change Password via Terminal (No-Email Reset)</b><br> If you have forgotten the password or prefer to use the command line, you can reset it directly inside the Docker container using a MediaWiki maintenance script.<br> 1. <b>Access the container's shell</b> with the following command from your host machine:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> 2. Once inside the container, use the <code>changePassword.php</code> maintenance script to change the password. This is the modern, recommended way to run MediaWiki maintenance scripts.<br> * Change <b>NEWPASSWORD</b> to your new password<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD </syntaxhighlight> 3. Type <code>exit</code> to leave the container's shell.<br> The admin password has now been reset. You can log in to your wiki with the new password. </div> </div> ===Remove container=== To completely remove the <code>completenoobs/cnoobs-wiki:0.1</code> container and image from your Ubuntu 24.04 system, follow these steps. You can also remove associated persistent storage volumes if they were created.<br><br> <b>Step 1: Stop and Remove the Container</b><br> If the container is running, stop it and then remove it.<br> <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki </syntaxhighlight> Alternatively, stop and remove in one command:<br> <syntaxhighlight lang="bash"> docker rm -f completenoobs_wiki </syntaxhighlight><br> <b>Step 2: Remove the Docker Image</b><br> Remove the <code>completenoobs/cnoobs-wiki:0.1</code> image.<br> <syntaxhighlight lang="bash"> docker rmi completenoobs/cnoobs-wiki:0.1 </syntaxhighlight> Note: If the image is in use by other containers, remove those containers first or use <code>docker rmi -f completenoobs/cnoobs-wiki:0.1</code> to force removal (use with caution).<br><br> <b>Step 3: Remove Persistent Storage Volumes (Optional)</b><br> If you used persistent storage, remove the associated volumes to free up space.<br> <syntaxhighlight lang="bash"> docker volume rm completenoobs_mysql completenoobs_images </syntaxhighlight> Note: Ensure no other containers are using these volumes, as this will delete all stored data.<br><br> <b>Step 4: Verify Removal</b><br> Check that the container, image, and volumes are removed.<br> - List all containers (including stopped ones):<br> <syntaxhighlight lang="bash"> docker ps -a </syntaxhighlight> - List all images:<br> <syntaxhighlight lang="bash"> docker images </syntaxhighlight> - List all volumes:<br> <syntaxhighlight lang="bash"> docker volume ls </syntaxhighlight> If any items remain, repeat the relevant removal commands or check for dependencies. pbrk5rfovifm7o9ex8qqdfbn4dyu2ny 664 650 2025-09-01T20:50:32Z AwesomO 5 /* Run container */ 664 wikitext text/x-wiki === Preparation === Before we begin, make sure you're logged in with a user account that has sudo privileges. === Update System Packages === Update your package list to ensure you have the latest versions of packages: <source lang="bash"> sudo apt update && sudo apt upgrade -y </source> === Install Docker Prerequisites === Install the necessary packages for Docker setup: <source lang="bash"> sudo apt install -y apt-transport-https ca-certificates curl software-properties-common </source> === Setup Docker Repository === * '''Add Docker's Official GPG Key''': <source lang="bash"> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg </source> * '''Add the Docker Repository''': <source lang="bash"> echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null </source> === Install Docker and Docker Compose === * '''Update Package List Again''': <source lang="bash"> sudo apt update </source> * '''Install Docker Engine, CLI, Containerd, and Additional Tools''': <source lang="bash"> sudo apt install -y docker-ce docker-ce-cli containerd.io python3-bs4 python3-requests docker-compose </source> <!-- * '''Install Docker Compose''': Here we're downloading the latest version of Docker Compose: <source lang="bash"> sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose </source> Make the Docker Compose binary executable: <source lang="bash"> sudo chmod +x /usr/local/bin/docker-compose </source> --> === Verify Installation === Check if Docker and Docker Compose are installed correctly: <source lang="bash"> docker --version docker-compose --version </source> === Configure User Permissions === To run Docker commands without <code>sudo</code>, add your user to the <code>docker</code> group: <source lang="bash"> sudo usermod -aG docker $USER </source> '''Note''': After adding your user to the docker group, you'll need to '''log out and log back in''' for the changes to take effect. If you do not log out and back in, Or you do not add your $USER to the docker group, you will be required to use sudo in some cases. such as .. <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip: <div class="mw-collapsible-content"> <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. <b>Remember</b>, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===If Installing Docker messed up your LXC/LXD Networking=== To resolve networking conflicts between Docker and LXC containers on Ubuntu 24.04, enable IP forwarding on the host system: * Open the sysctl configuration file in your preferred editor <code>sudo $EDITOR /etc/sysctl.conf</code> * Uncomment or add the following line (around line 28): <pre>net.ipv4.ip_forward=1</pre> * Apply the updated configuration to enable IP forwarding: <code>sysctl -p</code><br> * Restart the system to ensure all changes take effect. This should resolve the networking issue for LXC containers when Docker is installed. ==Install First Container/Image== Download the completenoobs container image, mediawiki with the completenoobs xml installed. <code>docker pull completenoobs/cnoobs-wiki:0.1</code> ===Run container=== * Quick Start <code>docker run -d -p 8080:80 completenoobs/cnoobs-wiki:0.1</code> * Quick Start with Persistent Storage <pre> docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/cnoobs-wiki:0.1 </pre> * NOTE: The above <code>docker run</code> command is for quick testing, if you want to be able to export your wiki's database to an XML file you can backup and share, please use method in expanding info box below. <div class="toccolours mw-collapsible mw-collapsed"> If you want to be able to Export Your MediaWiki Database to Dated XML File - use this <code>docker run</code> method: <div class="mw-collapsible-content"> To export your MediaWiki database to a dated XML file (e.g., <code>20250901.xml</code>) and save it to the host’s <code>~/wiki-container</code> directory, run the export script inside the Docker container and use a volume mount to write the file to the host.<br><br> <b>Step 1: Create Host Directory</b><br> On the host, ensure the <code>~/wiki-container</code> directory exists:<br> <syntaxhighlight lang="bash"> mkdir -p ~/wiki-container </syntaxhighlight><br> <b>Step 2: Run Container with Volume Mount</b><br> If your container isn’t already using a volume for <code>~/wiki-container</code>, stop and remove it, then restart with a volume mount:<br> <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/cnoobs-wiki:0.1 </syntaxhighlight><br> <b>Step 3: Run Export Script in Container</b><br> Access the container’s shell:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> Inside the container, run the export script to create a dated XML file:<br> <syntaxhighlight lang="bash"> DATE=$(date +%Y%m%d) php /var/www/html/maintenance/run.php dumpBackup.php --full --output=file:/export/$DATE.xml exit </syntaxhighlight> This writes the file (e.g., <code>20250901.xml</code>) to <code>/export</code> in the container, which maps to <code>~/wiki-container</code> on the host.<br><br> <b>Step 4: Verify the File</b><br> On the host, check for the XML file:<br> <syntaxhighlight lang="bash"> ls ~/wiki-container </syntaxhighlight> You should see a file like <code>20250901.xml</code>.<br><br> <b>Notes</b><br> - If you encounter permission issues, ensure the container’s user has write access to <code>/export</code>:<br> <syntaxhighlight lang="bash"> chmod -R 777 /export </syntaxhighlight> - The script must be run inside the container, as it requires MediaWiki’s environment and database access.<br> - If your container uses a different volume setup, adjust the mount point accordingly. </div> </div> * Now visit http://localhost:8080 on your browser * Due to (unknown) bug you might need to update the xml to download missing pages: <code>docker exec -it completenoobs_wiki /var/www/html/check_updates.sh</code> <div class="toccolours mw-collapsible mw-collapsed"> Change Admin Password: <div class="mw-collapsible-content"> By default, the admin user's password is <code>AdminPass123!</code>. It's highly recommended to change this immediately. You can do this either through the wiki's web interface or directly in the Docker terminal.<br><br> <b>Method 1: Change Password via Web Interface</b><br> This is the easiest method. You can change your password directly from the wiki itself.<br> 1. Log in to your wiki with the default credentials: <code>admin</code> / <code>AdminPass123!</code>.<br> 2. Once logged in, click your username (<code>admin</code>) in the top-right corner of the page.<br> 3. From the drop-down menu, select <b>Preferences</b>.<br> 4. On the Preferences page, go to the <b>Password</b> tab.<br> 5. Enter the current password (<code>AdminPass123!</code>), then enter your new password twice.<br> 6. Click <b>Change password</b>.<br> Your password is now changed, and you will need to use the new one for future logins.<br><br> <b>Method 2: Change Password via Terminal (No-Email Reset)</b><br> If you have forgotten the password or prefer to use the command line, you can reset it directly inside the Docker container using a MediaWiki maintenance script.<br> 1. <b>Access the container's shell</b> with the following command from your host machine:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> 2. Once inside the container, use the <code>changePassword.php</code> maintenance script to change the password. This is the modern, recommended way to run MediaWiki maintenance scripts.<br> * Change <b>NEWPASSWORD</b> to your new password<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD </syntaxhighlight> 3. Type <code>exit</code> to leave the container's shell.<br> The admin password has now been reset. You can log in to your wiki with the new password. </div> </div> ===Remove container=== To completely remove the <code>completenoobs/cnoobs-wiki:0.1</code> container and image from your Ubuntu 24.04 system, follow these steps. You can also remove associated persistent storage volumes if they were created.<br><br> <b>Step 1: Stop and Remove the Container</b><br> If the container is running, stop it and then remove it.<br> <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki </syntaxhighlight> Alternatively, stop and remove in one command:<br> <syntaxhighlight lang="bash"> docker rm -f completenoobs_wiki </syntaxhighlight><br> <b>Step 2: Remove the Docker Image</b><br> Remove the <code>completenoobs/cnoobs-wiki:0.1</code> image.<br> <syntaxhighlight lang="bash"> docker rmi completenoobs/cnoobs-wiki:0.1 </syntaxhighlight> Note: If the image is in use by other containers, remove those containers first or use <code>docker rmi -f completenoobs/cnoobs-wiki:0.1</code> to force removal (use with caution).<br><br> <b>Step 3: Remove Persistent Storage Volumes (Optional)</b><br> If you used persistent storage, remove the associated volumes to free up space.<br> <syntaxhighlight lang="bash"> docker volume rm completenoobs_mysql completenoobs_images </syntaxhighlight> Note: Ensure no other containers are using these volumes, as this will delete all stored data.<br><br> <b>Step 4: Verify Removal</b><br> Check that the container, image, and volumes are removed.<br> - List all containers (including stopped ones):<br> <syntaxhighlight lang="bash"> docker ps -a </syntaxhighlight> - List all images:<br> <syntaxhighlight lang="bash"> docker images </syntaxhighlight> - List all volumes:<br> <syntaxhighlight lang="bash"> docker volume ls </syntaxhighlight> If any items remain, repeat the relevant removal commands or check for dependencies. kpzqzvm9fpdst37mgtdpj2tchdgc67i 666 664 2025-09-01T21:13:29Z AwesomO 5 /* Run container */ 666 wikitext text/x-wiki === Preparation === Before we begin, make sure you're logged in with a user account that has sudo privileges. === Update System Packages === Update your package list to ensure you have the latest versions of packages: <source lang="bash"> sudo apt update && sudo apt upgrade -y </source> === Install Docker Prerequisites === Install the necessary packages for Docker setup: <source lang="bash"> sudo apt install -y apt-transport-https ca-certificates curl software-properties-common </source> === Setup Docker Repository === * '''Add Docker's Official GPG Key''': <source lang="bash"> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg </source> * '''Add the Docker Repository''': <source lang="bash"> echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null </source> === Install Docker and Docker Compose === * '''Update Package List Again''': <source lang="bash"> sudo apt update </source> * '''Install Docker Engine, CLI, Containerd, and Additional Tools''': <source lang="bash"> sudo apt install -y docker-ce docker-ce-cli containerd.io python3-bs4 python3-requests docker-compose </source> <!-- * '''Install Docker Compose''': Here we're downloading the latest version of Docker Compose: <source lang="bash"> sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose </source> Make the Docker Compose binary executable: <source lang="bash"> sudo chmod +x /usr/local/bin/docker-compose </source> --> === Verify Installation === Check if Docker and Docker Compose are installed correctly: <source lang="bash"> docker --version docker-compose --version </source> === Configure User Permissions === To run Docker commands without <code>sudo</code>, add your user to the <code>docker</code> group: <source lang="bash"> sudo usermod -aG docker $USER </source> '''Note''': After adding your user to the docker group, you'll need to '''log out and log back in''' for the changes to take effect. If you do not log out and back in, Or you do not add your $USER to the docker group, you will be required to use sudo in some cases. such as .. <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip: <div class="mw-collapsible-content"> <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. <b>Remember</b>, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===If Installing Docker messed up your LXC/LXD Networking=== To resolve networking conflicts between Docker and LXC containers on Ubuntu 24.04, enable IP forwarding on the host system: * Open the sysctl configuration file in your preferred editor <code>sudo $EDITOR /etc/sysctl.conf</code> * Uncomment or add the following line (around line 28): <pre>net.ipv4.ip_forward=1</pre> * Apply the updated configuration to enable IP forwarding: <code>sysctl -p</code><br> * Restart the system to ensure all changes take effect. This should resolve the networking issue for LXC containers when Docker is installed. ==Install First Container/Image== Download the completenoobs container image, mediawiki with the completenoobs xml installed. <code>docker pull completenoobs/cnoobs-wiki:0.1</code> ===Run container=== * Quick Start <code>docker run -d -p 8080:80 completenoobs/cnoobs-wiki:0.1</code> * Quick Start with Persistent Storage <pre> docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/cnoobs-wiki:0.1 </pre> * NOTE: The above <code>docker run</code> command is for quick testing, if you want to be able to export your wiki's database to an XML file you can backup and share, please use method in expanding info box below. <div class="toccolours mw-collapsible mw-collapsed"> If you want to be able to Export Your MediaWiki Database to Dated XML File - use this <code>docker run</code> method: <div class="mw-collapsible-content"> To export your MediaWiki database to a dated XML file (e.g., <code>20250901.xml</code>) and save it to the host’s <code>~/wiki-container</code> directory, run the export script inside the Docker container and use a volume mount to write the file to the host.<br><br> <b>Step 1: Create Host Directory</b><br> On the host, ensure the <code>~/wiki-container</code> directory exists:<br> <syntaxhighlight lang="bash"> mkdir -p ~/wiki-container </syntaxhighlight><br> <b>Step 2: Run Container with Volume Mount</b><br> If your container isn’t already using a volume for <code>~/wiki-container</code>, stop and remove it, then restart with a volume mount:<br> <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/cnoobs-wiki:0.1 </syntaxhighlight><br> <b>Step 3: Run Export Script in Container</b><br> Access the container’s shell:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> Inside the container, run the export script to create a dated XML file:<br> <syntaxhighlight lang="bash"> DATE=$(date +%Y%m%d) php /var/www/html/maintenance/run.php dumpBackup.php --full --output=file:/export/$DATE.xml exit </syntaxhighlight> This writes the file (e.g., <code>20250901.xml</code>) to <code>/export</code> in the container, which maps to <code>~/wiki-container</code> on the host.<br><br> <b>Step 4: Verify the File</b><br> On the host, check for the XML file:<br> <syntaxhighlight lang="bash"> ls ~/wiki-container </syntaxhighlight> You should see a file like <code>20250901.xml</code>.<br><br> <b>Notes</b><br> - If you encounter permission issues, ensure the container’s user has write access to <code>/export</code>:<br> <syntaxhighlight lang="bash"> chmod -R 777 /export </syntaxhighlight> - The script must be run inside the container, as it requires MediaWiki’s environment and database access.<br> - If your container uses a different volume setup, adjust the mount point accordingly. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Import MediaWiki XML File from Host Directory: <div class="mw-collapsible-content"> To import a <code>wiki.xml</code> file from the host’s <code>~/wiki-container</code> directory into your MediaWiki instance running in a Docker container, use the <code>importDump.php</code> script inside the container. The <code>~/wiki-container</code> directory is mounted as <code>/export</code> in the container, allowing the container to read the file.<br><br> <b>Step 1: Place the XML File</b><br> On the host, move or copy the <code>wiki.xml</code> file to <code>~/wiki-container</code>:<br> <syntaxhighlight lang="bash"> mv ~/Downloads/wiki.xml ~/wiki-container/ </syntaxhighlight> Verify the file is present:<br> <syntaxhighlight lang="bash"> ls ~/wiki-container </syntaxhighlight><br> <b>Step 2: Access the Container’s Shell</b><br> Enter the container’s shell:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight><br> <b>Step 3: Run the Import Script</b><br> Inside the container, import the <code>wiki.xml</code> file:<br> Can check file is present in container with <code>ls /export/</code><br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php importDump.php /export/wiki.xml </syntaxhighlight><br> Note: This imports the XML content into the MediaWiki database. For large files, this may take time.<br><br> <b>Step 4: Rebuild Wiki Indexes (Optional but Recommended)</b><br> Rebuild the wiki’s indexes to ensure imported content is accessible:<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php rebuildall.php </syntaxhighlight><br> <b>Step 5: Exit the Container</b><br> Exit the container’s shell:<br> <syntaxhighlight lang="bash"> exit </syntaxhighlight><br> <b>Step 6: Verify the Import</b><br> Visit your wiki (e.g., <code>http://localhost:8080</code>) to check if the imported pages appear. If issues arise, check the container logs:<br> <syntaxhighlight lang="bash"> docker logs completenoobs_wiki </syntaxhighlight><br> <b>Notes</b><br> - Ensure the container has read access to <code>/export</code>. Fix permissions if needed:<br> <syntaxhighlight lang="bash"> chmod -R 777 /export </syntaxhighlight> - If you want to overwrite existing pages, use the <code>--no-updates</code> flag with <code>importDump.php</code>.<br> - If the container wasn’t started with <code>~/wiki-container</code> mounted as <code>/export</code>, restart it with:<br> <syntaxhighlight lang="bash"> docker run -d -p 8080:80 -v ~/wiki-container:/export --name completenoobs_wiki completenoobs/cnoobs-wiki:0.1 </syntaxhighlight> </div> </div> * Now visit http://localhost:8080 on your browser * Due to (unknown) bug you might need to update the xml to download missing pages: <code>docker exec -it completenoobs_wiki /var/www/html/check_updates.sh</code> <div class="toccolours mw-collapsible mw-collapsed"> Change Admin Password: <div class="mw-collapsible-content"> By default, the admin user's password is <code>AdminPass123!</code>. It's highly recommended to change this immediately. You can do this either through the wiki's web interface or directly in the Docker terminal.<br><br> <b>Method 1: Change Password via Web Interface</b><br> This is the easiest method. You can change your password directly from the wiki itself.<br> 1. Log in to your wiki with the default credentials: <code>admin</code> / <code>AdminPass123!</code>.<br> 2. Once logged in, click your username (<code>admin</code>) in the top-right corner of the page.<br> 3. From the drop-down menu, select <b>Preferences</b>.<br> 4. On the Preferences page, go to the <b>Password</b> tab.<br> 5. Enter the current password (<code>AdminPass123!</code>), then enter your new password twice.<br> 6. Click <b>Change password</b>.<br> Your password is now changed, and you will need to use the new one for future logins.<br><br> <b>Method 2: Change Password via Terminal (No-Email Reset)</b><br> If you have forgotten the password or prefer to use the command line, you can reset it directly inside the Docker container using a MediaWiki maintenance script.<br> 1. <b>Access the container's shell</b> with the following command from your host machine:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> 2. Once inside the container, use the <code>changePassword.php</code> maintenance script to change the password. This is the modern, recommended way to run MediaWiki maintenance scripts.<br> * Change <b>NEWPASSWORD</b> to your new password<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD </syntaxhighlight> 3. Type <code>exit</code> to leave the container's shell.<br> The admin password has now been reset. You can log in to your wiki with the new password. </div> </div> ===Remove container=== To completely remove the <code>completenoobs/cnoobs-wiki:0.1</code> container and image from your Ubuntu 24.04 system, follow these steps. You can also remove associated persistent storage volumes if they were created.<br><br> <b>Step 1: Stop and Remove the Container</b><br> If the container is running, stop it and then remove it.<br> <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki </syntaxhighlight> Alternatively, stop and remove in one command:<br> <syntaxhighlight lang="bash"> docker rm -f completenoobs_wiki </syntaxhighlight><br> <b>Step 2: Remove the Docker Image</b><br> Remove the <code>completenoobs/cnoobs-wiki:0.1</code> image.<br> <syntaxhighlight lang="bash"> docker rmi completenoobs/cnoobs-wiki:0.1 </syntaxhighlight> Note: If the image is in use by other containers, remove those containers first or use <code>docker rmi -f completenoobs/cnoobs-wiki:0.1</code> to force removal (use with caution).<br><br> <b>Step 3: Remove Persistent Storage Volumes (Optional)</b><br> If you used persistent storage, remove the associated volumes to free up space.<br> <syntaxhighlight lang="bash"> docker volume rm completenoobs_mysql completenoobs_images </syntaxhighlight> Note: Ensure no other containers are using these volumes, as this will delete all stored data.<br><br> <b>Step 4: Verify Removal</b><br> Check that the container, image, and volumes are removed.<br> - List all containers (including stopped ones):<br> <syntaxhighlight lang="bash"> docker ps -a </syntaxhighlight> - List all images:<br> <syntaxhighlight lang="bash"> docker images </syntaxhighlight> - List all volumes:<br> <syntaxhighlight lang="bash"> docker volume ls </syntaxhighlight> If any items remain, repeat the relevant removal commands or check for dependencies. sp85t7vlzqhy7285ell1qcolcmsvapm 667 666 2025-09-01T21:16:15Z AwesomO 5 /* Install First Container/Image */ 667 wikitext text/x-wiki === Preparation === Before we begin, make sure you're logged in with a user account that has sudo privileges. === Update System Packages === Update your package list to ensure you have the latest versions of packages: <source lang="bash"> sudo apt update && sudo apt upgrade -y </source> === Install Docker Prerequisites === Install the necessary packages for Docker setup: <source lang="bash"> sudo apt install -y apt-transport-https ca-certificates curl software-properties-common </source> === Setup Docker Repository === * '''Add Docker's Official GPG Key''': <source lang="bash"> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg </source> * '''Add the Docker Repository''': <source lang="bash"> echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null </source> === Install Docker and Docker Compose === * '''Update Package List Again''': <source lang="bash"> sudo apt update </source> * '''Install Docker Engine, CLI, Containerd, and Additional Tools''': <source lang="bash"> sudo apt install -y docker-ce docker-ce-cli containerd.io python3-bs4 python3-requests docker-compose </source> <!-- * '''Install Docker Compose''': Here we're downloading the latest version of Docker Compose: <source lang="bash"> sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose </source> Make the Docker Compose binary executable: <source lang="bash"> sudo chmod +x /usr/local/bin/docker-compose </source> --> === Verify Installation === Check if Docker and Docker Compose are installed correctly: <source lang="bash"> docker --version docker-compose --version </source> === Configure User Permissions === To run Docker commands without <code>sudo</code>, add your user to the <code>docker</code> group: <source lang="bash"> sudo usermod -aG docker $USER </source> '''Note''': After adding your user to the docker group, you'll need to '''log out and log back in''' for the changes to take effect. If you do not log out and back in, Or you do not add your $USER to the docker group, you will be required to use sudo in some cases. such as .. <div class="toccolours mw-collapsible mw-collapsed"> a way to apply group changes without logging out and back in - tip: <div class="mw-collapsible-content"> <pre> exec sudo su -l $USER </pre> This command will replace your current shell with a new login shell for your user, which will have the updated group memberships. Both of these methods will apply the group changes immediately, allowing you to use LXD commands without having to log out and back in. <b>Remember</b>, these changes only apply to the current terminal session. If you open a new terminal window, you might need to run the command again or log out and back in for the changes to take effect system-wide. </div> </div> ===If Installing Docker messed up your LXC/LXD Networking=== To resolve networking conflicts between Docker and LXC containers on Ubuntu 24.04, enable IP forwarding on the host system: * Open the sysctl configuration file in your preferred editor <code>sudo $EDITOR /etc/sysctl.conf</code> * Uncomment or add the following line (around line 28): <pre>net.ipv4.ip_forward=1</pre> * Apply the updated configuration to enable IP forwarding: <code>sysctl -p</code><br> * Restart the system to ensure all changes take effect. This should resolve the networking issue for LXC containers when Docker is installed. ==Install First Container/Image== Download the completenoobs container image, mediawiki with the completenoobs xml installed. <code>docker pull completenoobs/cnoobs-wiki:0.1</code> ===Run container=== * Quick Start <code>docker run -d -p 8080:80 completenoobs/cnoobs-wiki:0.1</code> * Quick Start with Persistent Storage <pre> docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/cnoobs-wiki:0.1 </pre> * NOTE: The above <code>docker run</code> command is for quick testing, if you want to be able to export your wiki's database to an XML file you can backup and share, please use method in expanding info box below. <div class="toccolours mw-collapsible mw-collapsed"> If you want to be able to Export Your MediaWiki Database to Dated XML File - use this <code>docker run</code> method: <div class="mw-collapsible-content"> To export your MediaWiki database to a dated XML file (e.g., <code>20250901.xml</code>) and save it to the host’s <code>~/wiki-container</code> directory, run the export script inside the Docker container and use a volume mount to write the file to the host.<br><br> <b>Step 1: Create Host Directory</b><br> On the host, ensure the <code>~/wiki-container</code> directory exists:<br> <syntaxhighlight lang="bash"> mkdir -p ~/wiki-container </syntaxhighlight><br> <b>Step 2: Run Container with Volume Mount</b><br> If your container isn’t already using a volume for <code>~/wiki-container</code>, stop and remove it, then restart with a volume mount:<br> <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/cnoobs-wiki:0.1 </syntaxhighlight><br> <b>Step 3: Run Export Script in Container</b><br> Access the container’s shell:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> Inside the container, run the export script to create a dated XML file:<br> <syntaxhighlight lang="bash"> DATE=$(date +%Y%m%d) php /var/www/html/maintenance/run.php dumpBackup.php --full --output=file:/export/$DATE.xml exit </syntaxhighlight> This writes the file (e.g., <code>20250901.xml</code>) to <code>/export</code> in the container, which maps to <code>~/wiki-container</code> on the host.<br><br> <b>Step 4: Verify the File</b><br> On the host, check for the XML file:<br> <syntaxhighlight lang="bash"> ls ~/wiki-container </syntaxhighlight> You should see a file like <code>20250901.xml</code>.<br><br> <b>Notes</b><br> - If you encounter permission issues, ensure the container’s user has write access to <code>/export</code>:<br> <syntaxhighlight lang="bash"> chmod -R 777 /export </syntaxhighlight> - The script must be run inside the container, as it requires MediaWiki’s environment and database access.<br> - If your container uses a different volume setup, adjust the mount point accordingly. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> Import MediaWiki XML File from Host Directory: <div class="mw-collapsible-content"> To import a <code>wiki.xml</code> file from the host’s <code>~/wiki-container</code> directory into your MediaWiki instance running in a Docker container, use the <code>importDump.php</code> script inside the container. The <code>~/wiki-container</code> directory is mounted as <code>/export</code> in the container, allowing the container to read the file.<br><br> <b>Step 1: Place the XML File</b><br> On the host, move or copy the <code>wiki.xml</code> file to <code>~/wiki-container</code>:<br> <syntaxhighlight lang="bash"> mv ~/Downloads/wiki.xml ~/wiki-container/ </syntaxhighlight> Verify the file is present:<br> <syntaxhighlight lang="bash"> ls ~/wiki-container </syntaxhighlight><br> <b>Step 2: Access the Container’s Shell</b><br> Enter the container’s shell:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight><br> <b>Step 3: Run the Import Script</b><br> Inside the container, import the <code>wiki.xml</code> file:<br> Can check file is present in container with <code>ls /export/</code><br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php importDump.php /export/wiki.xml </syntaxhighlight><br> Note: This imports the XML content into the MediaWiki database. For large files, this may take time.<br><br> <b>Step 4: Rebuild Wiki Indexes (Optional but Recommended)</b><br> Rebuild the wiki’s indexes to ensure imported content is accessible:<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php rebuildall.php </syntaxhighlight><br> <b>Step 5: Exit the Container</b><br> Exit the container’s shell:<br> <syntaxhighlight lang="bash"> exit </syntaxhighlight><br> <b>Step 6: Verify the Import</b><br> Visit your wiki (e.g., <code>http://localhost:8080</code>) to check if the imported pages appear. If issues arise, check the container logs:<br> <syntaxhighlight lang="bash"> docker logs completenoobs_wiki </syntaxhighlight><br> <b>Notes</b><br> - Ensure the container has read access to <code>/export</code>. Fix permissions if needed:<br> <syntaxhighlight lang="bash"> chmod -R 777 /export </syntaxhighlight> - If you want to overwrite existing pages, use the <code>--no-updates</code> flag with <code>importDump.php</code>.<br> - If the container wasn’t started with <code>~/wiki-container</code> mounted as <code>/export</code>, restart it with:<br> <syntaxhighlight lang="bash"> docker run -d -p 8080:80 -v ~/wiki-container:/export --name completenoobs_wiki completenoobs/cnoobs-wiki:0.1 </syntaxhighlight> </div> </div> * Now visit http://localhost:8080 on your browser * Due to (unknown) bug you might need to update the xml to download missing pages: <code>docker exec -it completenoobs_wiki /var/www/html/check_updates.sh</code> <div class="toccolours mw-collapsible mw-collapsed"> Change Admin Password: <div class="mw-collapsible-content"> By default, the admin user's password is <code>AdminPass123!</code>. It's highly recommended to change this immediately. You can do this either through the wiki's web interface or directly in the Docker terminal.<br><br> <b>Method 1: Change Password via Web Interface</b><br> This is the easiest method. You can change your password directly from the wiki itself.<br> 1. Log in to your wiki with the default credentials: <code>admin</code> / <code>AdminPass123!</code>.<br> 2. Once logged in, click your username (<code>admin</code>) in the top-right corner of the page.<br> 3. From the drop-down menu, select <b>Preferences</b>.<br> 4. On the Preferences page, go to the <b>Password</b> tab.<br> 5. Enter the current password (<code>AdminPass123!</code>), then enter your new password twice.<br> 6. Click <b>Change password</b>.<br> Your password is now changed, and you will need to use the new one for future logins.<br><br> <b>Method 2: Change Password via Terminal (No-Email Reset)</b><br> If you have forgotten the password or prefer to use the command line, you can reset it directly inside the Docker container using a MediaWiki maintenance script.<br> 1. <b>Access the container's shell</b> with the following command from your host machine:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> 2. Once inside the container, use the <code>changePassword.php</code> maintenance script to change the password. This is the modern, recommended way to run MediaWiki maintenance scripts.<br> * Change <b>NEWPASSWORD</b> to your new password<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD </syntaxhighlight> 3. Type <code>exit</code> to leave the container's shell.<br> The admin password has now been reset. You can log in to your wiki with the new password. </div> </div> ===Remove container=== To completely remove the <code>completenoobs/cnoobs-wiki:0.1</code> container and image from your Ubuntu 24.04 system, follow these steps. You can also remove associated persistent storage volumes if they were created.<br><br> <b>Step 1: Stop and Remove the Container</b><br> If the container is running, stop it and then remove it.<br> <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki </syntaxhighlight> Alternatively, stop and remove in one command:<br> <syntaxhighlight lang="bash"> docker rm -f completenoobs_wiki </syntaxhighlight><br> <b>Step 2: Remove the Docker Image</b><br> Remove the <code>completenoobs/cnoobs-wiki:0.1</code> image.<br> <syntaxhighlight lang="bash"> docker rmi completenoobs/cnoobs-wiki:0.1 </syntaxhighlight> Note: If the image is in use by other containers, remove those containers first or use <code>docker rmi -f completenoobs/cnoobs-wiki:0.1</code> to force removal (use with caution).<br><br> <b>Step 3: Remove Persistent Storage Volumes (Optional)</b><br> If you used persistent storage, remove the associated volumes to free up space.<br> <syntaxhighlight lang="bash"> docker volume rm completenoobs_mysql completenoobs_images </syntaxhighlight> Note: Ensure no other containers are using these volumes, as this will delete all stored data.<br><br> <b>Step 4: Verify Removal</b><br> Check that the container, image, and volumes are removed.<br> - List all containers (including stopped ones):<br> <syntaxhighlight lang="bash"> docker ps -a </syntaxhighlight> - List all images:<br> <syntaxhighlight lang="bash"> docker images </syntaxhighlight> - List all volumes:<br> <syntaxhighlight lang="bash"> docker volume ls </syntaxhighlight> If any items remain, repeat the relevant removal commands or check for dependencies. ==Docker Compose container== 305asmps5ggguytt17mjbwh8pnzhi5y 0 195 648 2025-08-29T12:25:59Z AwesomO 5 Created page with "= Setting Up a Plain MediaWiki Instance with Docker on Ubuntu 24.04 = This guide provides a simple, step-by-step process to set up a basic MediaWiki instance locally using Docker and Docker Compose on Ubuntu 24.04. It is designed for beginners and assumes you have Docker and Docker Compose installed (see [[Docker_Install_Guide]] for setup details). The setup includes MediaWiki with a MariaDB database, running in Docker containers. == Prerequisites == * Ubuntu 24.04..." 648 wikitext text/x-wiki = Setting Up a Plain MediaWiki Instance with Docker on Ubuntu 24.04 = This guide provides a simple, step-by-step process to set up a basic MediaWiki instance locally using Docker and Docker Compose on Ubuntu 24.04. It is designed for beginners and assumes you have Docker and Docker Compose installed (see [[Docker_Install_Guide]] for setup details). The setup includes MediaWiki with a MariaDB database, running in Docker containers. == Prerequisites == * Ubuntu 24.04 * Docker and Docker Compose installed * Basic familiarity with terminal commands * Internet connection for pulling Docker images == Step 1: Create a Project Directory == Create a dedicated directory to organize your MediaWiki setup files. <br> <code>mkdir mediawiki-docker</code><br> <code>cd mediawiki-docker</code> == Step 2: Create a Docker Compose File == Create a '''docker-compose.yml''' file to define the MediaWiki and MariaDB services. <code>nano docker-compose.yml</code> Paste the following configuration into <code>docker-compose.yml</code>: <pre> version: '3.8' services: mediawiki: image: mediawiki:1.41 ports: - "8080:80" depends_on: database: condition: service_healthy # volumes: # will uncomment these 2 lines after init setup of wiki # - ./LocalSettings.php:/var/www/html/LocalSettings.php:ro environment: - MEDIAWIKI_DB_HOST=database - MEDIAWIKI_DB_USER=wikiuser - MEDIAWIKI_DB_PASSWORD=securepassword - MEDIAWIKI_DB_NAME=mediawiki database: image: mariadb:10.11 environment: - MARIADB_ROOT_PASSWORD=securepassword - MARIADB_DATABASE=mediawiki - MARIADB_USER=wikiuser - MARIADB_PASSWORD=securepassword - MARIADB_AUTO_UPGRADE=1 volumes: - db_data:/var/lib/mysql healthcheck: test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] interval: 10s timeout: 5s retries: 5 mem_limit: 512m volumes: db_data: </pre> Save and exit (`Ctrl+O`, `Enter`, `Ctrl+X`). '''Explanation:''' * The mediawiki service uses MediaWiki 1.41 for stability. * `database` service uses the MariaDB image for the database. * Port `8080` maps to MediaWiki's web server port `80`. * Environment variables set up the database connection. * A volume persists MariaDB data. * `LocalSettings.php` will be mounted later after setup. == Step 3: Start the Containers == Run the following command to start the MediaWiki and MariaDB containers: <code>docker-compose up -d</code> * `-d` runs containers in the background. * This pulls the MediaWiki and MariaDB images and starts the services. == Step 4: Verify Containers Are Running == Check that both containers are running: <code>docker ps</code> You should see two containers: one for `mediawiki` and one for `mariadb`. == Step 5: Access the MediaWiki Setup Page == Open a web browser and navigate to: http://localhost:8080 You should see the MediaWiki setup page. If not, ensure containers are running and port `8080` is not blocked. == Step 6: Complete the MediaWiki Web Installer == Follow the on-screen instructions in the browser: * Select your language and click "Continue." * Accept the defaults for database settings, these details can be found in your '''docker-compose.yml''' file. ** host: '''database''' - change from default '''localhost''' ** user: '''wikiuser''' - change from default '''root''' ** password: '''securepassword''' ** database name: '''mediawiki''' - change from default '''my_wiki''' * Set up an admin user and password for your wiki. * Complete the installation. At the end, MediaWiki generates a '''LocalSettings.php''' file. == Step 7: Download and Place LocalSettings.php == The installer prompts you to download `LocalSettings.php`. Save it to your `mediawiki-docker` directory: <code>mv ~/Downloads/LocalSettings.php ~/mediawiki-docker/</code> Ensure the file is named exactly '''LocalSettings.php'''.<br> The Docker Compose configuration mounts this file into the MediaWiki container. == Step 8: Restart Containers == Restart the containers to apply '''LocalSettings.php''': * Turn off container <code>docker-compose down</code> * Edit '''docker-compose.yml''' and uncomment the lines <pre> # volumes: # will uncomment these 2 lines after init setup of wiki # - ./LocalSettings.php:/var/www/html/LocalSettings.php:ro </pre> <pre> version: '3.8' services: mediawiki: image: mediawiki:1.41 ports: - "8080:80" depends_on: database: condition: service_healthy volumes: # will uncomment these 2 lines after init setup of wiki - ./LocalSettings.php:/var/www/html/LocalSettings.php:ro environment: - MEDIAWIKI_DB_HOST=database - MEDIAWIKI_DB_USER=wikiuser - MEDIAWIKI_DB_PASSWORD=securepassword - MEDIAWIKI_DB_NAME=mediawiki database: image: mariadb:10.11 environment: - MARIADB_ROOT_PASSWORD=securepassword - MARIADB_DATABASE=mediawiki - MARIADB_USER=wikiuser - MARIADB_PASSWORD=securepassword - MARIADB_AUTO_UPGRADE=1 volumes: - db_data:/var/lib/mysql healthcheck: test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] interval: 10s timeout: 5s retries: 5 mem_limit: 512m volumes: db_data: </pre> * start container <code>docker-compose up -d</code> == Step 9: Access Your Wiki == Visit `http://localhost:8080` again. You should now see your MediaWiki instance. Log in with the admin credentials you set during installation. == Step 10: Basic Usage == * Create and edit pages using the MediaWiki interface. * Access the wiki at `http://localhost:8080`. * Manage users and settings via the admin account. == Stopping and Removing Containers == To stop the containers: <code>docker-compose stop</code> To stop and remove containers (data persists in the `db_data` volume): <code>docker-compose down</code> To remove all data (including the database), also delete the volume: <code>docker-compose down -v</code> == Network Configuration == By default, your wiki might only be accessible from the host machine where Docker is running, using <code>localhost</code> or <code>127.0.0.1</code>. However, if you want others on your network to access your wiki, you need to make some adjustments. '''Current Setup:''' The computer running Docker Compose has an IP address of <code>192.168.0.44</code>. * You can find the IP address of your computer running Docker using the command: <code>ip addr</code><br> <div class="toccolours mw-collapsible mw-collapsed"> OutPut from <code>ip addr</code> <div class="mw-collapsible-content"> <pre> noob@noob-HP-EliteDesk-800-G1-DM:~$ ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host noprefixroute valid_lft forever preferred_lft forever 2: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 8c:dc:d4:3d:93:49 brd ff:ff:ff:ff:ff:ff altname enp0s25 3: wlxe8de27142be2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether e8:de:27:14:2b:e2 brd ff:ff:ff:ff:ff:ff inet 192.168.0.44/24 brd 192.168.0.255 scope global dynamic noprefixroute wlxe8de27142be2 valid_lft 86357sec preferred_lft 86357sec inet6 fe80::afbe:cc73:73a2:fcdf/64 scope link noprefixroute valid_lft forever preferred_lft forever </pre> </div> </div> My IP is <code>192.168.0.44</code> If someone from another computer on the network tries to visit <code>192.168.0.44:8080</code>, they might encounter a "cannot connect" error. This happens because MediaWiki, by default, redirects to <code>127.0.0.1:8080</code>, which is only accessible from the host machine itself. '''Solution:''' To allow access from other devices on the same network, you need to: * '''Edit the <code>LocalSettings.php</code> File:''' This isn't done inside the Docker container but rather in the directory where your <code>docker-compose.yml</code> file is located (~/mediawiki-docker/LocalSettings.php). Here, you need to change the server URL configuration. * '''Modify URL Configuration:''' On lines 34-35 of <code>LocalSettings.php</code>, you'll find the following: === Allowing Access from Other Network Devices === Edit <code>LocalSettings.php</code> in the Docker Compose directory to change the server URL: * Default - around line 33 <source lang="php"> ## The protocol and server name to use in fully-qualified URLs $wgServer = 'http://127.0.0.1:8080'; </source> *Changed <source lang="php"> ## The protocol and server name to use in fully-qualified URLs $wgServer = 'http://192.168.0.44:8080'; </source> * Restart Docker to apply changes: <source lang="bash"> docker-compose restart </source> This allows access to your wiki from other devices on the network using <code>192.168.0.44:8080</code>. This adjustment tells MediaWiki to use the network IP of the host (<code>192.168.0.44</code>) instead of the local loopback (<code>127.0.0.1</code>), allowing other devices on the network to access the wiki through <code>192.168.0.44:8080</code>. Even after this change, <code>localhost:8080</code> or <code>127.0.0.1:8080</code> will still work on the host machine, but now the wiki is also accessible via the network IP from other devices. == Troubleshooting == * '''Cannot access localhost:8080''': Check `docker ps` to ensure containers are running. Verify port `8080` is not used by another service (`sudo netstat -tuln | grep 8080`). * '''Database connection error''': Ensure environment variables in `docker-compose.yml` match the installer settings. * '''LocalSettings.php not found''': Confirm the file is in the `mediawiki-docker` directory and named correctly. == Notes == * The database data is stored in a Docker volume (`db_data`) and persists between container restarts. * To customize MediaWiki, edit `LocalSettings.php` and restart containers. * For production, secure `MYSQL_ROOT_PASSWORD` and `MEDIAWIKI_DB_PASSWORD` with stronger values. == References == * [[Docker_Install_Guide]] * [https://hub.docker.com/_/mediawiki Official MediaWiki Docker Image] * [https://hub.docker.com/_/mariadb Official MariaDB Docker Image] * [https://www.mediawiki.org/wiki/Manual:Installing_MediaWiki MediaWiki Installation Guide] r08fc2oddjbkv4xn2h4gj4axikgcmiq 663 648 2025-09-01T20:35:47Z AwesomO 5 /* Step 2: Create a Docker Compose File */ 663 wikitext text/x-wiki = Setting Up a Plain MediaWiki Instance with Docker on Ubuntu 24.04 = This guide provides a simple, step-by-step process to set up a basic MediaWiki instance locally using Docker and Docker Compose on Ubuntu 24.04. It is designed for beginners and assumes you have Docker and Docker Compose installed (see [[Docker_Install_Guide]] for setup details). The setup includes MediaWiki with a MariaDB database, running in Docker containers. == Prerequisites == * Ubuntu 24.04 * Docker and Docker Compose installed * Basic familiarity with terminal commands * Internet connection for pulling Docker images == Step 1: Create a Project Directory == Create a dedicated directory to organize your MediaWiki setup files. <br> <code>mkdir mediawiki-docker</code><br> <code>cd mediawiki-docker</code> == Step 2: Create a Docker Compose File == Create a '''docker-compose.yml''' file to define the MediaWiki and MariaDB services. <code>nano docker-compose.yml</code> Paste the following configuration into <code>docker-compose.yml</code>: <pre> version: '3.8' services: mediawiki: image: mediawiki:1.41 ports: - "8080:80" depends_on: database: condition: service_healthy volumes: # will uncomment line below after init setup of wiki # - ./LocalSettings.php:/var/www/html/LocalSettings.php:ro environment: - MEDIAWIKI_DB_HOST=database - MEDIAWIKI_DB_USER=wikiuser - MEDIAWIKI_DB_PASSWORD=securepassword - MEDIAWIKI_DB_NAME=mediawiki database: image: mariadb:10.11 environment: - MARIADB_ROOT_PASSWORD=securepassword - MARIADB_DATABASE=mediawiki - MARIADB_USER=wikiuser - MARIADB_PASSWORD=securepassword - MARIADB_AUTO_UPGRADE=1 volumes: - db_data:/var/lib/mysql healthcheck: test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] interval: 10s timeout: 5s retries: 5 mem_limit: 512m volumes: db_data: </pre> Save and exit (`Ctrl+O`, `Enter`, `Ctrl+X`). '''Explanation:''' * The mediawiki service uses MediaWiki 1.41 for stability. * `database` service uses the MariaDB image for the database. * Port `8080` maps to MediaWiki's web server port `80`. * Environment variables set up the database connection. * A volume persists MariaDB data. * `LocalSettings.php` will be mounted later after setup. == Step 3: Start the Containers == Run the following command to start the MediaWiki and MariaDB containers: <code>docker-compose up -d</code> * `-d` runs containers in the background. * This pulls the MediaWiki and MariaDB images and starts the services. == Step 4: Verify Containers Are Running == Check that both containers are running: <code>docker ps</code> You should see two containers: one for `mediawiki` and one for `mariadb`. == Step 5: Access the MediaWiki Setup Page == Open a web browser and navigate to: http://localhost:8080 You should see the MediaWiki setup page. If not, ensure containers are running and port `8080` is not blocked. == Step 6: Complete the MediaWiki Web Installer == Follow the on-screen instructions in the browser: * Select your language and click "Continue." * Accept the defaults for database settings, these details can be found in your '''docker-compose.yml''' file. ** host: '''database''' - change from default '''localhost''' ** user: '''wikiuser''' - change from default '''root''' ** password: '''securepassword''' ** database name: '''mediawiki''' - change from default '''my_wiki''' * Set up an admin user and password for your wiki. * Complete the installation. At the end, MediaWiki generates a '''LocalSettings.php''' file. == Step 7: Download and Place LocalSettings.php == The installer prompts you to download `LocalSettings.php`. Save it to your `mediawiki-docker` directory: <code>mv ~/Downloads/LocalSettings.php ~/mediawiki-docker/</code> Ensure the file is named exactly '''LocalSettings.php'''.<br> The Docker Compose configuration mounts this file into the MediaWiki container. == Step 8: Restart Containers == Restart the containers to apply '''LocalSettings.php''': * Turn off container <code>docker-compose down</code> * Edit '''docker-compose.yml''' and uncomment the lines <pre> # volumes: # will uncomment these 2 lines after init setup of wiki # - ./LocalSettings.php:/var/www/html/LocalSettings.php:ro </pre> <pre> version: '3.8' services: mediawiki: image: mediawiki:1.41 ports: - "8080:80" depends_on: database: condition: service_healthy volumes: # will uncomment these 2 lines after init setup of wiki - ./LocalSettings.php:/var/www/html/LocalSettings.php:ro environment: - MEDIAWIKI_DB_HOST=database - MEDIAWIKI_DB_USER=wikiuser - MEDIAWIKI_DB_PASSWORD=securepassword - MEDIAWIKI_DB_NAME=mediawiki database: image: mariadb:10.11 environment: - MARIADB_ROOT_PASSWORD=securepassword - MARIADB_DATABASE=mediawiki - MARIADB_USER=wikiuser - MARIADB_PASSWORD=securepassword - MARIADB_AUTO_UPGRADE=1 volumes: - db_data:/var/lib/mysql healthcheck: test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] interval: 10s timeout: 5s retries: 5 mem_limit: 512m volumes: db_data: </pre> * start container <code>docker-compose up -d</code> == Step 9: Access Your Wiki == Visit `http://localhost:8080` again. You should now see your MediaWiki instance. Log in with the admin credentials you set during installation. == Step 10: Basic Usage == * Create and edit pages using the MediaWiki interface. * Access the wiki at `http://localhost:8080`. * Manage users and settings via the admin account. == Stopping and Removing Containers == To stop the containers: <code>docker-compose stop</code> To stop and remove containers (data persists in the `db_data` volume): <code>docker-compose down</code> To remove all data (including the database), also delete the volume: <code>docker-compose down -v</code> == Network Configuration == By default, your wiki might only be accessible from the host machine where Docker is running, using <code>localhost</code> or <code>127.0.0.1</code>. However, if you want others on your network to access your wiki, you need to make some adjustments. '''Current Setup:''' The computer running Docker Compose has an IP address of <code>192.168.0.44</code>. * You can find the IP address of your computer running Docker using the command: <code>ip addr</code><br> <div class="toccolours mw-collapsible mw-collapsed"> OutPut from <code>ip addr</code> <div class="mw-collapsible-content"> <pre> noob@noob-HP-EliteDesk-800-G1-DM:~$ ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host noprefixroute valid_lft forever preferred_lft forever 2: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 8c:dc:d4:3d:93:49 brd ff:ff:ff:ff:ff:ff altname enp0s25 3: wlxe8de27142be2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether e8:de:27:14:2b:e2 brd ff:ff:ff:ff:ff:ff inet 192.168.0.44/24 brd 192.168.0.255 scope global dynamic noprefixroute wlxe8de27142be2 valid_lft 86357sec preferred_lft 86357sec inet6 fe80::afbe:cc73:73a2:fcdf/64 scope link noprefixroute valid_lft forever preferred_lft forever </pre> </div> </div> My IP is <code>192.168.0.44</code> If someone from another computer on the network tries to visit <code>192.168.0.44:8080</code>, they might encounter a "cannot connect" error. This happens because MediaWiki, by default, redirects to <code>127.0.0.1:8080</code>, which is only accessible from the host machine itself. '''Solution:''' To allow access from other devices on the same network, you need to: * '''Edit the <code>LocalSettings.php</code> File:''' This isn't done inside the Docker container but rather in the directory where your <code>docker-compose.yml</code> file is located (~/mediawiki-docker/LocalSettings.php). Here, you need to change the server URL configuration. * '''Modify URL Configuration:''' On lines 34-35 of <code>LocalSettings.php</code>, you'll find the following: === Allowing Access from Other Network Devices === Edit <code>LocalSettings.php</code> in the Docker Compose directory to change the server URL: * Default - around line 33 <source lang="php"> ## The protocol and server name to use in fully-qualified URLs $wgServer = 'http://127.0.0.1:8080'; </source> *Changed <source lang="php"> ## The protocol and server name to use in fully-qualified URLs $wgServer = 'http://192.168.0.44:8080'; </source> * Restart Docker to apply changes: <source lang="bash"> docker-compose restart </source> This allows access to your wiki from other devices on the network using <code>192.168.0.44:8080</code>. This adjustment tells MediaWiki to use the network IP of the host (<code>192.168.0.44</code>) instead of the local loopback (<code>127.0.0.1</code>), allowing other devices on the network to access the wiki through <code>192.168.0.44:8080</code>. Even after this change, <code>localhost:8080</code> or <code>127.0.0.1:8080</code> will still work on the host machine, but now the wiki is also accessible via the network IP from other devices. == Troubleshooting == * '''Cannot access localhost:8080''': Check `docker ps` to ensure containers are running. Verify port `8080` is not used by another service (`sudo netstat -tuln | grep 8080`). * '''Database connection error''': Ensure environment variables in `docker-compose.yml` match the installer settings. * '''LocalSettings.php not found''': Confirm the file is in the `mediawiki-docker` directory and named correctly. == Notes == * The database data is stored in a Docker volume (`db_data`) and persists between container restarts. * To customize MediaWiki, edit `LocalSettings.php` and restart containers. * For production, secure `MYSQL_ROOT_PASSWORD` and `MEDIAWIKI_DB_PASSWORD` with stronger values. == References == * [[Docker_Install_Guide]] * [https://hub.docker.com/_/mediawiki Official MediaWiki Docker Image] * [https://hub.docker.com/_/mariadb Official MariaDB Docker Image] * [https://www.mediawiki.org/wiki/Manual:Installing_MediaWiki MediaWiki Installation Guide] 4ziw4e5aog137m4fzmetk8c5ltrgd5z 0 196 651 2025-09-01T17:36:41Z AwesomO 5 Created page with "= Complete Noobs Docker Wiki Tutorial = ==errors== * This mainly works - just need to fix the extensions popular pages and contrubtion scores * The XML updater requires more work - currently idea placeholder == Prerequisites == * Ubuntu 24.04 * Docker installed and running * Your user in docker group: <code>sudo usermod -aG docker $USER</code> (then logout/login) == Step 1: Clean Start == Remove any previous attempts: <syntaxhighlight lang="bash"> # Stop and remove e..." 651 wikitext text/x-wiki = Complete Noobs Docker Wiki Tutorial = ==errors== * This mainly works - just need to fix the extensions popular pages and contrubtion scores * The XML updater requires more work - currently idea placeholder == Prerequisites == * Ubuntu 24.04 * Docker installed and running * Your user in docker group: <code>sudo usermod -aG docker $USER</code> (then logout/login) == Step 1: Clean Start == Remove any previous attempts: <syntaxhighlight lang="bash"> # Stop and remove existing containers/images docker stop completenoobs_wiki 2>/dev/null || true docker rm completenoobs_wiki 2>/dev/null || true docker rmi completenoobs/wiki:latest 2>/dev/null || true # Remove old build directory cd ~ rm -rf completenoobs-docker-image # Create fresh directory mkdir completenoobs-docker-image cd completenoobs-docker-image </syntaxhighlight> == Step 2: Create All Files == === 2.1: Dockerfile === <syntaxhighlight lang="bash"> nano Dockerfile </syntaxhighlight> Copy this exactly: <syntaxhighlight lang="dockerfile"> FROM mediawiki:1.44 # Mediawiki 1.44 used over latest because can confirm extensions youtube and pagenotice works # Install dependencies RUN apt-get update && apt-get install -y \ mariadb-server \ python3 \ python3-requests \ python3-bs4 \ python3-pygments \ curl \ wget \ unzip \ nano \ git \ && apt-get clean # Copy scripts COPY download_latest_xml.py /usr/src/download_latest_xml.py COPY setup_wiki.sh /usr/src/setup_wiki.sh COPY update_xml.sh /usr/src/update_xml.sh COPY entrypoint.sh /entrypoint.sh # Make executable RUN chmod +x /usr/src/setup_wiki.sh /entrypoint.sh /usr/src/update_xml.sh # Download XML RUN python3 /usr/src/download_latest_xml.py # Setup wiki RUN /usr/src/setup_wiki.sh EXPOSE 80 VOLUME /var/lib/mysql VOLUME /var/www/html/images ENTRYPOINT ["/entrypoint.sh"] </syntaxhighlight> === 2.2: XML Download Script === <syntaxhighlight lang="bash"> nano download_latest_xml.py </syntaxhighlight> <syntaxhighlight lang="python"> #!/usr/bin/env python3 import os import requests from bs4 import BeautifulSoup import re BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_available_dumps(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] return sorted(dumps, key=parse_date_from_dump, reverse=True) except Exception as e: print(f"Error fetching dumps: {e}") return [] def get_dump_files(dump): try: response = requests.get(f"{BASE_URL}{dump}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] return sorted(files, reverse=True) except Exception as e: print(f"Error fetching dump files: {e}") return [] def download_file(url, filename): try: print(f"Downloading {filename}...") response = requests.get(url, stream=True, timeout=60) response.raise_for_status() total_size = int(response.headers.get('content-length', 0)) downloaded = 0 with open(filename, 'wb') as f: for chunk in response.iter_content(chunk_size=8192): if chunk: f.write(chunk) downloaded += len(chunk) if total_size > 0: progress = (downloaded / total_size) * 100 print(f"\rProgress: {progress:.1f}%", end='', flush=True) print() return True except Exception as e: print(f"Error downloading {filename}: {e}") return False def main(): print("Fetching available XML dumps...") dumps = get_available_dumps() if not dumps: print("No dumps found!") exit(1) newest_dump = dumps[0] print(f"Latest dump: {newest_dump}") files = get_dump_files(newest_dump) if not files: print("No XML files found in latest dump!") exit(1) newest_xml = files[0] xml_url = f"{BASE_URL}{newest_dump}/{newest_xml}" local_filename = "/tmp/completenoobs_dump.xml" if download_file(xml_url, local_filename): print(f"Successfully downloaded {newest_xml}") with open("/tmp/dump_info.txt", "w") as f: f.write(f"{newest_dump}/{newest_xml}") else: print("Failed to download XML dump!") exit(1) if __name__ == "__main__": main() </syntaxhighlight> === 2.3: Main Setup Script === <syntaxhighlight lang="bash"> nano setup_wiki.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "Setting up CompleteNoobs Wiki..." # Initialize MariaDB if [ ! -d "/var/lib/mysql/mysql" ]; then mysql_install_db --user=mysql --datadir=/var/lib/mysql fi service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 2 done # Setup database mysql -e "CREATE DATABASE IF NOT EXISTS completenoobs_wiki CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'127.0.0.1' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'127.0.0.1';" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'localhost' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'localhost';" mysql -e "FLUSH PRIVILEGES;" # Install MediaWiki cd /var/www/html php maintenance/install.php \ --dbtype=mysql \ --dbserver=127.0.0.1 \ --dbname=completenoobs_wiki \ --dbuser=wikiuser \ --dbpass=wikipass \ --server="http://localhost:8080" \ --scriptpath="" \ --lang=en \ --pass=AdminPass123! \ "CompleteNoobs Wiki" \ "admin" # Download and install extensions cd extensions/ git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/PageNotice --branch REL1_44 || echo "PageNotice download failed, continuing..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/YouTube --branch REL1_44 || echo "YouTube download failed, continuing..." cd /var/www/html # Configure LocalSettings.php cat >> LocalSettings.php << 'EOF' # Basic settings $wgEnableUploads = true; $wgUseImageMagick = true; $wgImageMagickConvertCommand = "/usr/bin/convert"; $wgDefaultSkin = "vector-2022"; $wgAllowExternalImages = true; # Debug (can be removed later) $wgShowExceptionDetails = true; $wgDebugLogFile = "/tmp/mediawiki-debug.log"; # PageNotice extension (if available) if ( file_exists( "$IP/extensions/PageNotice/extension.json" ) ) { wfLoadExtension( 'PageNotice' ); } # YouTube extension (if available) if ( file_exists( "$IP/extensions/YouTube/extension.json" ) ) { wfLoadExtension( 'YouTube' ); } # SyntaxHighlight (usually bundled) if ( file_exists( "$IP/extensions/SyntaxHighlight_GeSHi/extension.json" ) ) { wfLoadExtension( 'SyntaxHighlight_GeSHi' ); $wgPygmentizePath = '/usr/bin/pygmentize'; } EOF # Import XML dump if available if [ -f "/tmp/completenoobs_dump.xml" ]; then echo "Importing XML dump..." if php maintenance/importDump.php --uploads < /tmp/completenoobs_dump.xml; then echo "XML import completed!" else echo "XML import had warnings" fi # Basic maintenance php maintenance/update.php --quick || echo "Update completed with warnings" php maintenance/rebuildrecentchanges.php || echo "RecentChanges rebuilt with warnings" php maintenance/initSiteStats.php || echo "SiteStats initialized with warnings" if [ -f "/tmp/dump_info.txt" ]; then echo "Import: $(cat /tmp/dump_info.txt)" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import fi else echo "No XML dump found - starting with empty wiki" fi # Copy update script to accessible location cp /usr/src/update_xml.sh /var/www/html/update_xml.sh chmod +x /var/www/html/update_xml.sh # Create user-friendly update wrapper cat > /var/www/html/check_updates.sh << 'UPDATE_WRAPPER_EOF' #!/bin/bash echo "=== CompleteNoobs Wiki Update Checker ===" echo "" echo "This tool checks for new content from the CompleteNoobs XML repository" echo "and imports ONLY new pages, preserving all your local edits." echo "" /var/www/html/update_xml.sh UPDATE_WRAPPER_EOF chmod +x /var/www/html/check_updates.sh # Create simple status script cat > /var/www/html/check_status.sh << 'STATUS_EOF' #!/bin/bash cd /var/www/html echo "=== Wiki Status ===" echo "Pages: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "Error")" echo "Users: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM user WHERE user_id > 0;" -s -N 2>/dev/null || echo "Error")" echo "" echo "=== Extensions ===" if [ -d "extensions/PageNotice" ]; then echo "PageNotice: Installed" else echo "PageNotice: Not installed" fi if [ -d "extensions/YouTube" ]; then echo "YouTube: Installed" else echo "YouTube: Not installed" fi if [ -d "extensions/ContributionScores" ]; then echo "ContributionScores: Installed" else echo "ContributionScores: Not installed" fi echo "" echo "=== Update System ===" if [ -f ".last_import" ]; then echo "Current version: $(grep 'Import:' .last_import | cut -d' ' -f2)" echo "Import date: $(grep 'Date:' .last_import | cut -d' ' -f2-)" else echo "No version info available" fi echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" STATUS_EOF chmod +x /var/www/html/check_status.sh echo "" echo "Setup completed!" echo "Admin: admin / AdminPass123!" echo "Update scripts installed:" echo "- /var/www/html/check_updates.sh (user-friendly)" echo "- /var/www/html/update_xml.sh (direct)" # Final counts PAGES=$(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "0") echo "Pages imported: $PAGES" service mariadb stop </syntaxhighlight> === 2.4: XML Update Script === <syntaxhighlight lang="bash"> nano update_xml.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "=== CompleteNoobs Wiki XML Updater ===" echo "This will check for new and updated pages" echo "" # Function to check if running in container check_environment() { if [ ! -f "/var/www/html/LocalSettings.php" ]; then echo "Error: This script must be run inside the wiki container" exit 1 fi } # Function to get current XML version get_current_version() { if [ -f "/var/www/html/.last_import" ]; then grep "Import:" /var/www/html/.last_import | cut -d' ' -f2 else echo "none" fi } # Function to check for updates check_for_updates() { python3 - << 'PYTHON_EOF' import requests from bs4 import BeautifulSoup import re import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_latest_dump(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] if dumps: latest = sorted(dumps, key=parse_date_from_dump, reverse=True)[0] # Get XML files from latest dump response = requests.get(f"{BASE_URL}{latest}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] if files: newest_xml = sorted(files, reverse=True)[0] print(f"{latest}/{newest_xml}") sys.exit(0) except Exception as e: print(f"ERROR: {e}", file=sys.stderr) sys.exit(1) print("ERROR: No dumps found", file=sys.stderr) sys.exit(1) get_latest_dump() PYTHON_EOF } # Function to download new XML download_xml() { local dump_info="$1" local dump_dir=$(echo "$dump_info" | cut -d'/' -f1) local xml_file=$(echo "$dump_info" | cut -d'/' -f2) local url="https://xml.completenoobs.com/xmlDumps/${dump_info}" echo "Downloading: $xml_file" echo "From: $dump_dir" echo "URL: $url" if wget -O /tmp/new_dump.xml "$url" --progress=bar:force 2>&1; then echo "Download successful!" return 0 else echo "Download failed!" return 1 fi } # Function to backup current database backup_database() { echo "Creating database backup..." TIMESTAMP=$(date +%Y%m%d_%H%M%S) mysqldump --user=wikiuser --password=wikipass completenoobs_wiki > /tmp/wiki_backup_${TIMESTAMP}.sql echo "Backup created: /tmp/wiki_backup_${TIMESTAMP}.sql" } # Function to analyze and import changes analyze_and_import() { echo "Analyzing differences between XML and local wiki..." # Create analysis and import script for MediaWiki 1.44+ cat > /tmp/analyze_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class AnalyzeAndImport extends Maintenance { private $db; private $new_pages = []; private $changed_pages = []; private $unchanged_pages = []; public function __construct() { parent::__construct(); $this->addDescription('Analyze and selectively import from XML dump'); } public function execute() { $this->db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // MediaWiki 1.35+ uses slots and content tables // Get existing pages with their content $query = " SELECT p.page_title, p.page_id, c.content_address, c.content_sha1 FROM page p JOIN revision r ON p.page_latest = r.rev_id JOIN slots s ON r.rev_id = s.slot_revision_id JOIN slot_roles sr ON s.slot_role_id = sr.role_id JOIN content c ON s.slot_content_id = c.content_id WHERE p.page_namespace = 0 AND sr.role_name = 'main' "; $result = $this->db->query($query); if (!$result) { $this->error("Database query failed: " . $this->db->error); return; } $existing = []; while ($row = $result->fetch_assoc()) { // Get actual text content $text_content = $this->getTextContent($row['content_address']); $existing[$row['page_title']] = [ 'id' => $row['page_id'], 'content' => $text_content, 'sha1' => $row['content_sha1'] ]; } // Parse XML and compare $xml = simplexml_load_file('/tmp/new_dump.xml'); foreach ($xml->page as $page) { $title = str_replace(' ', '_', (string)$page->title); $xml_content = (string)$page->revision->text; if (!isset($existing[$title])) { // New page $this->new_pages[$title] = $xml_content; } else { // Compare content using SHA1 for efficiency $xml_sha1 = sha1($xml_content); if ($existing[$title]['sha1'] !== $xml_sha1) { // Content is different $this->changed_pages[$title] = [ 'local' => $existing[$title]['content'], 'xml' => $xml_content, 'page_id' => $existing[$title]['id'] ]; } else { $this->unchanged_pages[] = $title; } } } // Display summary $this->output("\n=== Update Analysis ===\n"); $this->output("New pages to import: " . count($this->new_pages) . "\n"); $this->output("Changed pages found: " . count($this->changed_pages) . "\n"); $this->output("Unchanged pages: " . count($this->unchanged_pages) . "\n"); // Save analysis for review file_put_contents('/tmp/update_analysis.json', json_encode([ 'new' => array_keys($this->new_pages), 'changed' => array_keys($this->changed_pages), 'unchanged' => $this->unchanged_pages ], JSON_PRETTY_PRINT)); // Show changed pages with preview (limit to first 20 for readability) if (count($this->changed_pages) > 0) { $this->output("\n=== Changed Pages ===\n"); $count = 0; $total_changed = count($this->changed_pages); foreach ($this->changed_pages as $title => $data) { $count++; if ($count <= 20) { $this->output("\n$count. $title\n"); // Create a simple diff preview (first 300 chars) $xml_preview = substr($data['xml'], 0, 100); // Save full diff to file $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; file_put_contents($diff_file, "=== FULL DIFF FOR: $title ===\n\n"); file_put_contents($diff_file, "--- LOCAL VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['local'] . "\n\n", FILE_APPEND); file_put_contents($diff_file, "--- XML VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['xml'], FILE_APPEND); $this->output(" Preview: " . $xml_preview . "...\n"); } } if ($total_changed > 20) { $this->output("\n... and " . ($total_changed - 20) . " more changed pages.\n"); $this->output("All diff files saved to /tmp/diff_*.txt\n"); } } // Interactive selection if (count($this->new_pages) > 0 || count($this->changed_pages) > 0) { $this->output("\n=== Import Options ===\n"); $this->output("1. Import new pages only (preserve all local changes)\n"); $this->output("2. Import new pages + update ALL changed pages (overwrites local changes)\n"); $this->output("3. Selective import (choose which updates to apply)\n"); $this->output("4. Cancel (no changes)\n"); // Save state for import script WITHOUT the XML object $import_data = [ 'new_pages' => $this->new_pages, 'changed_pages' => $this->changed_pages, 'xml_file' => '/tmp/new_dump.xml' // Save path instead of object ]; file_put_contents('/tmp/import_data.ser', serialize($import_data)); } else { $this->output("\nNo changes detected. Your wiki is up to date!\n"); } } private function getTextContent($address) { // Handle different content storage formats in MW 1.35+ if (strpos($address, 'tt:') === 0) { // Text table reference $text_id = substr($address, 3); $result = $this->db->query("SELECT old_text FROM text WHERE old_id = $text_id"); if ($row = $result->fetch_assoc()) { return $row['old_text']; } } elseif (strpos($address, 'es:') === 0) { // External storage - would need special handling return "[External storage content]"; } // Direct content return $address; } } $maintClass = AnalyzeAndImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/analyze_import.php } # Function to perform selected import perform_import() { local choice=$1 cat > /tmp/do_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class DoImport extends Maintenance { public function __construct() { parent::__construct(); $this->addOption('mode', 'Import mode', true, true); } public function execute() { $mode = $this->getOption('mode'); $data = unserialize(file_get_contents('/tmp/import_data.ser')); // Load XML file $xml = simplexml_load_file($data['xml_file']); $new_imported = 0; $updated = 0; // Import new pages (always for modes 1-3) if ($mode != '4') { foreach ($data['new_pages'] as $title => $content) { $this->importPage($title, $content, $xml); $new_imported++; $this->output("Imported new page: $title\n"); } } // Handle changed pages based on mode if ($mode == '2') { // Update all changed pages foreach ($data['changed_pages'] as $title => $info) { $this->output("Updating: $title\n"); if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated page: $title\n"); } else { $this->output("Failed to update: $title\n"); } } } elseif ($mode == '3') { // Selective update $this->output("\n=== Selective Import Mode ===\n"); $this->output("For each changed page, choose:\n"); $this->output(" y = yes, update this page\n"); $this->output(" n = no, keep local version\n"); $this->output(" d = show diff file\n"); $this->output(" a = update all remaining pages\n"); $this->output(" s = skip all remaining pages\n\n"); $update_all = false; $skip_all = false; foreach ($data['changed_pages'] as $title => $info) { if ($skip_all) { $this->output("Skipped: $title\n"); continue; } if ($update_all) { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } continue; } $this->output("\nPage: $title\n"); $this->output("Action (y/n/d/a/s): "); $handle = fopen("php://stdin", "r"); $line = trim(fgets($handle)); while ($line == 'd') { // Show diff $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; if (file_exists($diff_file)) { system("head -50 $diff_file"); $this->output("\n[Showing first 50 lines - full file at $diff_file]\n"); } $this->output("Action (y/n/a/s): "); $line = trim(fgets($handle)); } if ($line == 'a') { $update_all = true; if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } } elseif ($line == 's') { $skip_all = true; $this->output("Skipped: $title\n"); } elseif ($line == 'y') { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } else { $this->output("Failed to update: $title\n"); } } else { $this->output("Skipped: $title\n"); } } } $this->output("\n=== Import Complete ===\n"); $this->output("New pages imported: $new_imported\n"); $this->output("Pages updated: $updated\n"); } private function importPage($title, $content, $xml) { // Create single page XML for import $tempFile = '/tmp/single_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } // Find and add the page foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } break; } } $singlePage->asXML($tempFile); exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1"); unlink($tempFile); } private function reimportPage($title, $xml) { // For updating existing pages, delete then reimport $db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // Delete the existing page $safe_title = $db->real_escape_string(str_replace(' ', '_', $title)); $db->query("DELETE FROM page WHERE page_title = '$safe_title' AND page_namespace = 0"); $db->close(); // Now import the new version foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $tempFile = '/tmp/update_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } $singlePage->asXML($tempFile); $result = exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1", $output, $return); unlink($tempFile); return ($return === 0); } } return false; } } $maintClass = DoImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/do_import.php --mode="$choice" } # Main execution main() { check_environment # Start MariaDB if not running service mariadb status > /dev/null 2>&1 || service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then break fi sleep 1 done CURRENT=$(get_current_version) echo "Current version: $CURRENT" echo "" echo "Checking for updates..." LATEST=$(check_for_updates 2>/dev/null) if [ $? -ne 0 ] || [ -z "$LATEST" ] || [[ "$LATEST" == *"ERROR"* ]]; then echo "Failed to check for updates" exit 1 fi echo "Latest available: $LATEST" echo "" # Always proceed to analysis even if versions match # (there might be content updates in the same version) echo "Proceeding with content analysis..." echo "" # Backup database backup_database # Download new XML if ! download_xml "$LATEST"; then echo "Failed to download new XML" exit 1 fi # Analyze differences analyze_and_import # Check if there are changes to import if [ -f "/tmp/import_data.ser" ]; then echo "" read -p "Choose option (1-4): " -n 1 -r echo if [[ $REPLY =~ ^[1-4]$ ]]; then if [ "$REPLY" != "4" ]; then perform_import "$REPLY" # Update version info echo "Import: $LATEST" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import # Rebuild indices echo "Rebuilding indices..." php maintenance/rebuildrecentchanges.php php maintenance/initSiteStats.php else echo "Update cancelled" fi else echo "Invalid option. Update cancelled" fi fi # Clean up temp files rm -f /tmp/import_data.ser /tmp/update_analysis.json /tmp/diff_*.txt /tmp/analyze_import.php /tmp/do_import.php 2>/dev/null echo "" echo "Done!" } # Run main function main "$@" </syntaxhighlight> === 2.5: Entrypoint Script === <syntaxhighlight lang="bash"> nano entrypoint.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash echo "Starting CompleteNoobs Wiki..." service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 1 done echo "" echo "CompleteNoobs Wiki ready at: http://localhost:8080" echo "Admin login: admin / AdminPass123!" echo "" echo "Features:" echo "- Complete wiki content imported from XML" echo "- License notices on all pages (via PageNotice)" echo "- SyntaxHighlight for code blocks" echo "- YouTube video embedding" echo "- Contribution Scores special page" echo "- XML update system (preserves local edits)" echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" echo "" apache2-foreground </syntaxhighlight> == Step 3: Build and Run == === 3.1: Build the Image === <syntaxhighlight lang="bash"> docker build -t completenoobs/wiki:latest . </syntaxhighlight> This will take several minutes. === 3.2: Run the Container === <syntaxhighlight lang="bash"> docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Step 4: Test Everything == === 4.1: Check the Wiki === * Visit: http://localhost:8080 * You should see the PageNotice at the top * Login with: admin / AdminPass123! <div class="toccolours mw-collapsible mw-collapsed"> Change Admin Password: <div class="mw-collapsible-content"> By default, the admin user's password is <code>AdminPass123!</code>. It's highly recommended to change this immediately. You can do this either through the wiki's web interface or directly in the Docker terminal.<br><br> <b>Method 1: Change Password via Web Interface</b><br> This is the easiest method. You can change your password directly from the wiki itself.<br> 1. Log in to your wiki with the default credentials: <code>admin</code> / <code>AdminPass123!</code>.<br> 2. Once logged in, click your username (<code>admin</code>) in the top-right corner of the page.<br> 3. From the drop-down menu, select <b>Preferences</b>.<br> 4. On the Preferences page, go to the <b>Password</b> tab.<br> 5. Enter the current password (<code>AdminPass123!</code>), then enter your new password twice.<br> 6. Click <b>Change password</b>.<br> Your password is now changed, and you will need to use the new one for future logins.<br><br> <b>Method 2: Change Password via Terminal (No-Email Reset)</b><br> If you have forgotten the password or prefer to use the command line, you can reset it directly inside the Docker container using a MediaWiki maintenance script.<br> 1. <b>Access the container's shell</b> with the following command from your host machine:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> 2. Once inside the container, use the <code>changePassword.php</code> maintenance script to change the password. This is the modern, recommended way to run MediaWiki maintenance scripts.<br> * Change <b>NEWPASSWORD</b> to your new password<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD </syntaxhighlight> 3. Type <code>exit</code> to leave the container's shell.<br> The admin password has now been reset. You can log in to your wiki with the new password. </div> </div> === 4.2: Test Extensions === * '''YouTube''': Edit any page, add <code><youtube>N9qYF9DZPdw</youtube></code> * '''PageNotice''': Should already be visible at the top * '''SyntaxHighlight''': Add code blocks with <code><syntaxhighlight lang="python">code here</syntaxhighlight></code> === 4.3: Check Status === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki /var/www/html/check_status.sh </syntaxhighlight> == Step 5: XML Update Operations == *NOTE: update_xml.sh still needs alot of work, this just idea placeholder for now. === 5.1: Check for Updates (Interactive) === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki /var/www/html/check_updates.sh </syntaxhighlight> This will: * Check the CompleteNoobs XML repository for new dumps * Compare with your current version * Ask for confirmation before updating * Import ONLY new pages (preserves your edits) * Create a backup before making changes === 5.2: Force Update (Non-Interactive) === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki bash -c "echo 'y' | /var/www/html/update_xml.sh" </syntaxhighlight> === 5.3: Manual Update Process === <syntaxhighlight lang="bash"> # 1. Enter container docker exec -it completenoobs_wiki bash # 2. Check current version cat /var/www/html/.last_import # 3. Run update /var/www/html/check_updates.sh # 4. Exit container exit </syntaxhighlight> == Step 6: Troubleshooting Commands == === Access container shell: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> === Edit configuration: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki nano /var/www/html/LocalSettings.php </syntaxhighlight> === Check logs: === <syntaxhighlight lang="bash"> docker logs completenoobs_wiki </syntaxhighlight> === View update logs: === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki tail -f /tmp/mediawiki-debug.log </syntaxhighlight> === Complete restart: === <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Expected Results == * Working wiki with imported CompleteNoobs content * PageNotice visible at top of all pages * All extensions functional * Text editors (nano/vim) available in container * Utility scripts for maintenance * XML update system that preserves local edits == Update System Features == === How Updates Work === # Version Tracking: System tracks which XML dump version you have # Smart Import: Only imports pages that don't exist locally # Edit Preservation: Never overwrites pages you've edited # Automatic Backup: Creates SQL backup before any updates # User Confirmation: Asks before making changes # Progress Feedback: Shows what's being imported/skipped == Important Notes == * First Import: Initial build imports ALL content from XML * Subsequent Updates: Only import NEW pages, preserving your edits * Conflict Resolution: To force-update a specific page with XML version, delete it first through wiki interface * Backups: Stored in /tmp/ (cleared on container restart) 83v6zw2cx6xmhyraeoi0il1fdpjrraz 652 651 2025-09-01T17:39:54Z AwesomO 5 /* Complete Noobs Docker Wiki Tutorial */ 652 wikitext text/x-wiki = Complete Noobs Docker Wiki Tutorial = * [[Docker_Install_Guide| Docker install guide]] ==errors== * This mainly works - just need to fix the extensions popular pages and contrubtion scores * The XML updater requires more work - currently idea placeholder == Prerequisites == * Ubuntu 24.04 * Docker installed and running * Your user in docker group: <code>sudo usermod -aG docker $USER</code> (then logout/login) == Step 1: Clean Start == Remove any previous attempts: <syntaxhighlight lang="bash"> # Stop and remove existing containers/images docker stop completenoobs_wiki 2>/dev/null || true docker rm completenoobs_wiki 2>/dev/null || true docker rmi completenoobs/wiki:latest 2>/dev/null || true # Remove old build directory cd ~ rm -rf completenoobs-docker-image # Create fresh directory mkdir completenoobs-docker-image cd completenoobs-docker-image </syntaxhighlight> == Step 2: Create All Files == === 2.1: Dockerfile === <syntaxhighlight lang="bash"> nano Dockerfile </syntaxhighlight> Copy this exactly: <syntaxhighlight lang="dockerfile"> FROM mediawiki:1.44 # Mediawiki 1.44 used over latest because can confirm extensions youtube and pagenotice works # Install dependencies RUN apt-get update && apt-get install -y \ mariadb-server \ python3 \ python3-requests \ python3-bs4 \ python3-pygments \ curl \ wget \ unzip \ nano \ git \ && apt-get clean # Copy scripts COPY download_latest_xml.py /usr/src/download_latest_xml.py COPY setup_wiki.sh /usr/src/setup_wiki.sh COPY update_xml.sh /usr/src/update_xml.sh COPY entrypoint.sh /entrypoint.sh # Make executable RUN chmod +x /usr/src/setup_wiki.sh /entrypoint.sh /usr/src/update_xml.sh # Download XML RUN python3 /usr/src/download_latest_xml.py # Setup wiki RUN /usr/src/setup_wiki.sh EXPOSE 80 VOLUME /var/lib/mysql VOLUME /var/www/html/images ENTRYPOINT ["/entrypoint.sh"] </syntaxhighlight> === 2.2: XML Download Script === <syntaxhighlight lang="bash"> nano download_latest_xml.py </syntaxhighlight> <syntaxhighlight lang="python"> #!/usr/bin/env python3 import os import requests from bs4 import BeautifulSoup import re BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_available_dumps(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] return sorted(dumps, key=parse_date_from_dump, reverse=True) except Exception as e: print(f"Error fetching dumps: {e}") return [] def get_dump_files(dump): try: response = requests.get(f"{BASE_URL}{dump}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] return sorted(files, reverse=True) except Exception as e: print(f"Error fetching dump files: {e}") return [] def download_file(url, filename): try: print(f"Downloading {filename}...") response = requests.get(url, stream=True, timeout=60) response.raise_for_status() total_size = int(response.headers.get('content-length', 0)) downloaded = 0 with open(filename, 'wb') as f: for chunk in response.iter_content(chunk_size=8192): if chunk: f.write(chunk) downloaded += len(chunk) if total_size > 0: progress = (downloaded / total_size) * 100 print(f"\rProgress: {progress:.1f}%", end='', flush=True) print() return True except Exception as e: print(f"Error downloading {filename}: {e}") return False def main(): print("Fetching available XML dumps...") dumps = get_available_dumps() if not dumps: print("No dumps found!") exit(1) newest_dump = dumps[0] print(f"Latest dump: {newest_dump}") files = get_dump_files(newest_dump) if not files: print("No XML files found in latest dump!") exit(1) newest_xml = files[0] xml_url = f"{BASE_URL}{newest_dump}/{newest_xml}" local_filename = "/tmp/completenoobs_dump.xml" if download_file(xml_url, local_filename): print(f"Successfully downloaded {newest_xml}") with open("/tmp/dump_info.txt", "w") as f: f.write(f"{newest_dump}/{newest_xml}") else: print("Failed to download XML dump!") exit(1) if __name__ == "__main__": main() </syntaxhighlight> === 2.3: Main Setup Script === <syntaxhighlight lang="bash"> nano setup_wiki.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "Setting up CompleteNoobs Wiki..." # Initialize MariaDB if [ ! -d "/var/lib/mysql/mysql" ]; then mysql_install_db --user=mysql --datadir=/var/lib/mysql fi service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 2 done # Setup database mysql -e "CREATE DATABASE IF NOT EXISTS completenoobs_wiki CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'127.0.0.1' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'127.0.0.1';" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'localhost' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'localhost';" mysql -e "FLUSH PRIVILEGES;" # Install MediaWiki cd /var/www/html php maintenance/install.php \ --dbtype=mysql \ --dbserver=127.0.0.1 \ --dbname=completenoobs_wiki \ --dbuser=wikiuser \ --dbpass=wikipass \ --server="http://localhost:8080" \ --scriptpath="" \ --lang=en \ --pass=AdminPass123! \ "CompleteNoobs Wiki" \ "admin" # Download and install extensions cd extensions/ git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/PageNotice --branch REL1_44 || echo "PageNotice download failed, continuing..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/YouTube --branch REL1_44 || echo "YouTube download failed, continuing..." cd /var/www/html # Configure LocalSettings.php cat >> LocalSettings.php << 'EOF' # Basic settings $wgEnableUploads = true; $wgUseImageMagick = true; $wgImageMagickConvertCommand = "/usr/bin/convert"; $wgDefaultSkin = "vector-2022"; $wgAllowExternalImages = true; # Debug (can be removed later) $wgShowExceptionDetails = true; $wgDebugLogFile = "/tmp/mediawiki-debug.log"; # PageNotice extension (if available) if ( file_exists( "$IP/extensions/PageNotice/extension.json" ) ) { wfLoadExtension( 'PageNotice' ); } # YouTube extension (if available) if ( file_exists( "$IP/extensions/YouTube/extension.json" ) ) { wfLoadExtension( 'YouTube' ); } # SyntaxHighlight (usually bundled) if ( file_exists( "$IP/extensions/SyntaxHighlight_GeSHi/extension.json" ) ) { wfLoadExtension( 'SyntaxHighlight_GeSHi' ); $wgPygmentizePath = '/usr/bin/pygmentize'; } EOF # Import XML dump if available if [ -f "/tmp/completenoobs_dump.xml" ]; then echo "Importing XML dump..." if php maintenance/importDump.php --uploads < /tmp/completenoobs_dump.xml; then echo "XML import completed!" else echo "XML import had warnings" fi # Basic maintenance php maintenance/update.php --quick || echo "Update completed with warnings" php maintenance/rebuildrecentchanges.php || echo "RecentChanges rebuilt with warnings" php maintenance/initSiteStats.php || echo "SiteStats initialized with warnings" if [ -f "/tmp/dump_info.txt" ]; then echo "Import: $(cat /tmp/dump_info.txt)" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import fi else echo "No XML dump found - starting with empty wiki" fi # Copy update script to accessible location cp /usr/src/update_xml.sh /var/www/html/update_xml.sh chmod +x /var/www/html/update_xml.sh # Create user-friendly update wrapper cat > /var/www/html/check_updates.sh << 'UPDATE_WRAPPER_EOF' #!/bin/bash echo "=== CompleteNoobs Wiki Update Checker ===" echo "" echo "This tool checks for new content from the CompleteNoobs XML repository" echo "and imports ONLY new pages, preserving all your local edits." echo "" /var/www/html/update_xml.sh UPDATE_WRAPPER_EOF chmod +x /var/www/html/check_updates.sh # Create simple status script cat > /var/www/html/check_status.sh << 'STATUS_EOF' #!/bin/bash cd /var/www/html echo "=== Wiki Status ===" echo "Pages: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "Error")" echo "Users: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM user WHERE user_id > 0;" -s -N 2>/dev/null || echo "Error")" echo "" echo "=== Extensions ===" if [ -d "extensions/PageNotice" ]; then echo "PageNotice: Installed" else echo "PageNotice: Not installed" fi if [ -d "extensions/YouTube" ]; then echo "YouTube: Installed" else echo "YouTube: Not installed" fi if [ -d "extensions/ContributionScores" ]; then echo "ContributionScores: Installed" else echo "ContributionScores: Not installed" fi echo "" echo "=== Update System ===" if [ -f ".last_import" ]; then echo "Current version: $(grep 'Import:' .last_import | cut -d' ' -f2)" echo "Import date: $(grep 'Date:' .last_import | cut -d' ' -f2-)" else echo "No version info available" fi echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" STATUS_EOF chmod +x /var/www/html/check_status.sh echo "" echo "Setup completed!" echo "Admin: admin / AdminPass123!" echo "Update scripts installed:" echo "- /var/www/html/check_updates.sh (user-friendly)" echo "- /var/www/html/update_xml.sh (direct)" # Final counts PAGES=$(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "0") echo "Pages imported: $PAGES" service mariadb stop </syntaxhighlight> === 2.4: XML Update Script === <syntaxhighlight lang="bash"> nano update_xml.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "=== CompleteNoobs Wiki XML Updater ===" echo "This will check for new and updated pages" echo "" # Function to check if running in container check_environment() { if [ ! -f "/var/www/html/LocalSettings.php" ]; then echo "Error: This script must be run inside the wiki container" exit 1 fi } # Function to get current XML version get_current_version() { if [ -f "/var/www/html/.last_import" ]; then grep "Import:" /var/www/html/.last_import | cut -d' ' -f2 else echo "none" fi } # Function to check for updates check_for_updates() { python3 - << 'PYTHON_EOF' import requests from bs4 import BeautifulSoup import re import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_latest_dump(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] if dumps: latest = sorted(dumps, key=parse_date_from_dump, reverse=True)[0] # Get XML files from latest dump response = requests.get(f"{BASE_URL}{latest}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] if files: newest_xml = sorted(files, reverse=True)[0] print(f"{latest}/{newest_xml}") sys.exit(0) except Exception as e: print(f"ERROR: {e}", file=sys.stderr) sys.exit(1) print("ERROR: No dumps found", file=sys.stderr) sys.exit(1) get_latest_dump() PYTHON_EOF } # Function to download new XML download_xml() { local dump_info="$1" local dump_dir=$(echo "$dump_info" | cut -d'/' -f1) local xml_file=$(echo "$dump_info" | cut -d'/' -f2) local url="https://xml.completenoobs.com/xmlDumps/${dump_info}" echo "Downloading: $xml_file" echo "From: $dump_dir" echo "URL: $url" if wget -O /tmp/new_dump.xml "$url" --progress=bar:force 2>&1; then echo "Download successful!" return 0 else echo "Download failed!" return 1 fi } # Function to backup current database backup_database() { echo "Creating database backup..." TIMESTAMP=$(date +%Y%m%d_%H%M%S) mysqldump --user=wikiuser --password=wikipass completenoobs_wiki > /tmp/wiki_backup_${TIMESTAMP}.sql echo "Backup created: /tmp/wiki_backup_${TIMESTAMP}.sql" } # Function to analyze and import changes analyze_and_import() { echo "Analyzing differences between XML and local wiki..." # Create analysis and import script for MediaWiki 1.44+ cat > /tmp/analyze_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class AnalyzeAndImport extends Maintenance { private $db; private $new_pages = []; private $changed_pages = []; private $unchanged_pages = []; public function __construct() { parent::__construct(); $this->addDescription('Analyze and selectively import from XML dump'); } public function execute() { $this->db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // MediaWiki 1.35+ uses slots and content tables // Get existing pages with their content $query = " SELECT p.page_title, p.page_id, c.content_address, c.content_sha1 FROM page p JOIN revision r ON p.page_latest = r.rev_id JOIN slots s ON r.rev_id = s.slot_revision_id JOIN slot_roles sr ON s.slot_role_id = sr.role_id JOIN content c ON s.slot_content_id = c.content_id WHERE p.page_namespace = 0 AND sr.role_name = 'main' "; $result = $this->db->query($query); if (!$result) { $this->error("Database query failed: " . $this->db->error); return; } $existing = []; while ($row = $result->fetch_assoc()) { // Get actual text content $text_content = $this->getTextContent($row['content_address']); $existing[$row['page_title']] = [ 'id' => $row['page_id'], 'content' => $text_content, 'sha1' => $row['content_sha1'] ]; } // Parse XML and compare $xml = simplexml_load_file('/tmp/new_dump.xml'); foreach ($xml->page as $page) { $title = str_replace(' ', '_', (string)$page->title); $xml_content = (string)$page->revision->text; if (!isset($existing[$title])) { // New page $this->new_pages[$title] = $xml_content; } else { // Compare content using SHA1 for efficiency $xml_sha1 = sha1($xml_content); if ($existing[$title]['sha1'] !== $xml_sha1) { // Content is different $this->changed_pages[$title] = [ 'local' => $existing[$title]['content'], 'xml' => $xml_content, 'page_id' => $existing[$title]['id'] ]; } else { $this->unchanged_pages[] = $title; } } } // Display summary $this->output("\n=== Update Analysis ===\n"); $this->output("New pages to import: " . count($this->new_pages) . "\n"); $this->output("Changed pages found: " . count($this->changed_pages) . "\n"); $this->output("Unchanged pages: " . count($this->unchanged_pages) . "\n"); // Save analysis for review file_put_contents('/tmp/update_analysis.json', json_encode([ 'new' => array_keys($this->new_pages), 'changed' => array_keys($this->changed_pages), 'unchanged' => $this->unchanged_pages ], JSON_PRETTY_PRINT)); // Show changed pages with preview (limit to first 20 for readability) if (count($this->changed_pages) > 0) { $this->output("\n=== Changed Pages ===\n"); $count = 0; $total_changed = count($this->changed_pages); foreach ($this->changed_pages as $title => $data) { $count++; if ($count <= 20) { $this->output("\n$count. $title\n"); // Create a simple diff preview (first 300 chars) $xml_preview = substr($data['xml'], 0, 100); // Save full diff to file $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; file_put_contents($diff_file, "=== FULL DIFF FOR: $title ===\n\n"); file_put_contents($diff_file, "--- LOCAL VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['local'] . "\n\n", FILE_APPEND); file_put_contents($diff_file, "--- XML VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['xml'], FILE_APPEND); $this->output(" Preview: " . $xml_preview . "...\n"); } } if ($total_changed > 20) { $this->output("\n... and " . ($total_changed - 20) . " more changed pages.\n"); $this->output("All diff files saved to /tmp/diff_*.txt\n"); } } // Interactive selection if (count($this->new_pages) > 0 || count($this->changed_pages) > 0) { $this->output("\n=== Import Options ===\n"); $this->output("1. Import new pages only (preserve all local changes)\n"); $this->output("2. Import new pages + update ALL changed pages (overwrites local changes)\n"); $this->output("3. Selective import (choose which updates to apply)\n"); $this->output("4. Cancel (no changes)\n"); // Save state for import script WITHOUT the XML object $import_data = [ 'new_pages' => $this->new_pages, 'changed_pages' => $this->changed_pages, 'xml_file' => '/tmp/new_dump.xml' // Save path instead of object ]; file_put_contents('/tmp/import_data.ser', serialize($import_data)); } else { $this->output("\nNo changes detected. Your wiki is up to date!\n"); } } private function getTextContent($address) { // Handle different content storage formats in MW 1.35+ if (strpos($address, 'tt:') === 0) { // Text table reference $text_id = substr($address, 3); $result = $this->db->query("SELECT old_text FROM text WHERE old_id = $text_id"); if ($row = $result->fetch_assoc()) { return $row['old_text']; } } elseif (strpos($address, 'es:') === 0) { // External storage - would need special handling return "[External storage content]"; } // Direct content return $address; } } $maintClass = AnalyzeAndImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/analyze_import.php } # Function to perform selected import perform_import() { local choice=$1 cat > /tmp/do_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class DoImport extends Maintenance { public function __construct() { parent::__construct(); $this->addOption('mode', 'Import mode', true, true); } public function execute() { $mode = $this->getOption('mode'); $data = unserialize(file_get_contents('/tmp/import_data.ser')); // Load XML file $xml = simplexml_load_file($data['xml_file']); $new_imported = 0; $updated = 0; // Import new pages (always for modes 1-3) if ($mode != '4') { foreach ($data['new_pages'] as $title => $content) { $this->importPage($title, $content, $xml); $new_imported++; $this->output("Imported new page: $title\n"); } } // Handle changed pages based on mode if ($mode == '2') { // Update all changed pages foreach ($data['changed_pages'] as $title => $info) { $this->output("Updating: $title\n"); if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated page: $title\n"); } else { $this->output("Failed to update: $title\n"); } } } elseif ($mode == '3') { // Selective update $this->output("\n=== Selective Import Mode ===\n"); $this->output("For each changed page, choose:\n"); $this->output(" y = yes, update this page\n"); $this->output(" n = no, keep local version\n"); $this->output(" d = show diff file\n"); $this->output(" a = update all remaining pages\n"); $this->output(" s = skip all remaining pages\n\n"); $update_all = false; $skip_all = false; foreach ($data['changed_pages'] as $title => $info) { if ($skip_all) { $this->output("Skipped: $title\n"); continue; } if ($update_all) { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } continue; } $this->output("\nPage: $title\n"); $this->output("Action (y/n/d/a/s): "); $handle = fopen("php://stdin", "r"); $line = trim(fgets($handle)); while ($line == 'd') { // Show diff $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; if (file_exists($diff_file)) { system("head -50 $diff_file"); $this->output("\n[Showing first 50 lines - full file at $diff_file]\n"); } $this->output("Action (y/n/a/s): "); $line = trim(fgets($handle)); } if ($line == 'a') { $update_all = true; if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } } elseif ($line == 's') { $skip_all = true; $this->output("Skipped: $title\n"); } elseif ($line == 'y') { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } else { $this->output("Failed to update: $title\n"); } } else { $this->output("Skipped: $title\n"); } } } $this->output("\n=== Import Complete ===\n"); $this->output("New pages imported: $new_imported\n"); $this->output("Pages updated: $updated\n"); } private function importPage($title, $content, $xml) { // Create single page XML for import $tempFile = '/tmp/single_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } // Find and add the page foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } break; } } $singlePage->asXML($tempFile); exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1"); unlink($tempFile); } private function reimportPage($title, $xml) { // For updating existing pages, delete then reimport $db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // Delete the existing page $safe_title = $db->real_escape_string(str_replace(' ', '_', $title)); $db->query("DELETE FROM page WHERE page_title = '$safe_title' AND page_namespace = 0"); $db->close(); // Now import the new version foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $tempFile = '/tmp/update_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } $singlePage->asXML($tempFile); $result = exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1", $output, $return); unlink($tempFile); return ($return === 0); } } return false; } } $maintClass = DoImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/do_import.php --mode="$choice" } # Main execution main() { check_environment # Start MariaDB if not running service mariadb status > /dev/null 2>&1 || service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then break fi sleep 1 done CURRENT=$(get_current_version) echo "Current version: $CURRENT" echo "" echo "Checking for updates..." LATEST=$(check_for_updates 2>/dev/null) if [ $? -ne 0 ] || [ -z "$LATEST" ] || [[ "$LATEST" == *"ERROR"* ]]; then echo "Failed to check for updates" exit 1 fi echo "Latest available: $LATEST" echo "" # Always proceed to analysis even if versions match # (there might be content updates in the same version) echo "Proceeding with content analysis..." echo "" # Backup database backup_database # Download new XML if ! download_xml "$LATEST"; then echo "Failed to download new XML" exit 1 fi # Analyze differences analyze_and_import # Check if there are changes to import if [ -f "/tmp/import_data.ser" ]; then echo "" read -p "Choose option (1-4): " -n 1 -r echo if [[ $REPLY =~ ^[1-4]$ ]]; then if [ "$REPLY" != "4" ]; then perform_import "$REPLY" # Update version info echo "Import: $LATEST" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import # Rebuild indices echo "Rebuilding indices..." php maintenance/rebuildrecentchanges.php php maintenance/initSiteStats.php else echo "Update cancelled" fi else echo "Invalid option. Update cancelled" fi fi # Clean up temp files rm -f /tmp/import_data.ser /tmp/update_analysis.json /tmp/diff_*.txt /tmp/analyze_import.php /tmp/do_import.php 2>/dev/null echo "" echo "Done!" } # Run main function main "$@" </syntaxhighlight> === 2.5: Entrypoint Script === <syntaxhighlight lang="bash"> nano entrypoint.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash echo "Starting CompleteNoobs Wiki..." service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 1 done echo "" echo "CompleteNoobs Wiki ready at: http://localhost:8080" echo "Admin login: admin / AdminPass123!" echo "" echo "Features:" echo "- Complete wiki content imported from XML" echo "- License notices on all pages (via PageNotice)" echo "- SyntaxHighlight for code blocks" echo "- YouTube video embedding" echo "- Contribution Scores special page" echo "- XML update system (preserves local edits)" echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" echo "" apache2-foreground </syntaxhighlight> == Step 3: Build and Run == === 3.1: Build the Image === <syntaxhighlight lang="bash"> docker build -t completenoobs/wiki:latest . </syntaxhighlight> This will take several minutes. === 3.2: Run the Container === <syntaxhighlight lang="bash"> docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Step 4: Test Everything == === 4.1: Check the Wiki === * Visit: http://localhost:8080 * You should see the PageNotice at the top * Login with: admin / AdminPass123! <div class="toccolours mw-collapsible mw-collapsed"> Change Admin Password: <div class="mw-collapsible-content"> By default, the admin user's password is <code>AdminPass123!</code>. It's highly recommended to change this immediately. You can do this either through the wiki's web interface or directly in the Docker terminal.<br><br> <b>Method 1: Change Password via Web Interface</b><br> This is the easiest method. You can change your password directly from the wiki itself.<br> 1. Log in to your wiki with the default credentials: <code>admin</code> / <code>AdminPass123!</code>.<br> 2. Once logged in, click your username (<code>admin</code>) in the top-right corner of the page.<br> 3. From the drop-down menu, select <b>Preferences</b>.<br> 4. On the Preferences page, go to the <b>Password</b> tab.<br> 5. Enter the current password (<code>AdminPass123!</code>), then enter your new password twice.<br> 6. Click <b>Change password</b>.<br> Your password is now changed, and you will need to use the new one for future logins.<br><br> <b>Method 2: Change Password via Terminal (No-Email Reset)</b><br> If you have forgotten the password or prefer to use the command line, you can reset it directly inside the Docker container using a MediaWiki maintenance script.<br> 1. <b>Access the container's shell</b> with the following command from your host machine:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> 2. Once inside the container, use the <code>changePassword.php</code> maintenance script to change the password. This is the modern, recommended way to run MediaWiki maintenance scripts.<br> * Change <b>NEWPASSWORD</b> to your new password<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD </syntaxhighlight> 3. Type <code>exit</code> to leave the container's shell.<br> The admin password has now been reset. You can log in to your wiki with the new password. </div> </div> === 4.2: Test Extensions === * '''YouTube''': Edit any page, add <code><youtube>N9qYF9DZPdw</youtube></code> * '''PageNotice''': Should already be visible at the top * '''SyntaxHighlight''': Add code blocks with <nowiki><code><syntaxhighlight lang="python">code here</syntaxhighlight></code></nowiki> === 4.3: Check Status === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki /var/www/html/check_status.sh </syntaxhighlight> == Step 5: XML Update Operations == *NOTE: update_xml.sh still needs alot of work, this just idea placeholder for now. === 5.1: Check for Updates (Interactive) === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki /var/www/html/check_updates.sh </syntaxhighlight> This will: * Check the CompleteNoobs XML repository for new dumps * Compare with your current version * Ask for confirmation before updating * Import ONLY new pages (preserves your edits) * Create a backup before making changes === 5.2: Force Update (Non-Interactive) === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki bash -c "echo 'y' | /var/www/html/update_xml.sh" </syntaxhighlight> === 5.3: Manual Update Process === <syntaxhighlight lang="bash"> # 1. Enter container docker exec -it completenoobs_wiki bash # 2. Check current version cat /var/www/html/.last_import # 3. Run update /var/www/html/check_updates.sh # 4. Exit container exit </syntaxhighlight> == Step 6: Troubleshooting Commands == === Access container shell: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> === Edit configuration: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki nano /var/www/html/LocalSettings.php </syntaxhighlight> === Check logs: === <syntaxhighlight lang="bash"> docker logs completenoobs_wiki </syntaxhighlight> === View update logs: === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki tail -f /tmp/mediawiki-debug.log </syntaxhighlight> === Complete restart: === <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Expected Results == * Working wiki with imported CompleteNoobs content * PageNotice visible at top of all pages * All extensions functional * Text editors (nano/vim) available in container * Utility scripts for maintenance * XML update system that preserves local edits == Update System Features == === How Updates Work === # Version Tracking: System tracks which XML dump version you have # Smart Import: Only imports pages that don't exist locally # Edit Preservation: Never overwrites pages you've edited # Automatic Backup: Creates SQL backup before any updates # User Confirmation: Asks before making changes # Progress Feedback: Shows what's being imported/skipped == Important Notes == * First Import: Initial build imports ALL content from XML * Subsequent Updates: Only import NEW pages, preserving your edits * Conflict Resolution: To force-update a specific page with XML version, delete it first through wiki interface * Backups: Stored in /tmp/ (cleared on container restart) i7xm9hr0ohnqcirgzq5oqzekoo3p0mw 659 652 2025-09-01T20:00:59Z AwesomO 5 /* Step 1: Clean Start */ 659 wikitext text/x-wiki = Complete Noobs Docker Wiki Tutorial = * [[Docker_Install_Guide| Docker install guide]] ==errors== * This mainly works - just need to fix the extensions popular pages and contrubtion scores * The XML updater requires more work - currently idea placeholder == Prerequisites == * Ubuntu 24.04 * Docker installed and running * Your user in docker group: <code>sudo usermod -aG docker $USER</code> (then logout/login) == Step 2: Create All Files == === 2.1: Dockerfile === <syntaxhighlight lang="bash"> nano Dockerfile </syntaxhighlight> Copy this exactly: <syntaxhighlight lang="dockerfile"> FROM mediawiki:1.44 # Mediawiki 1.44 used over latest because can confirm extensions youtube and pagenotice works # Install dependencies RUN apt-get update && apt-get install -y \ mariadb-server \ python3 \ python3-requests \ python3-bs4 \ python3-pygments \ curl \ wget \ unzip \ nano \ git \ && apt-get clean # Copy scripts COPY download_latest_xml.py /usr/src/download_latest_xml.py COPY setup_wiki.sh /usr/src/setup_wiki.sh COPY update_xml.sh /usr/src/update_xml.sh COPY entrypoint.sh /entrypoint.sh # Make executable RUN chmod +x /usr/src/setup_wiki.sh /entrypoint.sh /usr/src/update_xml.sh # Download XML RUN python3 /usr/src/download_latest_xml.py # Setup wiki RUN /usr/src/setup_wiki.sh EXPOSE 80 VOLUME /var/lib/mysql VOLUME /var/www/html/images ENTRYPOINT ["/entrypoint.sh"] </syntaxhighlight> === 2.2: XML Download Script === <syntaxhighlight lang="bash"> nano download_latest_xml.py </syntaxhighlight> <syntaxhighlight lang="python"> #!/usr/bin/env python3 import os import requests from bs4 import BeautifulSoup import re BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_available_dumps(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] return sorted(dumps, key=parse_date_from_dump, reverse=True) except Exception as e: print(f"Error fetching dumps: {e}") return [] def get_dump_files(dump): try: response = requests.get(f"{BASE_URL}{dump}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] return sorted(files, reverse=True) except Exception as e: print(f"Error fetching dump files: {e}") return [] def download_file(url, filename): try: print(f"Downloading {filename}...") response = requests.get(url, stream=True, timeout=60) response.raise_for_status() total_size = int(response.headers.get('content-length', 0)) downloaded = 0 with open(filename, 'wb') as f: for chunk in response.iter_content(chunk_size=8192): if chunk: f.write(chunk) downloaded += len(chunk) if total_size > 0: progress = (downloaded / total_size) * 100 print(f"\rProgress: {progress:.1f}%", end='', flush=True) print() return True except Exception as e: print(f"Error downloading {filename}: {e}") return False def main(): print("Fetching available XML dumps...") dumps = get_available_dumps() if not dumps: print("No dumps found!") exit(1) newest_dump = dumps[0] print(f"Latest dump: {newest_dump}") files = get_dump_files(newest_dump) if not files: print("No XML files found in latest dump!") exit(1) newest_xml = files[0] xml_url = f"{BASE_URL}{newest_dump}/{newest_xml}" local_filename = "/tmp/completenoobs_dump.xml" if download_file(xml_url, local_filename): print(f"Successfully downloaded {newest_xml}") with open("/tmp/dump_info.txt", "w") as f: f.write(f"{newest_dump}/{newest_xml}") else: print("Failed to download XML dump!") exit(1) if __name__ == "__main__": main() </syntaxhighlight> === 2.3: Main Setup Script === <syntaxhighlight lang="bash"> nano setup_wiki.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "Setting up CompleteNoobs Wiki..." # Initialize MariaDB if [ ! -d "/var/lib/mysql/mysql" ]; then mysql_install_db --user=mysql --datadir=/var/lib/mysql fi service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 2 done # Setup database mysql -e "CREATE DATABASE IF NOT EXISTS completenoobs_wiki CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'127.0.0.1' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'127.0.0.1';" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'localhost' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'localhost';" mysql -e "FLUSH PRIVILEGES;" # Install MediaWiki cd /var/www/html php maintenance/install.php \ --dbtype=mysql \ --dbserver=127.0.0.1 \ --dbname=completenoobs_wiki \ --dbuser=wikiuser \ --dbpass=wikipass \ --server="http://localhost:8080" \ --scriptpath="" \ --lang=en \ --pass=AdminPass123! \ "CompleteNoobs Wiki" \ "admin" # Download and install extensions cd extensions/ git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/PageNotice --branch REL1_44 || echo "PageNotice download failed, continuing..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/YouTube --branch REL1_44 || echo "YouTube download failed, continuing..." cd /var/www/html # Configure LocalSettings.php cat >> LocalSettings.php << 'EOF' # Basic settings $wgEnableUploads = true; $wgUseImageMagick = true; $wgImageMagickConvertCommand = "/usr/bin/convert"; $wgDefaultSkin = "vector-2022"; $wgAllowExternalImages = true; # Debug (can be removed later) $wgShowExceptionDetails = true; $wgDebugLogFile = "/tmp/mediawiki-debug.log"; # PageNotice extension (if available) if ( file_exists( "$IP/extensions/PageNotice/extension.json" ) ) { wfLoadExtension( 'PageNotice' ); } # YouTube extension (if available) if ( file_exists( "$IP/extensions/YouTube/extension.json" ) ) { wfLoadExtension( 'YouTube' ); } # SyntaxHighlight (usually bundled) if ( file_exists( "$IP/extensions/SyntaxHighlight_GeSHi/extension.json" ) ) { wfLoadExtension( 'SyntaxHighlight_GeSHi' ); $wgPygmentizePath = '/usr/bin/pygmentize'; } EOF # Import XML dump if available if [ -f "/tmp/completenoobs_dump.xml" ]; then echo "Importing XML dump..." if php maintenance/importDump.php --uploads < /tmp/completenoobs_dump.xml; then echo "XML import completed!" else echo "XML import had warnings" fi # Basic maintenance php maintenance/update.php --quick || echo "Update completed with warnings" php maintenance/rebuildrecentchanges.php || echo "RecentChanges rebuilt with warnings" php maintenance/initSiteStats.php || echo "SiteStats initialized with warnings" if [ -f "/tmp/dump_info.txt" ]; then echo "Import: $(cat /tmp/dump_info.txt)" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import fi else echo "No XML dump found - starting with empty wiki" fi # Copy update script to accessible location cp /usr/src/update_xml.sh /var/www/html/update_xml.sh chmod +x /var/www/html/update_xml.sh # Create user-friendly update wrapper cat > /var/www/html/check_updates.sh << 'UPDATE_WRAPPER_EOF' #!/bin/bash echo "=== CompleteNoobs Wiki Update Checker ===" echo "" echo "This tool checks for new content from the CompleteNoobs XML repository" echo "and imports ONLY new pages, preserving all your local edits." echo "" /var/www/html/update_xml.sh UPDATE_WRAPPER_EOF chmod +x /var/www/html/check_updates.sh # Create simple status script cat > /var/www/html/check_status.sh << 'STATUS_EOF' #!/bin/bash cd /var/www/html echo "=== Wiki Status ===" echo "Pages: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "Error")" echo "Users: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM user WHERE user_id > 0;" -s -N 2>/dev/null || echo "Error")" echo "" echo "=== Extensions ===" if [ -d "extensions/PageNotice" ]; then echo "PageNotice: Installed" else echo "PageNotice: Not installed" fi if [ -d "extensions/YouTube" ]; then echo "YouTube: Installed" else echo "YouTube: Not installed" fi if [ -d "extensions/ContributionScores" ]; then echo "ContributionScores: Installed" else echo "ContributionScores: Not installed" fi echo "" echo "=== Update System ===" if [ -f ".last_import" ]; then echo "Current version: $(grep 'Import:' .last_import | cut -d' ' -f2)" echo "Import date: $(grep 'Date:' .last_import | cut -d' ' -f2-)" else echo "No version info available" fi echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" STATUS_EOF chmod +x /var/www/html/check_status.sh echo "" echo "Setup completed!" echo "Admin: admin / AdminPass123!" echo "Update scripts installed:" echo "- /var/www/html/check_updates.sh (user-friendly)" echo "- /var/www/html/update_xml.sh (direct)" # Final counts PAGES=$(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "0") echo "Pages imported: $PAGES" service mariadb stop </syntaxhighlight> === 2.4: XML Update Script === <syntaxhighlight lang="bash"> nano update_xml.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "=== CompleteNoobs Wiki XML Updater ===" echo "This will check for new and updated pages" echo "" # Function to check if running in container check_environment() { if [ ! -f "/var/www/html/LocalSettings.php" ]; then echo "Error: This script must be run inside the wiki container" exit 1 fi } # Function to get current XML version get_current_version() { if [ -f "/var/www/html/.last_import" ]; then grep "Import:" /var/www/html/.last_import | cut -d' ' -f2 else echo "none" fi } # Function to check for updates check_for_updates() { python3 - << 'PYTHON_EOF' import requests from bs4 import BeautifulSoup import re import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_latest_dump(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] if dumps: latest = sorted(dumps, key=parse_date_from_dump, reverse=True)[0] # Get XML files from latest dump response = requests.get(f"{BASE_URL}{latest}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] if files: newest_xml = sorted(files, reverse=True)[0] print(f"{latest}/{newest_xml}") sys.exit(0) except Exception as e: print(f"ERROR: {e}", file=sys.stderr) sys.exit(1) print("ERROR: No dumps found", file=sys.stderr) sys.exit(1) get_latest_dump() PYTHON_EOF } # Function to download new XML download_xml() { local dump_info="$1" local dump_dir=$(echo "$dump_info" | cut -d'/' -f1) local xml_file=$(echo "$dump_info" | cut -d'/' -f2) local url="https://xml.completenoobs.com/xmlDumps/${dump_info}" echo "Downloading: $xml_file" echo "From: $dump_dir" echo "URL: $url" if wget -O /tmp/new_dump.xml "$url" --progress=bar:force 2>&1; then echo "Download successful!" return 0 else echo "Download failed!" return 1 fi } # Function to backup current database backup_database() { echo "Creating database backup..." TIMESTAMP=$(date +%Y%m%d_%H%M%S) mysqldump --user=wikiuser --password=wikipass completenoobs_wiki > /tmp/wiki_backup_${TIMESTAMP}.sql echo "Backup created: /tmp/wiki_backup_${TIMESTAMP}.sql" } # Function to analyze and import changes analyze_and_import() { echo "Analyzing differences between XML and local wiki..." # Create analysis and import script for MediaWiki 1.44+ cat > /tmp/analyze_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class AnalyzeAndImport extends Maintenance { private $db; private $new_pages = []; private $changed_pages = []; private $unchanged_pages = []; public function __construct() { parent::__construct(); $this->addDescription('Analyze and selectively import from XML dump'); } public function execute() { $this->db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // MediaWiki 1.35+ uses slots and content tables // Get existing pages with their content $query = " SELECT p.page_title, p.page_id, c.content_address, c.content_sha1 FROM page p JOIN revision r ON p.page_latest = r.rev_id JOIN slots s ON r.rev_id = s.slot_revision_id JOIN slot_roles sr ON s.slot_role_id = sr.role_id JOIN content c ON s.slot_content_id = c.content_id WHERE p.page_namespace = 0 AND sr.role_name = 'main' "; $result = $this->db->query($query); if (!$result) { $this->error("Database query failed: " . $this->db->error); return; } $existing = []; while ($row = $result->fetch_assoc()) { // Get actual text content $text_content = $this->getTextContent($row['content_address']); $existing[$row['page_title']] = [ 'id' => $row['page_id'], 'content' => $text_content, 'sha1' => $row['content_sha1'] ]; } // Parse XML and compare $xml = simplexml_load_file('/tmp/new_dump.xml'); foreach ($xml->page as $page) { $title = str_replace(' ', '_', (string)$page->title); $xml_content = (string)$page->revision->text; if (!isset($existing[$title])) { // New page $this->new_pages[$title] = $xml_content; } else { // Compare content using SHA1 for efficiency $xml_sha1 = sha1($xml_content); if ($existing[$title]['sha1'] !== $xml_sha1) { // Content is different $this->changed_pages[$title] = [ 'local' => $existing[$title]['content'], 'xml' => $xml_content, 'page_id' => $existing[$title]['id'] ]; } else { $this->unchanged_pages[] = $title; } } } // Display summary $this->output("\n=== Update Analysis ===\n"); $this->output("New pages to import: " . count($this->new_pages) . "\n"); $this->output("Changed pages found: " . count($this->changed_pages) . "\n"); $this->output("Unchanged pages: " . count($this->unchanged_pages) . "\n"); // Save analysis for review file_put_contents('/tmp/update_analysis.json', json_encode([ 'new' => array_keys($this->new_pages), 'changed' => array_keys($this->changed_pages), 'unchanged' => $this->unchanged_pages ], JSON_PRETTY_PRINT)); // Show changed pages with preview (limit to first 20 for readability) if (count($this->changed_pages) > 0) { $this->output("\n=== Changed Pages ===\n"); $count = 0; $total_changed = count($this->changed_pages); foreach ($this->changed_pages as $title => $data) { $count++; if ($count <= 20) { $this->output("\n$count. $title\n"); // Create a simple diff preview (first 300 chars) $xml_preview = substr($data['xml'], 0, 100); // Save full diff to file $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; file_put_contents($diff_file, "=== FULL DIFF FOR: $title ===\n\n"); file_put_contents($diff_file, "--- LOCAL VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['local'] . "\n\n", FILE_APPEND); file_put_contents($diff_file, "--- XML VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['xml'], FILE_APPEND); $this->output(" Preview: " . $xml_preview . "...\n"); } } if ($total_changed > 20) { $this->output("\n... and " . ($total_changed - 20) . " more changed pages.\n"); $this->output("All diff files saved to /tmp/diff_*.txt\n"); } } // Interactive selection if (count($this->new_pages) > 0 || count($this->changed_pages) > 0) { $this->output("\n=== Import Options ===\n"); $this->output("1. Import new pages only (preserve all local changes)\n"); $this->output("2. Import new pages + update ALL changed pages (overwrites local changes)\n"); $this->output("3. Selective import (choose which updates to apply)\n"); $this->output("4. Cancel (no changes)\n"); // Save state for import script WITHOUT the XML object $import_data = [ 'new_pages' => $this->new_pages, 'changed_pages' => $this->changed_pages, 'xml_file' => '/tmp/new_dump.xml' // Save path instead of object ]; file_put_contents('/tmp/import_data.ser', serialize($import_data)); } else { $this->output("\nNo changes detected. Your wiki is up to date!\n"); } } private function getTextContent($address) { // Handle different content storage formats in MW 1.35+ if (strpos($address, 'tt:') === 0) { // Text table reference $text_id = substr($address, 3); $result = $this->db->query("SELECT old_text FROM text WHERE old_id = $text_id"); if ($row = $result->fetch_assoc()) { return $row['old_text']; } } elseif (strpos($address, 'es:') === 0) { // External storage - would need special handling return "[External storage content]"; } // Direct content return $address; } } $maintClass = AnalyzeAndImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/analyze_import.php } # Function to perform selected import perform_import() { local choice=$1 cat > /tmp/do_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class DoImport extends Maintenance { public function __construct() { parent::__construct(); $this->addOption('mode', 'Import mode', true, true); } public function execute() { $mode = $this->getOption('mode'); $data = unserialize(file_get_contents('/tmp/import_data.ser')); // Load XML file $xml = simplexml_load_file($data['xml_file']); $new_imported = 0; $updated = 0; // Import new pages (always for modes 1-3) if ($mode != '4') { foreach ($data['new_pages'] as $title => $content) { $this->importPage($title, $content, $xml); $new_imported++; $this->output("Imported new page: $title\n"); } } // Handle changed pages based on mode if ($mode == '2') { // Update all changed pages foreach ($data['changed_pages'] as $title => $info) { $this->output("Updating: $title\n"); if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated page: $title\n"); } else { $this->output("Failed to update: $title\n"); } } } elseif ($mode == '3') { // Selective update $this->output("\n=== Selective Import Mode ===\n"); $this->output("For each changed page, choose:\n"); $this->output(" y = yes, update this page\n"); $this->output(" n = no, keep local version\n"); $this->output(" d = show diff file\n"); $this->output(" a = update all remaining pages\n"); $this->output(" s = skip all remaining pages\n\n"); $update_all = false; $skip_all = false; foreach ($data['changed_pages'] as $title => $info) { if ($skip_all) { $this->output("Skipped: $title\n"); continue; } if ($update_all) { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } continue; } $this->output("\nPage: $title\n"); $this->output("Action (y/n/d/a/s): "); $handle = fopen("php://stdin", "r"); $line = trim(fgets($handle)); while ($line == 'd') { // Show diff $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; if (file_exists($diff_file)) { system("head -50 $diff_file"); $this->output("\n[Showing first 50 lines - full file at $diff_file]\n"); } $this->output("Action (y/n/a/s): "); $line = trim(fgets($handle)); } if ($line == 'a') { $update_all = true; if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } } elseif ($line == 's') { $skip_all = true; $this->output("Skipped: $title\n"); } elseif ($line == 'y') { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } else { $this->output("Failed to update: $title\n"); } } else { $this->output("Skipped: $title\n"); } } } $this->output("\n=== Import Complete ===\n"); $this->output("New pages imported: $new_imported\n"); $this->output("Pages updated: $updated\n"); } private function importPage($title, $content, $xml) { // Create single page XML for import $tempFile = '/tmp/single_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } // Find and add the page foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } break; } } $singlePage->asXML($tempFile); exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1"); unlink($tempFile); } private function reimportPage($title, $xml) { // For updating existing pages, delete then reimport $db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // Delete the existing page $safe_title = $db->real_escape_string(str_replace(' ', '_', $title)); $db->query("DELETE FROM page WHERE page_title = '$safe_title' AND page_namespace = 0"); $db->close(); // Now import the new version foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $tempFile = '/tmp/update_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } $singlePage->asXML($tempFile); $result = exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1", $output, $return); unlink($tempFile); return ($return === 0); } } return false; } } $maintClass = DoImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/do_import.php --mode="$choice" } # Main execution main() { check_environment # Start MariaDB if not running service mariadb status > /dev/null 2>&1 || service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then break fi sleep 1 done CURRENT=$(get_current_version) echo "Current version: $CURRENT" echo "" echo "Checking for updates..." LATEST=$(check_for_updates 2>/dev/null) if [ $? -ne 0 ] || [ -z "$LATEST" ] || [[ "$LATEST" == *"ERROR"* ]]; then echo "Failed to check for updates" exit 1 fi echo "Latest available: $LATEST" echo "" # Always proceed to analysis even if versions match # (there might be content updates in the same version) echo "Proceeding with content analysis..." echo "" # Backup database backup_database # Download new XML if ! download_xml "$LATEST"; then echo "Failed to download new XML" exit 1 fi # Analyze differences analyze_and_import # Check if there are changes to import if [ -f "/tmp/import_data.ser" ]; then echo "" read -p "Choose option (1-4): " -n 1 -r echo if [[ $REPLY =~ ^[1-4]$ ]]; then if [ "$REPLY" != "4" ]; then perform_import "$REPLY" # Update version info echo "Import: $LATEST" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import # Rebuild indices echo "Rebuilding indices..." php maintenance/rebuildrecentchanges.php php maintenance/initSiteStats.php else echo "Update cancelled" fi else echo "Invalid option. Update cancelled" fi fi # Clean up temp files rm -f /tmp/import_data.ser /tmp/update_analysis.json /tmp/diff_*.txt /tmp/analyze_import.php /tmp/do_import.php 2>/dev/null echo "" echo "Done!" } # Run main function main "$@" </syntaxhighlight> === 2.5: Entrypoint Script === <syntaxhighlight lang="bash"> nano entrypoint.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash echo "Starting CompleteNoobs Wiki..." service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 1 done echo "" echo "CompleteNoobs Wiki ready at: http://localhost:8080" echo "Admin login: admin / AdminPass123!" echo "" echo "Features:" echo "- Complete wiki content imported from XML" echo "- License notices on all pages (via PageNotice)" echo "- SyntaxHighlight for code blocks" echo "- YouTube video embedding" echo "- Contribution Scores special page" echo "- XML update system (preserves local edits)" echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" echo "" apache2-foreground </syntaxhighlight> == Step 3: Build and Run == === 3.1: Build the Image === <syntaxhighlight lang="bash"> docker build -t completenoobs/wiki:latest . </syntaxhighlight> This will take several minutes. === 3.2: Run the Container === <syntaxhighlight lang="bash"> docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Step 4: Test Everything == === 4.1: Check the Wiki === * Visit: http://localhost:8080 * You should see the PageNotice at the top * Login with: admin / AdminPass123! <div class="toccolours mw-collapsible mw-collapsed"> Change Admin Password: <div class="mw-collapsible-content"> By default, the admin user's password is <code>AdminPass123!</code>. It's highly recommended to change this immediately. You can do this either through the wiki's web interface or directly in the Docker terminal.<br><br> <b>Method 1: Change Password via Web Interface</b><br> This is the easiest method. You can change your password directly from the wiki itself.<br> 1. Log in to your wiki with the default credentials: <code>admin</code> / <code>AdminPass123!</code>.<br> 2. Once logged in, click your username (<code>admin</code>) in the top-right corner of the page.<br> 3. From the drop-down menu, select <b>Preferences</b>.<br> 4. On the Preferences page, go to the <b>Password</b> tab.<br> 5. Enter the current password (<code>AdminPass123!</code>), then enter your new password twice.<br> 6. Click <b>Change password</b>.<br> Your password is now changed, and you will need to use the new one for future logins.<br><br> <b>Method 2: Change Password via Terminal (No-Email Reset)</b><br> If you have forgotten the password or prefer to use the command line, you can reset it directly inside the Docker container using a MediaWiki maintenance script.<br> 1. <b>Access the container's shell</b> with the following command from your host machine:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> 2. Once inside the container, use the <code>changePassword.php</code> maintenance script to change the password. This is the modern, recommended way to run MediaWiki maintenance scripts.<br> * Change <b>NEWPASSWORD</b> to your new password<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD </syntaxhighlight> 3. Type <code>exit</code> to leave the container's shell.<br> The admin password has now been reset. You can log in to your wiki with the new password. </div> </div> === 4.2: Test Extensions === * '''YouTube''': Edit any page, add <code><youtube>N9qYF9DZPdw</youtube></code> * '''PageNotice''': Should already be visible at the top * '''SyntaxHighlight''': Add code blocks with <nowiki><code><syntaxhighlight lang="python">code here</syntaxhighlight></code></nowiki> === 4.3: Check Status === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki /var/www/html/check_status.sh </syntaxhighlight> == Step 5: XML Update Operations == *NOTE: update_xml.sh still needs alot of work, this just idea placeholder for now. === 5.1: Check for Updates (Interactive) === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki /var/www/html/check_updates.sh </syntaxhighlight> This will: * Check the CompleteNoobs XML repository for new dumps * Compare with your current version * Ask for confirmation before updating * Import ONLY new pages (preserves your edits) * Create a backup before making changes === 5.2: Force Update (Non-Interactive) === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki bash -c "echo 'y' | /var/www/html/update_xml.sh" </syntaxhighlight> === 5.3: Manual Update Process === <syntaxhighlight lang="bash"> # 1. Enter container docker exec -it completenoobs_wiki bash # 2. Check current version cat /var/www/html/.last_import # 3. Run update /var/www/html/check_updates.sh # 4. Exit container exit </syntaxhighlight> == Step 6: Troubleshooting Commands == === Access container shell: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> === Edit configuration: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki nano /var/www/html/LocalSettings.php </syntaxhighlight> === Check logs: === <syntaxhighlight lang="bash"> docker logs completenoobs_wiki </syntaxhighlight> === View update logs: === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki tail -f /tmp/mediawiki-debug.log </syntaxhighlight> === Complete restart: === <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Expected Results == * Working wiki with imported CompleteNoobs content * PageNotice visible at top of all pages * All extensions functional * Text editors (nano/vim) available in container * Utility scripts for maintenance * XML update system that preserves local edits == Update System Features == === How Updates Work === # Version Tracking: System tracks which XML dump version you have # Smart Import: Only imports pages that don't exist locally # Edit Preservation: Never overwrites pages you've edited # Automatic Backup: Creates SQL backup before any updates # User Confirmation: Asks before making changes # Progress Feedback: Shows what's being imported/skipped == Important Notes == * First Import: Initial build imports ALL content from XML * Subsequent Updates: Only import NEW pages, preserving your edits * Conflict Resolution: To force-update a specific page with XML version, delete it first through wiki interface * Backups: Stored in /tmp/ (cleared on container restart) ruyvvlewa5r508xrkgz69vs3h41sfbq 660 659 2025-09-01T20:04:02Z AwesomO 5 /* Update System Features */ 660 wikitext text/x-wiki = Complete Noobs Docker Wiki Tutorial = * [[Docker_Install_Guide| Docker install guide]] ==errors== * This mainly works - just need to fix the extensions popular pages and contrubtion scores * The XML updater requires more work - currently idea placeholder == Prerequisites == * Ubuntu 24.04 * Docker installed and running * Your user in docker group: <code>sudo usermod -aG docker $USER</code> (then logout/login) == Step 2: Create All Files == === 2.1: Dockerfile === <syntaxhighlight lang="bash"> nano Dockerfile </syntaxhighlight> Copy this exactly: <syntaxhighlight lang="dockerfile"> FROM mediawiki:1.44 # Mediawiki 1.44 used over latest because can confirm extensions youtube and pagenotice works # Install dependencies RUN apt-get update && apt-get install -y \ mariadb-server \ python3 \ python3-requests \ python3-bs4 \ python3-pygments \ curl \ wget \ unzip \ nano \ git \ && apt-get clean # Copy scripts COPY download_latest_xml.py /usr/src/download_latest_xml.py COPY setup_wiki.sh /usr/src/setup_wiki.sh COPY update_xml.sh /usr/src/update_xml.sh COPY entrypoint.sh /entrypoint.sh # Make executable RUN chmod +x /usr/src/setup_wiki.sh /entrypoint.sh /usr/src/update_xml.sh # Download XML RUN python3 /usr/src/download_latest_xml.py # Setup wiki RUN /usr/src/setup_wiki.sh EXPOSE 80 VOLUME /var/lib/mysql VOLUME /var/www/html/images ENTRYPOINT ["/entrypoint.sh"] </syntaxhighlight> === 2.2: XML Download Script === <syntaxhighlight lang="bash"> nano download_latest_xml.py </syntaxhighlight> <syntaxhighlight lang="python"> #!/usr/bin/env python3 import os import requests from bs4 import BeautifulSoup import re BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_available_dumps(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] return sorted(dumps, key=parse_date_from_dump, reverse=True) except Exception as e: print(f"Error fetching dumps: {e}") return [] def get_dump_files(dump): try: response = requests.get(f"{BASE_URL}{dump}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] return sorted(files, reverse=True) except Exception as e: print(f"Error fetching dump files: {e}") return [] def download_file(url, filename): try: print(f"Downloading {filename}...") response = requests.get(url, stream=True, timeout=60) response.raise_for_status() total_size = int(response.headers.get('content-length', 0)) downloaded = 0 with open(filename, 'wb') as f: for chunk in response.iter_content(chunk_size=8192): if chunk: f.write(chunk) downloaded += len(chunk) if total_size > 0: progress = (downloaded / total_size) * 100 print(f"\rProgress: {progress:.1f}%", end='', flush=True) print() return True except Exception as e: print(f"Error downloading {filename}: {e}") return False def main(): print("Fetching available XML dumps...") dumps = get_available_dumps() if not dumps: print("No dumps found!") exit(1) newest_dump = dumps[0] print(f"Latest dump: {newest_dump}") files = get_dump_files(newest_dump) if not files: print("No XML files found in latest dump!") exit(1) newest_xml = files[0] xml_url = f"{BASE_URL}{newest_dump}/{newest_xml}" local_filename = "/tmp/completenoobs_dump.xml" if download_file(xml_url, local_filename): print(f"Successfully downloaded {newest_xml}") with open("/tmp/dump_info.txt", "w") as f: f.write(f"{newest_dump}/{newest_xml}") else: print("Failed to download XML dump!") exit(1) if __name__ == "__main__": main() </syntaxhighlight> === 2.3: Main Setup Script === <syntaxhighlight lang="bash"> nano setup_wiki.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "Setting up CompleteNoobs Wiki..." # Initialize MariaDB if [ ! -d "/var/lib/mysql/mysql" ]; then mysql_install_db --user=mysql --datadir=/var/lib/mysql fi service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 2 done # Setup database mysql -e "CREATE DATABASE IF NOT EXISTS completenoobs_wiki CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'127.0.0.1' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'127.0.0.1';" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'localhost' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'localhost';" mysql -e "FLUSH PRIVILEGES;" # Install MediaWiki cd /var/www/html php maintenance/install.php \ --dbtype=mysql \ --dbserver=127.0.0.1 \ --dbname=completenoobs_wiki \ --dbuser=wikiuser \ --dbpass=wikipass \ --server="http://localhost:8080" \ --scriptpath="" \ --lang=en \ --pass=AdminPass123! \ "CompleteNoobs Wiki" \ "admin" # Download and install extensions cd extensions/ git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/PageNotice --branch REL1_44 || echo "PageNotice download failed, continuing..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/YouTube --branch REL1_44 || echo "YouTube download failed, continuing..." cd /var/www/html # Configure LocalSettings.php cat >> LocalSettings.php << 'EOF' # Basic settings $wgEnableUploads = true; $wgUseImageMagick = true; $wgImageMagickConvertCommand = "/usr/bin/convert"; $wgDefaultSkin = "vector-2022"; $wgAllowExternalImages = true; # Debug (can be removed later) $wgShowExceptionDetails = true; $wgDebugLogFile = "/tmp/mediawiki-debug.log"; # PageNotice extension (if available) if ( file_exists( "$IP/extensions/PageNotice/extension.json" ) ) { wfLoadExtension( 'PageNotice' ); } # YouTube extension (if available) if ( file_exists( "$IP/extensions/YouTube/extension.json" ) ) { wfLoadExtension( 'YouTube' ); } # SyntaxHighlight (usually bundled) if ( file_exists( "$IP/extensions/SyntaxHighlight_GeSHi/extension.json" ) ) { wfLoadExtension( 'SyntaxHighlight_GeSHi' ); $wgPygmentizePath = '/usr/bin/pygmentize'; } EOF # Import XML dump if available if [ -f "/tmp/completenoobs_dump.xml" ]; then echo "Importing XML dump..." if php maintenance/importDump.php --uploads < /tmp/completenoobs_dump.xml; then echo "XML import completed!" else echo "XML import had warnings" fi # Basic maintenance php maintenance/update.php --quick || echo "Update completed with warnings" php maintenance/rebuildrecentchanges.php || echo "RecentChanges rebuilt with warnings" php maintenance/initSiteStats.php || echo "SiteStats initialized with warnings" if [ -f "/tmp/dump_info.txt" ]; then echo "Import: $(cat /tmp/dump_info.txt)" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import fi else echo "No XML dump found - starting with empty wiki" fi # Copy update script to accessible location cp /usr/src/update_xml.sh /var/www/html/update_xml.sh chmod +x /var/www/html/update_xml.sh # Create user-friendly update wrapper cat > /var/www/html/check_updates.sh << 'UPDATE_WRAPPER_EOF' #!/bin/bash echo "=== CompleteNoobs Wiki Update Checker ===" echo "" echo "This tool checks for new content from the CompleteNoobs XML repository" echo "and imports ONLY new pages, preserving all your local edits." echo "" /var/www/html/update_xml.sh UPDATE_WRAPPER_EOF chmod +x /var/www/html/check_updates.sh # Create simple status script cat > /var/www/html/check_status.sh << 'STATUS_EOF' #!/bin/bash cd /var/www/html echo "=== Wiki Status ===" echo "Pages: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "Error")" echo "Users: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM user WHERE user_id > 0;" -s -N 2>/dev/null || echo "Error")" echo "" echo "=== Extensions ===" if [ -d "extensions/PageNotice" ]; then echo "PageNotice: Installed" else echo "PageNotice: Not installed" fi if [ -d "extensions/YouTube" ]; then echo "YouTube: Installed" else echo "YouTube: Not installed" fi if [ -d "extensions/ContributionScores" ]; then echo "ContributionScores: Installed" else echo "ContributionScores: Not installed" fi echo "" echo "=== Update System ===" if [ -f ".last_import" ]; then echo "Current version: $(grep 'Import:' .last_import | cut -d' ' -f2)" echo "Import date: $(grep 'Date:' .last_import | cut -d' ' -f2-)" else echo "No version info available" fi echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" STATUS_EOF chmod +x /var/www/html/check_status.sh echo "" echo "Setup completed!" echo "Admin: admin / AdminPass123!" echo "Update scripts installed:" echo "- /var/www/html/check_updates.sh (user-friendly)" echo "- /var/www/html/update_xml.sh (direct)" # Final counts PAGES=$(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "0") echo "Pages imported: $PAGES" service mariadb stop </syntaxhighlight> === 2.4: XML Update Script === <syntaxhighlight lang="bash"> nano update_xml.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "=== CompleteNoobs Wiki XML Updater ===" echo "This will check for new and updated pages" echo "" # Function to check if running in container check_environment() { if [ ! -f "/var/www/html/LocalSettings.php" ]; then echo "Error: This script must be run inside the wiki container" exit 1 fi } # Function to get current XML version get_current_version() { if [ -f "/var/www/html/.last_import" ]; then grep "Import:" /var/www/html/.last_import | cut -d' ' -f2 else echo "none" fi } # Function to check for updates check_for_updates() { python3 - << 'PYTHON_EOF' import requests from bs4 import BeautifulSoup import re import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_latest_dump(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] if dumps: latest = sorted(dumps, key=parse_date_from_dump, reverse=True)[0] # Get XML files from latest dump response = requests.get(f"{BASE_URL}{latest}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] if files: newest_xml = sorted(files, reverse=True)[0] print(f"{latest}/{newest_xml}") sys.exit(0) except Exception as e: print(f"ERROR: {e}", file=sys.stderr) sys.exit(1) print("ERROR: No dumps found", file=sys.stderr) sys.exit(1) get_latest_dump() PYTHON_EOF } # Function to download new XML download_xml() { local dump_info="$1" local dump_dir=$(echo "$dump_info" | cut -d'/' -f1) local xml_file=$(echo "$dump_info" | cut -d'/' -f2) local url="https://xml.completenoobs.com/xmlDumps/${dump_info}" echo "Downloading: $xml_file" echo "From: $dump_dir" echo "URL: $url" if wget -O /tmp/new_dump.xml "$url" --progress=bar:force 2>&1; then echo "Download successful!" return 0 else echo "Download failed!" return 1 fi } # Function to backup current database backup_database() { echo "Creating database backup..." TIMESTAMP=$(date +%Y%m%d_%H%M%S) mysqldump --user=wikiuser --password=wikipass completenoobs_wiki > /tmp/wiki_backup_${TIMESTAMP}.sql echo "Backup created: /tmp/wiki_backup_${TIMESTAMP}.sql" } # Function to analyze and import changes analyze_and_import() { echo "Analyzing differences between XML and local wiki..." # Create analysis and import script for MediaWiki 1.44+ cat > /tmp/analyze_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class AnalyzeAndImport extends Maintenance { private $db; private $new_pages = []; private $changed_pages = []; private $unchanged_pages = []; public function __construct() { parent::__construct(); $this->addDescription('Analyze and selectively import from XML dump'); } public function execute() { $this->db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // MediaWiki 1.35+ uses slots and content tables // Get existing pages with their content $query = " SELECT p.page_title, p.page_id, c.content_address, c.content_sha1 FROM page p JOIN revision r ON p.page_latest = r.rev_id JOIN slots s ON r.rev_id = s.slot_revision_id JOIN slot_roles sr ON s.slot_role_id = sr.role_id JOIN content c ON s.slot_content_id = c.content_id WHERE p.page_namespace = 0 AND sr.role_name = 'main' "; $result = $this->db->query($query); if (!$result) { $this->error("Database query failed: " . $this->db->error); return; } $existing = []; while ($row = $result->fetch_assoc()) { // Get actual text content $text_content = $this->getTextContent($row['content_address']); $existing[$row['page_title']] = [ 'id' => $row['page_id'], 'content' => $text_content, 'sha1' => $row['content_sha1'] ]; } // Parse XML and compare $xml = simplexml_load_file('/tmp/new_dump.xml'); foreach ($xml->page as $page) { $title = str_replace(' ', '_', (string)$page->title); $xml_content = (string)$page->revision->text; if (!isset($existing[$title])) { // New page $this->new_pages[$title] = $xml_content; } else { // Compare content using SHA1 for efficiency $xml_sha1 = sha1($xml_content); if ($existing[$title]['sha1'] !== $xml_sha1) { // Content is different $this->changed_pages[$title] = [ 'local' => $existing[$title]['content'], 'xml' => $xml_content, 'page_id' => $existing[$title]['id'] ]; } else { $this->unchanged_pages[] = $title; } } } // Display summary $this->output("\n=== Update Analysis ===\n"); $this->output("New pages to import: " . count($this->new_pages) . "\n"); $this->output("Changed pages found: " . count($this->changed_pages) . "\n"); $this->output("Unchanged pages: " . count($this->unchanged_pages) . "\n"); // Save analysis for review file_put_contents('/tmp/update_analysis.json', json_encode([ 'new' => array_keys($this->new_pages), 'changed' => array_keys($this->changed_pages), 'unchanged' => $this->unchanged_pages ], JSON_PRETTY_PRINT)); // Show changed pages with preview (limit to first 20 for readability) if (count($this->changed_pages) > 0) { $this->output("\n=== Changed Pages ===\n"); $count = 0; $total_changed = count($this->changed_pages); foreach ($this->changed_pages as $title => $data) { $count++; if ($count <= 20) { $this->output("\n$count. $title\n"); // Create a simple diff preview (first 300 chars) $xml_preview = substr($data['xml'], 0, 100); // Save full diff to file $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; file_put_contents($diff_file, "=== FULL DIFF FOR: $title ===\n\n"); file_put_contents($diff_file, "--- LOCAL VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['local'] . "\n\n", FILE_APPEND); file_put_contents($diff_file, "--- XML VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['xml'], FILE_APPEND); $this->output(" Preview: " . $xml_preview . "...\n"); } } if ($total_changed > 20) { $this->output("\n... and " . ($total_changed - 20) . " more changed pages.\n"); $this->output("All diff files saved to /tmp/diff_*.txt\n"); } } // Interactive selection if (count($this->new_pages) > 0 || count($this->changed_pages) > 0) { $this->output("\n=== Import Options ===\n"); $this->output("1. Import new pages only (preserve all local changes)\n"); $this->output("2. Import new pages + update ALL changed pages (overwrites local changes)\n"); $this->output("3. Selective import (choose which updates to apply)\n"); $this->output("4. Cancel (no changes)\n"); // Save state for import script WITHOUT the XML object $import_data = [ 'new_pages' => $this->new_pages, 'changed_pages' => $this->changed_pages, 'xml_file' => '/tmp/new_dump.xml' // Save path instead of object ]; file_put_contents('/tmp/import_data.ser', serialize($import_data)); } else { $this->output("\nNo changes detected. Your wiki is up to date!\n"); } } private function getTextContent($address) { // Handle different content storage formats in MW 1.35+ if (strpos($address, 'tt:') === 0) { // Text table reference $text_id = substr($address, 3); $result = $this->db->query("SELECT old_text FROM text WHERE old_id = $text_id"); if ($row = $result->fetch_assoc()) { return $row['old_text']; } } elseif (strpos($address, 'es:') === 0) { // External storage - would need special handling return "[External storage content]"; } // Direct content return $address; } } $maintClass = AnalyzeAndImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/analyze_import.php } # Function to perform selected import perform_import() { local choice=$1 cat > /tmp/do_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class DoImport extends Maintenance { public function __construct() { parent::__construct(); $this->addOption('mode', 'Import mode', true, true); } public function execute() { $mode = $this->getOption('mode'); $data = unserialize(file_get_contents('/tmp/import_data.ser')); // Load XML file $xml = simplexml_load_file($data['xml_file']); $new_imported = 0; $updated = 0; // Import new pages (always for modes 1-3) if ($mode != '4') { foreach ($data['new_pages'] as $title => $content) { $this->importPage($title, $content, $xml); $new_imported++; $this->output("Imported new page: $title\n"); } } // Handle changed pages based on mode if ($mode == '2') { // Update all changed pages foreach ($data['changed_pages'] as $title => $info) { $this->output("Updating: $title\n"); if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated page: $title\n"); } else { $this->output("Failed to update: $title\n"); } } } elseif ($mode == '3') { // Selective update $this->output("\n=== Selective Import Mode ===\n"); $this->output("For each changed page, choose:\n"); $this->output(" y = yes, update this page\n"); $this->output(" n = no, keep local version\n"); $this->output(" d = show diff file\n"); $this->output(" a = update all remaining pages\n"); $this->output(" s = skip all remaining pages\n\n"); $update_all = false; $skip_all = false; foreach ($data['changed_pages'] as $title => $info) { if ($skip_all) { $this->output("Skipped: $title\n"); continue; } if ($update_all) { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } continue; } $this->output("\nPage: $title\n"); $this->output("Action (y/n/d/a/s): "); $handle = fopen("php://stdin", "r"); $line = trim(fgets($handle)); while ($line == 'd') { // Show diff $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; if (file_exists($diff_file)) { system("head -50 $diff_file"); $this->output("\n[Showing first 50 lines - full file at $diff_file]\n"); } $this->output("Action (y/n/a/s): "); $line = trim(fgets($handle)); } if ($line == 'a') { $update_all = true; if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } } elseif ($line == 's') { $skip_all = true; $this->output("Skipped: $title\n"); } elseif ($line == 'y') { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } else { $this->output("Failed to update: $title\n"); } } else { $this->output("Skipped: $title\n"); } } } $this->output("\n=== Import Complete ===\n"); $this->output("New pages imported: $new_imported\n"); $this->output("Pages updated: $updated\n"); } private function importPage($title, $content, $xml) { // Create single page XML for import $tempFile = '/tmp/single_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } // Find and add the page foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } break; } } $singlePage->asXML($tempFile); exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1"); unlink($tempFile); } private function reimportPage($title, $xml) { // For updating existing pages, delete then reimport $db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // Delete the existing page $safe_title = $db->real_escape_string(str_replace(' ', '_', $title)); $db->query("DELETE FROM page WHERE page_title = '$safe_title' AND page_namespace = 0"); $db->close(); // Now import the new version foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $tempFile = '/tmp/update_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } $singlePage->asXML($tempFile); $result = exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1", $output, $return); unlink($tempFile); return ($return === 0); } } return false; } } $maintClass = DoImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/do_import.php --mode="$choice" } # Main execution main() { check_environment # Start MariaDB if not running service mariadb status > /dev/null 2>&1 || service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then break fi sleep 1 done CURRENT=$(get_current_version) echo "Current version: $CURRENT" echo "" echo "Checking for updates..." LATEST=$(check_for_updates 2>/dev/null) if [ $? -ne 0 ] || [ -z "$LATEST" ] || [[ "$LATEST" == *"ERROR"* ]]; then echo "Failed to check for updates" exit 1 fi echo "Latest available: $LATEST" echo "" # Always proceed to analysis even if versions match # (there might be content updates in the same version) echo "Proceeding with content analysis..." echo "" # Backup database backup_database # Download new XML if ! download_xml "$LATEST"; then echo "Failed to download new XML" exit 1 fi # Analyze differences analyze_and_import # Check if there are changes to import if [ -f "/tmp/import_data.ser" ]; then echo "" read -p "Choose option (1-4): " -n 1 -r echo if [[ $REPLY =~ ^[1-4]$ ]]; then if [ "$REPLY" != "4" ]; then perform_import "$REPLY" # Update version info echo "Import: $LATEST" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import # Rebuild indices echo "Rebuilding indices..." php maintenance/rebuildrecentchanges.php php maintenance/initSiteStats.php else echo "Update cancelled" fi else echo "Invalid option. Update cancelled" fi fi # Clean up temp files rm -f /tmp/import_data.ser /tmp/update_analysis.json /tmp/diff_*.txt /tmp/analyze_import.php /tmp/do_import.php 2>/dev/null echo "" echo "Done!" } # Run main function main "$@" </syntaxhighlight> === 2.5: Entrypoint Script === <syntaxhighlight lang="bash"> nano entrypoint.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash echo "Starting CompleteNoobs Wiki..." service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 1 done echo "" echo "CompleteNoobs Wiki ready at: http://localhost:8080" echo "Admin login: admin / AdminPass123!" echo "" echo "Features:" echo "- Complete wiki content imported from XML" echo "- License notices on all pages (via PageNotice)" echo "- SyntaxHighlight for code blocks" echo "- YouTube video embedding" echo "- Contribution Scores special page" echo "- XML update system (preserves local edits)" echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" echo "" apache2-foreground </syntaxhighlight> == Step 3: Build and Run == === 3.1: Build the Image === <syntaxhighlight lang="bash"> docker build -t completenoobs/wiki:latest . </syntaxhighlight> This will take several minutes. === 3.2: Run the Container === <syntaxhighlight lang="bash"> docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Step 4: Test Everything == === 4.1: Check the Wiki === * Visit: http://localhost:8080 * You should see the PageNotice at the top * Login with: admin / AdminPass123! <div class="toccolours mw-collapsible mw-collapsed"> Change Admin Password: <div class="mw-collapsible-content"> By default, the admin user's password is <code>AdminPass123!</code>. It's highly recommended to change this immediately. You can do this either through the wiki's web interface or directly in the Docker terminal.<br><br> <b>Method 1: Change Password via Web Interface</b><br> This is the easiest method. You can change your password directly from the wiki itself.<br> 1. Log in to your wiki with the default credentials: <code>admin</code> / <code>AdminPass123!</code>.<br> 2. Once logged in, click your username (<code>admin</code>) in the top-right corner of the page.<br> 3. From the drop-down menu, select <b>Preferences</b>.<br> 4. On the Preferences page, go to the <b>Password</b> tab.<br> 5. Enter the current password (<code>AdminPass123!</code>), then enter your new password twice.<br> 6. Click <b>Change password</b>.<br> Your password is now changed, and you will need to use the new one for future logins.<br><br> <b>Method 2: Change Password via Terminal (No-Email Reset)</b><br> If you have forgotten the password or prefer to use the command line, you can reset it directly inside the Docker container using a MediaWiki maintenance script.<br> 1. <b>Access the container's shell</b> with the following command from your host machine:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> 2. Once inside the container, use the <code>changePassword.php</code> maintenance script to change the password. This is the modern, recommended way to run MediaWiki maintenance scripts.<br> * Change <b>NEWPASSWORD</b> to your new password<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD </syntaxhighlight> 3. Type <code>exit</code> to leave the container's shell.<br> The admin password has now been reset. You can log in to your wiki with the new password. </div> </div> === 4.2: Test Extensions === * '''YouTube''': Edit any page, add <code><youtube>N9qYF9DZPdw</youtube></code> * '''PageNotice''': Should already be visible at the top * '''SyntaxHighlight''': Add code blocks with <nowiki><code><syntaxhighlight lang="python">code here</syntaxhighlight></code></nowiki> === 4.3: Check Status === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki /var/www/html/check_status.sh </syntaxhighlight> == Step 5: XML Update Operations == *NOTE: update_xml.sh still needs alot of work, this just idea placeholder for now. === 5.1: Check for Updates (Interactive) === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki /var/www/html/check_updates.sh </syntaxhighlight> This will: * Check the CompleteNoobs XML repository for new dumps * Compare with your current version * Ask for confirmation before updating * Import ONLY new pages (preserves your edits) * Create a backup before making changes === 5.2: Force Update (Non-Interactive) === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki bash -c "echo 'y' | /var/www/html/update_xml.sh" </syntaxhighlight> === 5.3: Manual Update Process === <syntaxhighlight lang="bash"> # 1. Enter container docker exec -it completenoobs_wiki bash # 2. Check current version cat /var/www/html/.last_import # 3. Run update /var/www/html/check_updates.sh # 4. Exit container exit </syntaxhighlight> == Step 6: Troubleshooting Commands == === Access container shell: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> === Edit configuration: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki nano /var/www/html/LocalSettings.php </syntaxhighlight> === Check logs: === <syntaxhighlight lang="bash"> docker logs completenoobs_wiki </syntaxhighlight> === View update logs: === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki tail -f /tmp/mediawiki-debug.log </syntaxhighlight> === Complete restart: === <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Expected Results == * Working wiki with imported CompleteNoobs content * PageNotice visible at top of all pages * All extensions functional * Text editors (nano/vim) available in container * Utility scripts for maintenance * XML update system that preserves local edits == Important Notes == * First Import: Initial build imports ALL content from XML * Subsequent Updates: Only import NEW pages, preserving your edits * Conflict Resolution: To force-update a specific page with XML version, delete it first through wiki interface * Backups: Stored in /tmp/ (cleared on container restart) b2hh03inqvz269liahtuw5o9mna712n 661 660 2025-09-01T20:04:48Z AwesomO 5 /* Important Notes */ 661 wikitext text/x-wiki = Complete Noobs Docker Wiki Tutorial = * [[Docker_Install_Guide| Docker install guide]] ==errors== * This mainly works - just need to fix the extensions popular pages and contrubtion scores * The XML updater requires more work - currently idea placeholder == Prerequisites == * Ubuntu 24.04 * Docker installed and running * Your user in docker group: <code>sudo usermod -aG docker $USER</code> (then logout/login) == Step 2: Create All Files == === 2.1: Dockerfile === <syntaxhighlight lang="bash"> nano Dockerfile </syntaxhighlight> Copy this exactly: <syntaxhighlight lang="dockerfile"> FROM mediawiki:1.44 # Mediawiki 1.44 used over latest because can confirm extensions youtube and pagenotice works # Install dependencies RUN apt-get update && apt-get install -y \ mariadb-server \ python3 \ python3-requests \ python3-bs4 \ python3-pygments \ curl \ wget \ unzip \ nano \ git \ && apt-get clean # Copy scripts COPY download_latest_xml.py /usr/src/download_latest_xml.py COPY setup_wiki.sh /usr/src/setup_wiki.sh COPY update_xml.sh /usr/src/update_xml.sh COPY entrypoint.sh /entrypoint.sh # Make executable RUN chmod +x /usr/src/setup_wiki.sh /entrypoint.sh /usr/src/update_xml.sh # Download XML RUN python3 /usr/src/download_latest_xml.py # Setup wiki RUN /usr/src/setup_wiki.sh EXPOSE 80 VOLUME /var/lib/mysql VOLUME /var/www/html/images ENTRYPOINT ["/entrypoint.sh"] </syntaxhighlight> === 2.2: XML Download Script === <syntaxhighlight lang="bash"> nano download_latest_xml.py </syntaxhighlight> <syntaxhighlight lang="python"> #!/usr/bin/env python3 import os import requests from bs4 import BeautifulSoup import re BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_available_dumps(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] return sorted(dumps, key=parse_date_from_dump, reverse=True) except Exception as e: print(f"Error fetching dumps: {e}") return [] def get_dump_files(dump): try: response = requests.get(f"{BASE_URL}{dump}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] return sorted(files, reverse=True) except Exception as e: print(f"Error fetching dump files: {e}") return [] def download_file(url, filename): try: print(f"Downloading {filename}...") response = requests.get(url, stream=True, timeout=60) response.raise_for_status() total_size = int(response.headers.get('content-length', 0)) downloaded = 0 with open(filename, 'wb') as f: for chunk in response.iter_content(chunk_size=8192): if chunk: f.write(chunk) downloaded += len(chunk) if total_size > 0: progress = (downloaded / total_size) * 100 print(f"\rProgress: {progress:.1f}%", end='', flush=True) print() return True except Exception as e: print(f"Error downloading {filename}: {e}") return False def main(): print("Fetching available XML dumps...") dumps = get_available_dumps() if not dumps: print("No dumps found!") exit(1) newest_dump = dumps[0] print(f"Latest dump: {newest_dump}") files = get_dump_files(newest_dump) if not files: print("No XML files found in latest dump!") exit(1) newest_xml = files[0] xml_url = f"{BASE_URL}{newest_dump}/{newest_xml}" local_filename = "/tmp/completenoobs_dump.xml" if download_file(xml_url, local_filename): print(f"Successfully downloaded {newest_xml}") with open("/tmp/dump_info.txt", "w") as f: f.write(f"{newest_dump}/{newest_xml}") else: print("Failed to download XML dump!") exit(1) if __name__ == "__main__": main() </syntaxhighlight> === 2.3: Main Setup Script === <syntaxhighlight lang="bash"> nano setup_wiki.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "Setting up CompleteNoobs Wiki..." # Initialize MariaDB if [ ! -d "/var/lib/mysql/mysql" ]; then mysql_install_db --user=mysql --datadir=/var/lib/mysql fi service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 2 done # Setup database mysql -e "CREATE DATABASE IF NOT EXISTS completenoobs_wiki CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'127.0.0.1' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'127.0.0.1';" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'localhost' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'localhost';" mysql -e "FLUSH PRIVILEGES;" # Install MediaWiki cd /var/www/html php maintenance/install.php \ --dbtype=mysql \ --dbserver=127.0.0.1 \ --dbname=completenoobs_wiki \ --dbuser=wikiuser \ --dbpass=wikipass \ --server="http://localhost:8080" \ --scriptpath="" \ --lang=en \ --pass=AdminPass123! \ "CompleteNoobs Wiki" \ "admin" # Download and install extensions cd extensions/ git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/PageNotice --branch REL1_44 || echo "PageNotice download failed, continuing..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/YouTube --branch REL1_44 || echo "YouTube download failed, continuing..." cd /var/www/html # Configure LocalSettings.php cat >> LocalSettings.php << 'EOF' # Basic settings $wgEnableUploads = true; $wgUseImageMagick = true; $wgImageMagickConvertCommand = "/usr/bin/convert"; $wgDefaultSkin = "vector-2022"; $wgAllowExternalImages = true; # Debug (can be removed later) $wgShowExceptionDetails = true; $wgDebugLogFile = "/tmp/mediawiki-debug.log"; # PageNotice extension (if available) if ( file_exists( "$IP/extensions/PageNotice/extension.json" ) ) { wfLoadExtension( 'PageNotice' ); } # YouTube extension (if available) if ( file_exists( "$IP/extensions/YouTube/extension.json" ) ) { wfLoadExtension( 'YouTube' ); } # SyntaxHighlight (usually bundled) if ( file_exists( "$IP/extensions/SyntaxHighlight_GeSHi/extension.json" ) ) { wfLoadExtension( 'SyntaxHighlight_GeSHi' ); $wgPygmentizePath = '/usr/bin/pygmentize'; } EOF # Import XML dump if available if [ -f "/tmp/completenoobs_dump.xml" ]; then echo "Importing XML dump..." if php maintenance/importDump.php --uploads < /tmp/completenoobs_dump.xml; then echo "XML import completed!" else echo "XML import had warnings" fi # Basic maintenance php maintenance/update.php --quick || echo "Update completed with warnings" php maintenance/rebuildrecentchanges.php || echo "RecentChanges rebuilt with warnings" php maintenance/initSiteStats.php || echo "SiteStats initialized with warnings" if [ -f "/tmp/dump_info.txt" ]; then echo "Import: $(cat /tmp/dump_info.txt)" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import fi else echo "No XML dump found - starting with empty wiki" fi # Copy update script to accessible location cp /usr/src/update_xml.sh /var/www/html/update_xml.sh chmod +x /var/www/html/update_xml.sh # Create user-friendly update wrapper cat > /var/www/html/check_updates.sh << 'UPDATE_WRAPPER_EOF' #!/bin/bash echo "=== CompleteNoobs Wiki Update Checker ===" echo "" echo "This tool checks for new content from the CompleteNoobs XML repository" echo "and imports ONLY new pages, preserving all your local edits." echo "" /var/www/html/update_xml.sh UPDATE_WRAPPER_EOF chmod +x /var/www/html/check_updates.sh # Create simple status script cat > /var/www/html/check_status.sh << 'STATUS_EOF' #!/bin/bash cd /var/www/html echo "=== Wiki Status ===" echo "Pages: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "Error")" echo "Users: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM user WHERE user_id > 0;" -s -N 2>/dev/null || echo "Error")" echo "" echo "=== Extensions ===" if [ -d "extensions/PageNotice" ]; then echo "PageNotice: Installed" else echo "PageNotice: Not installed" fi if [ -d "extensions/YouTube" ]; then echo "YouTube: Installed" else echo "YouTube: Not installed" fi if [ -d "extensions/ContributionScores" ]; then echo "ContributionScores: Installed" else echo "ContributionScores: Not installed" fi echo "" echo "=== Update System ===" if [ -f ".last_import" ]; then echo "Current version: $(grep 'Import:' .last_import | cut -d' ' -f2)" echo "Import date: $(grep 'Date:' .last_import | cut -d' ' -f2-)" else echo "No version info available" fi echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" STATUS_EOF chmod +x /var/www/html/check_status.sh echo "" echo "Setup completed!" echo "Admin: admin / AdminPass123!" echo "Update scripts installed:" echo "- /var/www/html/check_updates.sh (user-friendly)" echo "- /var/www/html/update_xml.sh (direct)" # Final counts PAGES=$(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "0") echo "Pages imported: $PAGES" service mariadb stop </syntaxhighlight> === 2.4: XML Update Script === <syntaxhighlight lang="bash"> nano update_xml.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "=== CompleteNoobs Wiki XML Updater ===" echo "This will check for new and updated pages" echo "" # Function to check if running in container check_environment() { if [ ! -f "/var/www/html/LocalSettings.php" ]; then echo "Error: This script must be run inside the wiki container" exit 1 fi } # Function to get current XML version get_current_version() { if [ -f "/var/www/html/.last_import" ]; then grep "Import:" /var/www/html/.last_import | cut -d' ' -f2 else echo "none" fi } # Function to check for updates check_for_updates() { python3 - << 'PYTHON_EOF' import requests from bs4 import BeautifulSoup import re import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_latest_dump(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] if dumps: latest = sorted(dumps, key=parse_date_from_dump, reverse=True)[0] # Get XML files from latest dump response = requests.get(f"{BASE_URL}{latest}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] if files: newest_xml = sorted(files, reverse=True)[0] print(f"{latest}/{newest_xml}") sys.exit(0) except Exception as e: print(f"ERROR: {e}", file=sys.stderr) sys.exit(1) print("ERROR: No dumps found", file=sys.stderr) sys.exit(1) get_latest_dump() PYTHON_EOF } # Function to download new XML download_xml() { local dump_info="$1" local dump_dir=$(echo "$dump_info" | cut -d'/' -f1) local xml_file=$(echo "$dump_info" | cut -d'/' -f2) local url="https://xml.completenoobs.com/xmlDumps/${dump_info}" echo "Downloading: $xml_file" echo "From: $dump_dir" echo "URL: $url" if wget -O /tmp/new_dump.xml "$url" --progress=bar:force 2>&1; then echo "Download successful!" return 0 else echo "Download failed!" return 1 fi } # Function to backup current database backup_database() { echo "Creating database backup..." TIMESTAMP=$(date +%Y%m%d_%H%M%S) mysqldump --user=wikiuser --password=wikipass completenoobs_wiki > /tmp/wiki_backup_${TIMESTAMP}.sql echo "Backup created: /tmp/wiki_backup_${TIMESTAMP}.sql" } # Function to analyze and import changes analyze_and_import() { echo "Analyzing differences between XML and local wiki..." # Create analysis and import script for MediaWiki 1.44+ cat > /tmp/analyze_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class AnalyzeAndImport extends Maintenance { private $db; private $new_pages = []; private $changed_pages = []; private $unchanged_pages = []; public function __construct() { parent::__construct(); $this->addDescription('Analyze and selectively import from XML dump'); } public function execute() { $this->db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // MediaWiki 1.35+ uses slots and content tables // Get existing pages with their content $query = " SELECT p.page_title, p.page_id, c.content_address, c.content_sha1 FROM page p JOIN revision r ON p.page_latest = r.rev_id JOIN slots s ON r.rev_id = s.slot_revision_id JOIN slot_roles sr ON s.slot_role_id = sr.role_id JOIN content c ON s.slot_content_id = c.content_id WHERE p.page_namespace = 0 AND sr.role_name = 'main' "; $result = $this->db->query($query); if (!$result) { $this->error("Database query failed: " . $this->db->error); return; } $existing = []; while ($row = $result->fetch_assoc()) { // Get actual text content $text_content = $this->getTextContent($row['content_address']); $existing[$row['page_title']] = [ 'id' => $row['page_id'], 'content' => $text_content, 'sha1' => $row['content_sha1'] ]; } // Parse XML and compare $xml = simplexml_load_file('/tmp/new_dump.xml'); foreach ($xml->page as $page) { $title = str_replace(' ', '_', (string)$page->title); $xml_content = (string)$page->revision->text; if (!isset($existing[$title])) { // New page $this->new_pages[$title] = $xml_content; } else { // Compare content using SHA1 for efficiency $xml_sha1 = sha1($xml_content); if ($existing[$title]['sha1'] !== $xml_sha1) { // Content is different $this->changed_pages[$title] = [ 'local' => $existing[$title]['content'], 'xml' => $xml_content, 'page_id' => $existing[$title]['id'] ]; } else { $this->unchanged_pages[] = $title; } } } // Display summary $this->output("\n=== Update Analysis ===\n"); $this->output("New pages to import: " . count($this->new_pages) . "\n"); $this->output("Changed pages found: " . count($this->changed_pages) . "\n"); $this->output("Unchanged pages: " . count($this->unchanged_pages) . "\n"); // Save analysis for review file_put_contents('/tmp/update_analysis.json', json_encode([ 'new' => array_keys($this->new_pages), 'changed' => array_keys($this->changed_pages), 'unchanged' => $this->unchanged_pages ], JSON_PRETTY_PRINT)); // Show changed pages with preview (limit to first 20 for readability) if (count($this->changed_pages) > 0) { $this->output("\n=== Changed Pages ===\n"); $count = 0; $total_changed = count($this->changed_pages); foreach ($this->changed_pages as $title => $data) { $count++; if ($count <= 20) { $this->output("\n$count. $title\n"); // Create a simple diff preview (first 300 chars) $xml_preview = substr($data['xml'], 0, 100); // Save full diff to file $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; file_put_contents($diff_file, "=== FULL DIFF FOR: $title ===\n\n"); file_put_contents($diff_file, "--- LOCAL VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['local'] . "\n\n", FILE_APPEND); file_put_contents($diff_file, "--- XML VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['xml'], FILE_APPEND); $this->output(" Preview: " . $xml_preview . "...\n"); } } if ($total_changed > 20) { $this->output("\n... and " . ($total_changed - 20) . " more changed pages.\n"); $this->output("All diff files saved to /tmp/diff_*.txt\n"); } } // Interactive selection if (count($this->new_pages) > 0 || count($this->changed_pages) > 0) { $this->output("\n=== Import Options ===\n"); $this->output("1. Import new pages only (preserve all local changes)\n"); $this->output("2. Import new pages + update ALL changed pages (overwrites local changes)\n"); $this->output("3. Selective import (choose which updates to apply)\n"); $this->output("4. Cancel (no changes)\n"); // Save state for import script WITHOUT the XML object $import_data = [ 'new_pages' => $this->new_pages, 'changed_pages' => $this->changed_pages, 'xml_file' => '/tmp/new_dump.xml' // Save path instead of object ]; file_put_contents('/tmp/import_data.ser', serialize($import_data)); } else { $this->output("\nNo changes detected. Your wiki is up to date!\n"); } } private function getTextContent($address) { // Handle different content storage formats in MW 1.35+ if (strpos($address, 'tt:') === 0) { // Text table reference $text_id = substr($address, 3); $result = $this->db->query("SELECT old_text FROM text WHERE old_id = $text_id"); if ($row = $result->fetch_assoc()) { return $row['old_text']; } } elseif (strpos($address, 'es:') === 0) { // External storage - would need special handling return "[External storage content]"; } // Direct content return $address; } } $maintClass = AnalyzeAndImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/analyze_import.php } # Function to perform selected import perform_import() { local choice=$1 cat > /tmp/do_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class DoImport extends Maintenance { public function __construct() { parent::__construct(); $this->addOption('mode', 'Import mode', true, true); } public function execute() { $mode = $this->getOption('mode'); $data = unserialize(file_get_contents('/tmp/import_data.ser')); // Load XML file $xml = simplexml_load_file($data['xml_file']); $new_imported = 0; $updated = 0; // Import new pages (always for modes 1-3) if ($mode != '4') { foreach ($data['new_pages'] as $title => $content) { $this->importPage($title, $content, $xml); $new_imported++; $this->output("Imported new page: $title\n"); } } // Handle changed pages based on mode if ($mode == '2') { // Update all changed pages foreach ($data['changed_pages'] as $title => $info) { $this->output("Updating: $title\n"); if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated page: $title\n"); } else { $this->output("Failed to update: $title\n"); } } } elseif ($mode == '3') { // Selective update $this->output("\n=== Selective Import Mode ===\n"); $this->output("For each changed page, choose:\n"); $this->output(" y = yes, update this page\n"); $this->output(" n = no, keep local version\n"); $this->output(" d = show diff file\n"); $this->output(" a = update all remaining pages\n"); $this->output(" s = skip all remaining pages\n\n"); $update_all = false; $skip_all = false; foreach ($data['changed_pages'] as $title => $info) { if ($skip_all) { $this->output("Skipped: $title\n"); continue; } if ($update_all) { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } continue; } $this->output("\nPage: $title\n"); $this->output("Action (y/n/d/a/s): "); $handle = fopen("php://stdin", "r"); $line = trim(fgets($handle)); while ($line == 'd') { // Show diff $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; if (file_exists($diff_file)) { system("head -50 $diff_file"); $this->output("\n[Showing first 50 lines - full file at $diff_file]\n"); } $this->output("Action (y/n/a/s): "); $line = trim(fgets($handle)); } if ($line == 'a') { $update_all = true; if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } } elseif ($line == 's') { $skip_all = true; $this->output("Skipped: $title\n"); } elseif ($line == 'y') { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } else { $this->output("Failed to update: $title\n"); } } else { $this->output("Skipped: $title\n"); } } } $this->output("\n=== Import Complete ===\n"); $this->output("New pages imported: $new_imported\n"); $this->output("Pages updated: $updated\n"); } private function importPage($title, $content, $xml) { // Create single page XML for import $tempFile = '/tmp/single_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } // Find and add the page foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } break; } } $singlePage->asXML($tempFile); exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1"); unlink($tempFile); } private function reimportPage($title, $xml) { // For updating existing pages, delete then reimport $db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // Delete the existing page $safe_title = $db->real_escape_string(str_replace(' ', '_', $title)); $db->query("DELETE FROM page WHERE page_title = '$safe_title' AND page_namespace = 0"); $db->close(); // Now import the new version foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $tempFile = '/tmp/update_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } $singlePage->asXML($tempFile); $result = exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1", $output, $return); unlink($tempFile); return ($return === 0); } } return false; } } $maintClass = DoImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/do_import.php --mode="$choice" } # Main execution main() { check_environment # Start MariaDB if not running service mariadb status > /dev/null 2>&1 || service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then break fi sleep 1 done CURRENT=$(get_current_version) echo "Current version: $CURRENT" echo "" echo "Checking for updates..." LATEST=$(check_for_updates 2>/dev/null) if [ $? -ne 0 ] || [ -z "$LATEST" ] || [[ "$LATEST" == *"ERROR"* ]]; then echo "Failed to check for updates" exit 1 fi echo "Latest available: $LATEST" echo "" # Always proceed to analysis even if versions match # (there might be content updates in the same version) echo "Proceeding with content analysis..." echo "" # Backup database backup_database # Download new XML if ! download_xml "$LATEST"; then echo "Failed to download new XML" exit 1 fi # Analyze differences analyze_and_import # Check if there are changes to import if [ -f "/tmp/import_data.ser" ]; then echo "" read -p "Choose option (1-4): " -n 1 -r echo if [[ $REPLY =~ ^[1-4]$ ]]; then if [ "$REPLY" != "4" ]; then perform_import "$REPLY" # Update version info echo "Import: $LATEST" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import # Rebuild indices echo "Rebuilding indices..." php maintenance/rebuildrecentchanges.php php maintenance/initSiteStats.php else echo "Update cancelled" fi else echo "Invalid option. Update cancelled" fi fi # Clean up temp files rm -f /tmp/import_data.ser /tmp/update_analysis.json /tmp/diff_*.txt /tmp/analyze_import.php /tmp/do_import.php 2>/dev/null echo "" echo "Done!" } # Run main function main "$@" </syntaxhighlight> === 2.5: Entrypoint Script === <syntaxhighlight lang="bash"> nano entrypoint.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash echo "Starting CompleteNoobs Wiki..." service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 1 done echo "" echo "CompleteNoobs Wiki ready at: http://localhost:8080" echo "Admin login: admin / AdminPass123!" echo "" echo "Features:" echo "- Complete wiki content imported from XML" echo "- License notices on all pages (via PageNotice)" echo "- SyntaxHighlight for code blocks" echo "- YouTube video embedding" echo "- Contribution Scores special page" echo "- XML update system (preserves local edits)" echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" echo "" apache2-foreground </syntaxhighlight> == Step 3: Build and Run == === 3.1: Build the Image === <syntaxhighlight lang="bash"> docker build -t completenoobs/wiki:latest . </syntaxhighlight> This will take several minutes. === 3.2: Run the Container === <syntaxhighlight lang="bash"> docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Step 4: Test Everything == === 4.1: Check the Wiki === * Visit: http://localhost:8080 * You should see the PageNotice at the top * Login with: admin / AdminPass123! <div class="toccolours mw-collapsible mw-collapsed"> Change Admin Password: <div class="mw-collapsible-content"> By default, the admin user's password is <code>AdminPass123!</code>. It's highly recommended to change this immediately. You can do this either through the wiki's web interface or directly in the Docker terminal.<br><br> <b>Method 1: Change Password via Web Interface</b><br> This is the easiest method. You can change your password directly from the wiki itself.<br> 1. Log in to your wiki with the default credentials: <code>admin</code> / <code>AdminPass123!</code>.<br> 2. Once logged in, click your username (<code>admin</code>) in the top-right corner of the page.<br> 3. From the drop-down menu, select <b>Preferences</b>.<br> 4. On the Preferences page, go to the <b>Password</b> tab.<br> 5. Enter the current password (<code>AdminPass123!</code>), then enter your new password twice.<br> 6. Click <b>Change password</b>.<br> Your password is now changed, and you will need to use the new one for future logins.<br><br> <b>Method 2: Change Password via Terminal (No-Email Reset)</b><br> If you have forgotten the password or prefer to use the command line, you can reset it directly inside the Docker container using a MediaWiki maintenance script.<br> 1. <b>Access the container's shell</b> with the following command from your host machine:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> 2. Once inside the container, use the <code>changePassword.php</code> maintenance script to change the password. This is the modern, recommended way to run MediaWiki maintenance scripts.<br> * Change <b>NEWPASSWORD</b> to your new password<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD </syntaxhighlight> 3. Type <code>exit</code> to leave the container's shell.<br> The admin password has now been reset. You can log in to your wiki with the new password. </div> </div> === 4.2: Test Extensions === * '''YouTube''': Edit any page, add <code><youtube>N9qYF9DZPdw</youtube></code> * '''PageNotice''': Should already be visible at the top * '''SyntaxHighlight''': Add code blocks with <nowiki><code><syntaxhighlight lang="python">code here</syntaxhighlight></code></nowiki> === 4.3: Check Status === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki /var/www/html/check_status.sh </syntaxhighlight> == Step 5: XML Update Operations == *NOTE: update_xml.sh still needs alot of work, this just idea placeholder for now. === 5.1: Check for Updates (Interactive) === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki /var/www/html/check_updates.sh </syntaxhighlight> This will: * Check the CompleteNoobs XML repository for new dumps * Compare with your current version * Ask for confirmation before updating * Import ONLY new pages (preserves your edits) * Create a backup before making changes === 5.2: Force Update (Non-Interactive) === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki bash -c "echo 'y' | /var/www/html/update_xml.sh" </syntaxhighlight> === 5.3: Manual Update Process === <syntaxhighlight lang="bash"> # 1. Enter container docker exec -it completenoobs_wiki bash # 2. Check current version cat /var/www/html/.last_import # 3. Run update /var/www/html/check_updates.sh # 4. Exit container exit </syntaxhighlight> == Step 6: Troubleshooting Commands == === Access container shell: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> === Edit configuration: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki nano /var/www/html/LocalSettings.php </syntaxhighlight> === Check logs: === <syntaxhighlight lang="bash"> docker logs completenoobs_wiki </syntaxhighlight> === View update logs: === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki tail -f /tmp/mediawiki-debug.log </syntaxhighlight> === Complete restart: === <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Expected Results == * Working wiki with imported CompleteNoobs content * PageNotice visible at top of all pages * All extensions functional * Text editors (nano/vim) available in container * Utility scripts for maintenance * XML update system that preserves local edits 1huozj9f959o2ghbyszdlshs31ookil 662 661 2025-09-01T20:20:28Z AwesomO 5 /* Expected Results */ 662 wikitext text/x-wiki = Complete Noobs Docker Wiki Tutorial = * [[Docker_Install_Guide| Docker install guide]] ==errors== * This mainly works - just need to fix the extensions popular pages and contrubtion scores * The XML updater requires more work - currently idea placeholder == Prerequisites == * Ubuntu 24.04 * Docker installed and running * Your user in docker group: <code>sudo usermod -aG docker $USER</code> (then logout/login) == Step 2: Create All Files == === 2.1: Dockerfile === <syntaxhighlight lang="bash"> nano Dockerfile </syntaxhighlight> Copy this exactly: <syntaxhighlight lang="dockerfile"> FROM mediawiki:1.44 # Mediawiki 1.44 used over latest because can confirm extensions youtube and pagenotice works # Install dependencies RUN apt-get update && apt-get install -y \ mariadb-server \ python3 \ python3-requests \ python3-bs4 \ python3-pygments \ curl \ wget \ unzip \ nano \ git \ && apt-get clean # Copy scripts COPY download_latest_xml.py /usr/src/download_latest_xml.py COPY setup_wiki.sh /usr/src/setup_wiki.sh COPY update_xml.sh /usr/src/update_xml.sh COPY entrypoint.sh /entrypoint.sh # Make executable RUN chmod +x /usr/src/setup_wiki.sh /entrypoint.sh /usr/src/update_xml.sh # Download XML RUN python3 /usr/src/download_latest_xml.py # Setup wiki RUN /usr/src/setup_wiki.sh EXPOSE 80 VOLUME /var/lib/mysql VOLUME /var/www/html/images ENTRYPOINT ["/entrypoint.sh"] </syntaxhighlight> === 2.2: XML Download Script === <syntaxhighlight lang="bash"> nano download_latest_xml.py </syntaxhighlight> <syntaxhighlight lang="python"> #!/usr/bin/env python3 import os import requests from bs4 import BeautifulSoup import re BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_available_dumps(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] return sorted(dumps, key=parse_date_from_dump, reverse=True) except Exception as e: print(f"Error fetching dumps: {e}") return [] def get_dump_files(dump): try: response = requests.get(f"{BASE_URL}{dump}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] return sorted(files, reverse=True) except Exception as e: print(f"Error fetching dump files: {e}") return [] def download_file(url, filename): try: print(f"Downloading {filename}...") response = requests.get(url, stream=True, timeout=60) response.raise_for_status() total_size = int(response.headers.get('content-length', 0)) downloaded = 0 with open(filename, 'wb') as f: for chunk in response.iter_content(chunk_size=8192): if chunk: f.write(chunk) downloaded += len(chunk) if total_size > 0: progress = (downloaded / total_size) * 100 print(f"\rProgress: {progress:.1f}%", end='', flush=True) print() return True except Exception as e: print(f"Error downloading {filename}: {e}") return False def main(): print("Fetching available XML dumps...") dumps = get_available_dumps() if not dumps: print("No dumps found!") exit(1) newest_dump = dumps[0] print(f"Latest dump: {newest_dump}") files = get_dump_files(newest_dump) if not files: print("No XML files found in latest dump!") exit(1) newest_xml = files[0] xml_url = f"{BASE_URL}{newest_dump}/{newest_xml}" local_filename = "/tmp/completenoobs_dump.xml" if download_file(xml_url, local_filename): print(f"Successfully downloaded {newest_xml}") with open("/tmp/dump_info.txt", "w") as f: f.write(f"{newest_dump}/{newest_xml}") else: print("Failed to download XML dump!") exit(1) if __name__ == "__main__": main() </syntaxhighlight> === 2.3: Main Setup Script === <syntaxhighlight lang="bash"> nano setup_wiki.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "Setting up CompleteNoobs Wiki..." # Initialize MariaDB if [ ! -d "/var/lib/mysql/mysql" ]; then mysql_install_db --user=mysql --datadir=/var/lib/mysql fi service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 2 done # Setup database mysql -e "CREATE DATABASE IF NOT EXISTS completenoobs_wiki CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'127.0.0.1' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'127.0.0.1';" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'localhost' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'localhost';" mysql -e "FLUSH PRIVILEGES;" # Install MediaWiki cd /var/www/html php maintenance/install.php \ --dbtype=mysql \ --dbserver=127.0.0.1 \ --dbname=completenoobs_wiki \ --dbuser=wikiuser \ --dbpass=wikipass \ --server="http://localhost:8080" \ --scriptpath="" \ --lang=en \ --pass=AdminPass123! \ "CompleteNoobs Wiki" \ "admin" # Download and install extensions cd extensions/ git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/PageNotice --branch REL1_44 || echo "PageNotice download failed, continuing..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/YouTube --branch REL1_44 || echo "YouTube download failed, continuing..." cd /var/www/html # Configure LocalSettings.php cat >> LocalSettings.php << 'EOF' # Basic settings $wgEnableUploads = true; $wgUseImageMagick = true; $wgImageMagickConvertCommand = "/usr/bin/convert"; $wgDefaultSkin = "vector-2022"; $wgAllowExternalImages = true; # Debug (can be removed later) $wgShowExceptionDetails = true; $wgDebugLogFile = "/tmp/mediawiki-debug.log"; # PageNotice extension (if available) if ( file_exists( "$IP/extensions/PageNotice/extension.json" ) ) { wfLoadExtension( 'PageNotice' ); } # YouTube extension (if available) if ( file_exists( "$IP/extensions/YouTube/extension.json" ) ) { wfLoadExtension( 'YouTube' ); } # SyntaxHighlight (usually bundled) if ( file_exists( "$IP/extensions/SyntaxHighlight_GeSHi/extension.json" ) ) { wfLoadExtension( 'SyntaxHighlight_GeSHi' ); $wgPygmentizePath = '/usr/bin/pygmentize'; } EOF # Import XML dump if available if [ -f "/tmp/completenoobs_dump.xml" ]; then echo "Importing XML dump..." if php maintenance/importDump.php --uploads < /tmp/completenoobs_dump.xml; then echo "XML import completed!" else echo "XML import had warnings" fi # Basic maintenance php maintenance/update.php --quick || echo "Update completed with warnings" php maintenance/rebuildrecentchanges.php || echo "RecentChanges rebuilt with warnings" php maintenance/initSiteStats.php || echo "SiteStats initialized with warnings" if [ -f "/tmp/dump_info.txt" ]; then echo "Import: $(cat /tmp/dump_info.txt)" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import fi else echo "No XML dump found - starting with empty wiki" fi # Copy update script to accessible location cp /usr/src/update_xml.sh /var/www/html/update_xml.sh chmod +x /var/www/html/update_xml.sh # Create user-friendly update wrapper cat > /var/www/html/check_updates.sh << 'UPDATE_WRAPPER_EOF' #!/bin/bash echo "=== CompleteNoobs Wiki Update Checker ===" echo "" echo "This tool checks for new content from the CompleteNoobs XML repository" echo "and imports ONLY new pages, preserving all your local edits." echo "" /var/www/html/update_xml.sh UPDATE_WRAPPER_EOF chmod +x /var/www/html/check_updates.sh # Create simple status script cat > /var/www/html/check_status.sh << 'STATUS_EOF' #!/bin/bash cd /var/www/html echo "=== Wiki Status ===" echo "Pages: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "Error")" echo "Users: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM user WHERE user_id > 0;" -s -N 2>/dev/null || echo "Error")" echo "" echo "=== Extensions ===" if [ -d "extensions/PageNotice" ]; then echo "PageNotice: Installed" else echo "PageNotice: Not installed" fi if [ -d "extensions/YouTube" ]; then echo "YouTube: Installed" else echo "YouTube: Not installed" fi if [ -d "extensions/ContributionScores" ]; then echo "ContributionScores: Installed" else echo "ContributionScores: Not installed" fi echo "" echo "=== Update System ===" if [ -f ".last_import" ]; then echo "Current version: $(grep 'Import:' .last_import | cut -d' ' -f2)" echo "Import date: $(grep 'Date:' .last_import | cut -d' ' -f2-)" else echo "No version info available" fi echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" STATUS_EOF chmod +x /var/www/html/check_status.sh echo "" echo "Setup completed!" echo "Admin: admin / AdminPass123!" echo "Update scripts installed:" echo "- /var/www/html/check_updates.sh (user-friendly)" echo "- /var/www/html/update_xml.sh (direct)" # Final counts PAGES=$(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "0") echo "Pages imported: $PAGES" service mariadb stop </syntaxhighlight> === 2.4: XML Update Script === <syntaxhighlight lang="bash"> nano update_xml.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "=== CompleteNoobs Wiki XML Updater ===" echo "This will check for new and updated pages" echo "" # Function to check if running in container check_environment() { if [ ! -f "/var/www/html/LocalSettings.php" ]; then echo "Error: This script must be run inside the wiki container" exit 1 fi } # Function to get current XML version get_current_version() { if [ -f "/var/www/html/.last_import" ]; then grep "Import:" /var/www/html/.last_import | cut -d' ' -f2 else echo "none" fi } # Function to check for updates check_for_updates() { python3 - << 'PYTHON_EOF' import requests from bs4 import BeautifulSoup import re import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_latest_dump(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] if dumps: latest = sorted(dumps, key=parse_date_from_dump, reverse=True)[0] # Get XML files from latest dump response = requests.get(f"{BASE_URL}{latest}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] if files: newest_xml = sorted(files, reverse=True)[0] print(f"{latest}/{newest_xml}") sys.exit(0) except Exception as e: print(f"ERROR: {e}", file=sys.stderr) sys.exit(1) print("ERROR: No dumps found", file=sys.stderr) sys.exit(1) get_latest_dump() PYTHON_EOF } # Function to download new XML download_xml() { local dump_info="$1" local dump_dir=$(echo "$dump_info" | cut -d'/' -f1) local xml_file=$(echo "$dump_info" | cut -d'/' -f2) local url="https://xml.completenoobs.com/xmlDumps/${dump_info}" echo "Downloading: $xml_file" echo "From: $dump_dir" echo "URL: $url" if wget -O /tmp/new_dump.xml "$url" --progress=bar:force 2>&1; then echo "Download successful!" return 0 else echo "Download failed!" return 1 fi } # Function to backup current database backup_database() { echo "Creating database backup..." TIMESTAMP=$(date +%Y%m%d_%H%M%S) mysqldump --user=wikiuser --password=wikipass completenoobs_wiki > /tmp/wiki_backup_${TIMESTAMP}.sql echo "Backup created: /tmp/wiki_backup_${TIMESTAMP}.sql" } # Function to analyze and import changes analyze_and_import() { echo "Analyzing differences between XML and local wiki..." # Create analysis and import script for MediaWiki 1.44+ cat > /tmp/analyze_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class AnalyzeAndImport extends Maintenance { private $db; private $new_pages = []; private $changed_pages = []; private $unchanged_pages = []; public function __construct() { parent::__construct(); $this->addDescription('Analyze and selectively import from XML dump'); } public function execute() { $this->db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // MediaWiki 1.35+ uses slots and content tables // Get existing pages with their content $query = " SELECT p.page_title, p.page_id, c.content_address, c.content_sha1 FROM page p JOIN revision r ON p.page_latest = r.rev_id JOIN slots s ON r.rev_id = s.slot_revision_id JOIN slot_roles sr ON s.slot_role_id = sr.role_id JOIN content c ON s.slot_content_id = c.content_id WHERE p.page_namespace = 0 AND sr.role_name = 'main' "; $result = $this->db->query($query); if (!$result) { $this->error("Database query failed: " . $this->db->error); return; } $existing = []; while ($row = $result->fetch_assoc()) { // Get actual text content $text_content = $this->getTextContent($row['content_address']); $existing[$row['page_title']] = [ 'id' => $row['page_id'], 'content' => $text_content, 'sha1' => $row['content_sha1'] ]; } // Parse XML and compare $xml = simplexml_load_file('/tmp/new_dump.xml'); foreach ($xml->page as $page) { $title = str_replace(' ', '_', (string)$page->title); $xml_content = (string)$page->revision->text; if (!isset($existing[$title])) { // New page $this->new_pages[$title] = $xml_content; } else { // Compare content using SHA1 for efficiency $xml_sha1 = sha1($xml_content); if ($existing[$title]['sha1'] !== $xml_sha1) { // Content is different $this->changed_pages[$title] = [ 'local' => $existing[$title]['content'], 'xml' => $xml_content, 'page_id' => $existing[$title]['id'] ]; } else { $this->unchanged_pages[] = $title; } } } // Display summary $this->output("\n=== Update Analysis ===\n"); $this->output("New pages to import: " . count($this->new_pages) . "\n"); $this->output("Changed pages found: " . count($this->changed_pages) . "\n"); $this->output("Unchanged pages: " . count($this->unchanged_pages) . "\n"); // Save analysis for review file_put_contents('/tmp/update_analysis.json', json_encode([ 'new' => array_keys($this->new_pages), 'changed' => array_keys($this->changed_pages), 'unchanged' => $this->unchanged_pages ], JSON_PRETTY_PRINT)); // Show changed pages with preview (limit to first 20 for readability) if (count($this->changed_pages) > 0) { $this->output("\n=== Changed Pages ===\n"); $count = 0; $total_changed = count($this->changed_pages); foreach ($this->changed_pages as $title => $data) { $count++; if ($count <= 20) { $this->output("\n$count. $title\n"); // Create a simple diff preview (first 300 chars) $xml_preview = substr($data['xml'], 0, 100); // Save full diff to file $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; file_put_contents($diff_file, "=== FULL DIFF FOR: $title ===\n\n"); file_put_contents($diff_file, "--- LOCAL VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['local'] . "\n\n", FILE_APPEND); file_put_contents($diff_file, "--- XML VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['xml'], FILE_APPEND); $this->output(" Preview: " . $xml_preview . "...\n"); } } if ($total_changed > 20) { $this->output("\n... and " . ($total_changed - 20) . " more changed pages.\n"); $this->output("All diff files saved to /tmp/diff_*.txt\n"); } } // Interactive selection if (count($this->new_pages) > 0 || count($this->changed_pages) > 0) { $this->output("\n=== Import Options ===\n"); $this->output("1. Import new pages only (preserve all local changes)\n"); $this->output("2. Import new pages + update ALL changed pages (overwrites local changes)\n"); $this->output("3. Selective import (choose which updates to apply)\n"); $this->output("4. Cancel (no changes)\n"); // Save state for import script WITHOUT the XML object $import_data = [ 'new_pages' => $this->new_pages, 'changed_pages' => $this->changed_pages, 'xml_file' => '/tmp/new_dump.xml' // Save path instead of object ]; file_put_contents('/tmp/import_data.ser', serialize($import_data)); } else { $this->output("\nNo changes detected. Your wiki is up to date!\n"); } } private function getTextContent($address) { // Handle different content storage formats in MW 1.35+ if (strpos($address, 'tt:') === 0) { // Text table reference $text_id = substr($address, 3); $result = $this->db->query("SELECT old_text FROM text WHERE old_id = $text_id"); if ($row = $result->fetch_assoc()) { return $row['old_text']; } } elseif (strpos($address, 'es:') === 0) { // External storage - would need special handling return "[External storage content]"; } // Direct content return $address; } } $maintClass = AnalyzeAndImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/analyze_import.php } # Function to perform selected import perform_import() { local choice=$1 cat > /tmp/do_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class DoImport extends Maintenance { public function __construct() { parent::__construct(); $this->addOption('mode', 'Import mode', true, true); } public function execute() { $mode = $this->getOption('mode'); $data = unserialize(file_get_contents('/tmp/import_data.ser')); // Load XML file $xml = simplexml_load_file($data['xml_file']); $new_imported = 0; $updated = 0; // Import new pages (always for modes 1-3) if ($mode != '4') { foreach ($data['new_pages'] as $title => $content) { $this->importPage($title, $content, $xml); $new_imported++; $this->output("Imported new page: $title\n"); } } // Handle changed pages based on mode if ($mode == '2') { // Update all changed pages foreach ($data['changed_pages'] as $title => $info) { $this->output("Updating: $title\n"); if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated page: $title\n"); } else { $this->output("Failed to update: $title\n"); } } } elseif ($mode == '3') { // Selective update $this->output("\n=== Selective Import Mode ===\n"); $this->output("For each changed page, choose:\n"); $this->output(" y = yes, update this page\n"); $this->output(" n = no, keep local version\n"); $this->output(" d = show diff file\n"); $this->output(" a = update all remaining pages\n"); $this->output(" s = skip all remaining pages\n\n"); $update_all = false; $skip_all = false; foreach ($data['changed_pages'] as $title => $info) { if ($skip_all) { $this->output("Skipped: $title\n"); continue; } if ($update_all) { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } continue; } $this->output("\nPage: $title\n"); $this->output("Action (y/n/d/a/s): "); $handle = fopen("php://stdin", "r"); $line = trim(fgets($handle)); while ($line == 'd') { // Show diff $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; if (file_exists($diff_file)) { system("head -50 $diff_file"); $this->output("\n[Showing first 50 lines - full file at $diff_file]\n"); } $this->output("Action (y/n/a/s): "); $line = trim(fgets($handle)); } if ($line == 'a') { $update_all = true; if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } } elseif ($line == 's') { $skip_all = true; $this->output("Skipped: $title\n"); } elseif ($line == 'y') { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } else { $this->output("Failed to update: $title\n"); } } else { $this->output("Skipped: $title\n"); } } } $this->output("\n=== Import Complete ===\n"); $this->output("New pages imported: $new_imported\n"); $this->output("Pages updated: $updated\n"); } private function importPage($title, $content, $xml) { // Create single page XML for import $tempFile = '/tmp/single_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } // Find and add the page foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } break; } } $singlePage->asXML($tempFile); exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1"); unlink($tempFile); } private function reimportPage($title, $xml) { // For updating existing pages, delete then reimport $db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // Delete the existing page $safe_title = $db->real_escape_string(str_replace(' ', '_', $title)); $db->query("DELETE FROM page WHERE page_title = '$safe_title' AND page_namespace = 0"); $db->close(); // Now import the new version foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $tempFile = '/tmp/update_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } $singlePage->asXML($tempFile); $result = exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1", $output, $return); unlink($tempFile); return ($return === 0); } } return false; } } $maintClass = DoImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/do_import.php --mode="$choice" } # Main execution main() { check_environment # Start MariaDB if not running service mariadb status > /dev/null 2>&1 || service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then break fi sleep 1 done CURRENT=$(get_current_version) echo "Current version: $CURRENT" echo "" echo "Checking for updates..." LATEST=$(check_for_updates 2>/dev/null) if [ $? -ne 0 ] || [ -z "$LATEST" ] || [[ "$LATEST" == *"ERROR"* ]]; then echo "Failed to check for updates" exit 1 fi echo "Latest available: $LATEST" echo "" # Always proceed to analysis even if versions match # (there might be content updates in the same version) echo "Proceeding with content analysis..." echo "" # Backup database backup_database # Download new XML if ! download_xml "$LATEST"; then echo "Failed to download new XML" exit 1 fi # Analyze differences analyze_and_import # Check if there are changes to import if [ -f "/tmp/import_data.ser" ]; then echo "" read -p "Choose option (1-4): " -n 1 -r echo if [[ $REPLY =~ ^[1-4]$ ]]; then if [ "$REPLY" != "4" ]; then perform_import "$REPLY" # Update version info echo "Import: $LATEST" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import # Rebuild indices echo "Rebuilding indices..." php maintenance/rebuildrecentchanges.php php maintenance/initSiteStats.php else echo "Update cancelled" fi else echo "Invalid option. Update cancelled" fi fi # Clean up temp files rm -f /tmp/import_data.ser /tmp/update_analysis.json /tmp/diff_*.txt /tmp/analyze_import.php /tmp/do_import.php 2>/dev/null echo "" echo "Done!" } # Run main function main "$@" </syntaxhighlight> === 2.5: Entrypoint Script === <syntaxhighlight lang="bash"> nano entrypoint.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash echo "Starting CompleteNoobs Wiki..." service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 1 done echo "" echo "CompleteNoobs Wiki ready at: http://localhost:8080" echo "Admin login: admin / AdminPass123!" echo "" echo "Features:" echo "- Complete wiki content imported from XML" echo "- License notices on all pages (via PageNotice)" echo "- SyntaxHighlight for code blocks" echo "- YouTube video embedding" echo "- Contribution Scores special page" echo "- XML update system (preserves local edits)" echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" echo "" apache2-foreground </syntaxhighlight> == Step 3: Build and Run == === 3.1: Build the Image === <syntaxhighlight lang="bash"> docker build -t completenoobs/wiki:latest . </syntaxhighlight> This will take several minutes. === 3.2: Run the Container === <syntaxhighlight lang="bash"> docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Step 4: Test Everything == === 4.1: Check the Wiki === * Visit: http://localhost:8080 * You should see the PageNotice at the top * Login with: admin / AdminPass123! <div class="toccolours mw-collapsible mw-collapsed"> Change Admin Password: <div class="mw-collapsible-content"> By default, the admin user's password is <code>AdminPass123!</code>. It's highly recommended to change this immediately. You can do this either through the wiki's web interface or directly in the Docker terminal.<br><br> <b>Method 1: Change Password via Web Interface</b><br> This is the easiest method. You can change your password directly from the wiki itself.<br> 1. Log in to your wiki with the default credentials: <code>admin</code> / <code>AdminPass123!</code>.<br> 2. Once logged in, click your username (<code>admin</code>) in the top-right corner of the page.<br> 3. From the drop-down menu, select <b>Preferences</b>.<br> 4. On the Preferences page, go to the <b>Password</b> tab.<br> 5. Enter the current password (<code>AdminPass123!</code>), then enter your new password twice.<br> 6. Click <b>Change password</b>.<br> Your password is now changed, and you will need to use the new one for future logins.<br><br> <b>Method 2: Change Password via Terminal (No-Email Reset)</b><br> If you have forgotten the password or prefer to use the command line, you can reset it directly inside the Docker container using a MediaWiki maintenance script.<br> 1. <b>Access the container's shell</b> with the following command from your host machine:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> 2. Once inside the container, use the <code>changePassword.php</code> maintenance script to change the password. This is the modern, recommended way to run MediaWiki maintenance scripts.<br> * Change <b>NEWPASSWORD</b> to your new password<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD </syntaxhighlight> 3. Type <code>exit</code> to leave the container's shell.<br> The admin password has now been reset. You can log in to your wiki with the new password. </div> </div> === 4.2: Test Extensions === * '''YouTube''': Edit any page, add <code><youtube>N9qYF9DZPdw</youtube></code> * '''PageNotice''': Should already be visible at the top * '''SyntaxHighlight''': Add code blocks with <nowiki><code><syntaxhighlight lang="python">code here</syntaxhighlight></code></nowiki> === 4.3: Check Status === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki /var/www/html/check_status.sh </syntaxhighlight> == Step 5: XML Update Operations == *NOTE: update_xml.sh still needs alot of work, this just idea placeholder for now. === 5.1: Check for Updates (Interactive) === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki /var/www/html/check_updates.sh </syntaxhighlight> This will: * Check the CompleteNoobs XML repository for new dumps * Compare with your current version * Ask for confirmation before updating * Import ONLY new pages (preserves your edits) * Create a backup before making changes === 5.2: Force Update (Non-Interactive) === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki bash -c "echo 'y' | /var/www/html/update_xml.sh" </syntaxhighlight> === 5.3: Manual Update Process === <syntaxhighlight lang="bash"> # 1. Enter container docker exec -it completenoobs_wiki bash # 2. Check current version cat /var/www/html/.last_import # 3. Run update /var/www/html/check_updates.sh # 4. Exit container exit </syntaxhighlight> == Step 6: Troubleshooting Commands == === Access container shell: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> === Edit configuration: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki nano /var/www/html/LocalSettings.php </syntaxhighlight> === Check logs: === <syntaxhighlight lang="bash"> docker logs completenoobs_wiki </syntaxhighlight> === View update logs: === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki tail -f /tmp/mediawiki-debug.log </syntaxhighlight> === Complete restart: === <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Expected Results == * Working wiki with imported CompleteNoobs content * PageNotice visible at top of all pages * All extensions functional * Text editors (nano/vim) available in container * Utility scripts for maintenance * XML update system that preserves local edits ==need to add== * way for user to backup there local custom wiki - xml exporter 5t08xotq1k0tpiktxd6ht8vo1v5uihy 665 662 2025-09-01T20:52:16Z AwesomO 5 /* 3.2: Run the Container */ 665 wikitext text/x-wiki = Complete Noobs Docker Wiki Tutorial = * [[Docker_Install_Guide| Docker install guide]] ==errors== * This mainly works - just need to fix the extensions popular pages and contrubtion scores * The XML updater requires more work - currently idea placeholder == Prerequisites == * Ubuntu 24.04 * Docker installed and running * Your user in docker group: <code>sudo usermod -aG docker $USER</code> (then logout/login) == Step 2: Create All Files == === 2.1: Dockerfile === <syntaxhighlight lang="bash"> nano Dockerfile </syntaxhighlight> Copy this exactly: <syntaxhighlight lang="dockerfile"> FROM mediawiki:1.44 # Mediawiki 1.44 used over latest because can confirm extensions youtube and pagenotice works # Install dependencies RUN apt-get update && apt-get install -y \ mariadb-server \ python3 \ python3-requests \ python3-bs4 \ python3-pygments \ curl \ wget \ unzip \ nano \ git \ && apt-get clean # Copy scripts COPY download_latest_xml.py /usr/src/download_latest_xml.py COPY setup_wiki.sh /usr/src/setup_wiki.sh COPY update_xml.sh /usr/src/update_xml.sh COPY entrypoint.sh /entrypoint.sh # Make executable RUN chmod +x /usr/src/setup_wiki.sh /entrypoint.sh /usr/src/update_xml.sh # Download XML RUN python3 /usr/src/download_latest_xml.py # Setup wiki RUN /usr/src/setup_wiki.sh EXPOSE 80 VOLUME /var/lib/mysql VOLUME /var/www/html/images ENTRYPOINT ["/entrypoint.sh"] </syntaxhighlight> === 2.2: XML Download Script === <syntaxhighlight lang="bash"> nano download_latest_xml.py </syntaxhighlight> <syntaxhighlight lang="python"> #!/usr/bin/env python3 import os import requests from bs4 import BeautifulSoup import re BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_available_dumps(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] return sorted(dumps, key=parse_date_from_dump, reverse=True) except Exception as e: print(f"Error fetching dumps: {e}") return [] def get_dump_files(dump): try: response = requests.get(f"{BASE_URL}{dump}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] return sorted(files, reverse=True) except Exception as e: print(f"Error fetching dump files: {e}") return [] def download_file(url, filename): try: print(f"Downloading {filename}...") response = requests.get(url, stream=True, timeout=60) response.raise_for_status() total_size = int(response.headers.get('content-length', 0)) downloaded = 0 with open(filename, 'wb') as f: for chunk in response.iter_content(chunk_size=8192): if chunk: f.write(chunk) downloaded += len(chunk) if total_size > 0: progress = (downloaded / total_size) * 100 print(f"\rProgress: {progress:.1f}%", end='', flush=True) print() return True except Exception as e: print(f"Error downloading {filename}: {e}") return False def main(): print("Fetching available XML dumps...") dumps = get_available_dumps() if not dumps: print("No dumps found!") exit(1) newest_dump = dumps[0] print(f"Latest dump: {newest_dump}") files = get_dump_files(newest_dump) if not files: print("No XML files found in latest dump!") exit(1) newest_xml = files[0] xml_url = f"{BASE_URL}{newest_dump}/{newest_xml}" local_filename = "/tmp/completenoobs_dump.xml" if download_file(xml_url, local_filename): print(f"Successfully downloaded {newest_xml}") with open("/tmp/dump_info.txt", "w") as f: f.write(f"{newest_dump}/{newest_xml}") else: print("Failed to download XML dump!") exit(1) if __name__ == "__main__": main() </syntaxhighlight> === 2.3: Main Setup Script === <syntaxhighlight lang="bash"> nano setup_wiki.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "Setting up CompleteNoobs Wiki..." # Initialize MariaDB if [ ! -d "/var/lib/mysql/mysql" ]; then mysql_install_db --user=mysql --datadir=/var/lib/mysql fi service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 2 done # Setup database mysql -e "CREATE DATABASE IF NOT EXISTS completenoobs_wiki CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'127.0.0.1' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'127.0.0.1';" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'localhost' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'localhost';" mysql -e "FLUSH PRIVILEGES;" # Install MediaWiki cd /var/www/html php maintenance/install.php \ --dbtype=mysql \ --dbserver=127.0.0.1 \ --dbname=completenoobs_wiki \ --dbuser=wikiuser \ --dbpass=wikipass \ --server="http://localhost:8080" \ --scriptpath="" \ --lang=en \ --pass=AdminPass123! \ "CompleteNoobs Wiki" \ "admin" # Download and install extensions cd extensions/ git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/PageNotice --branch REL1_44 || echo "PageNotice download failed, continuing..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/YouTube --branch REL1_44 || echo "YouTube download failed, continuing..." cd /var/www/html # Configure LocalSettings.php cat >> LocalSettings.php << 'EOF' # Basic settings $wgEnableUploads = true; $wgUseImageMagick = true; $wgImageMagickConvertCommand = "/usr/bin/convert"; $wgDefaultSkin = "vector-2022"; $wgAllowExternalImages = true; # Debug (can be removed later) $wgShowExceptionDetails = true; $wgDebugLogFile = "/tmp/mediawiki-debug.log"; # PageNotice extension (if available) if ( file_exists( "$IP/extensions/PageNotice/extension.json" ) ) { wfLoadExtension( 'PageNotice' ); } # YouTube extension (if available) if ( file_exists( "$IP/extensions/YouTube/extension.json" ) ) { wfLoadExtension( 'YouTube' ); } # SyntaxHighlight (usually bundled) if ( file_exists( "$IP/extensions/SyntaxHighlight_GeSHi/extension.json" ) ) { wfLoadExtension( 'SyntaxHighlight_GeSHi' ); $wgPygmentizePath = '/usr/bin/pygmentize'; } EOF # Import XML dump if available if [ -f "/tmp/completenoobs_dump.xml" ]; then echo "Importing XML dump..." if php maintenance/importDump.php --uploads < /tmp/completenoobs_dump.xml; then echo "XML import completed!" else echo "XML import had warnings" fi # Basic maintenance php maintenance/update.php --quick || echo "Update completed with warnings" php maintenance/rebuildrecentchanges.php || echo "RecentChanges rebuilt with warnings" php maintenance/initSiteStats.php || echo "SiteStats initialized with warnings" if [ -f "/tmp/dump_info.txt" ]; then echo "Import: $(cat /tmp/dump_info.txt)" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import fi else echo "No XML dump found - starting with empty wiki" fi # Copy update script to accessible location cp /usr/src/update_xml.sh /var/www/html/update_xml.sh chmod +x /var/www/html/update_xml.sh # Create user-friendly update wrapper cat > /var/www/html/check_updates.sh << 'UPDATE_WRAPPER_EOF' #!/bin/bash echo "=== CompleteNoobs Wiki Update Checker ===" echo "" echo "This tool checks for new content from the CompleteNoobs XML repository" echo "and imports ONLY new pages, preserving all your local edits." echo "" /var/www/html/update_xml.sh UPDATE_WRAPPER_EOF chmod +x /var/www/html/check_updates.sh # Create simple status script cat > /var/www/html/check_status.sh << 'STATUS_EOF' #!/bin/bash cd /var/www/html echo "=== Wiki Status ===" echo "Pages: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "Error")" echo "Users: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM user WHERE user_id > 0;" -s -N 2>/dev/null || echo "Error")" echo "" echo "=== Extensions ===" if [ -d "extensions/PageNotice" ]; then echo "PageNotice: Installed" else echo "PageNotice: Not installed" fi if [ -d "extensions/YouTube" ]; then echo "YouTube: Installed" else echo "YouTube: Not installed" fi if [ -d "extensions/ContributionScores" ]; then echo "ContributionScores: Installed" else echo "ContributionScores: Not installed" fi echo "" echo "=== Update System ===" if [ -f ".last_import" ]; then echo "Current version: $(grep 'Import:' .last_import | cut -d' ' -f2)" echo "Import date: $(grep 'Date:' .last_import | cut -d' ' -f2-)" else echo "No version info available" fi echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" STATUS_EOF chmod +x /var/www/html/check_status.sh echo "" echo "Setup completed!" echo "Admin: admin / AdminPass123!" echo "Update scripts installed:" echo "- /var/www/html/check_updates.sh (user-friendly)" echo "- /var/www/html/update_xml.sh (direct)" # Final counts PAGES=$(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "0") echo "Pages imported: $PAGES" service mariadb stop </syntaxhighlight> === 2.4: XML Update Script === <syntaxhighlight lang="bash"> nano update_xml.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "=== CompleteNoobs Wiki XML Updater ===" echo "This will check for new and updated pages" echo "" # Function to check if running in container check_environment() { if [ ! -f "/var/www/html/LocalSettings.php" ]; then echo "Error: This script must be run inside the wiki container" exit 1 fi } # Function to get current XML version get_current_version() { if [ -f "/var/www/html/.last_import" ]; then grep "Import:" /var/www/html/.last_import | cut -d' ' -f2 else echo "none" fi } # Function to check for updates check_for_updates() { python3 - << 'PYTHON_EOF' import requests from bs4 import BeautifulSoup import re import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_latest_dump(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] if dumps: latest = sorted(dumps, key=parse_date_from_dump, reverse=True)[0] # Get XML files from latest dump response = requests.get(f"{BASE_URL}{latest}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] if files: newest_xml = sorted(files, reverse=True)[0] print(f"{latest}/{newest_xml}") sys.exit(0) except Exception as e: print(f"ERROR: {e}", file=sys.stderr) sys.exit(1) print("ERROR: No dumps found", file=sys.stderr) sys.exit(1) get_latest_dump() PYTHON_EOF } # Function to download new XML download_xml() { local dump_info="$1" local dump_dir=$(echo "$dump_info" | cut -d'/' -f1) local xml_file=$(echo "$dump_info" | cut -d'/' -f2) local url="https://xml.completenoobs.com/xmlDumps/${dump_info}" echo "Downloading: $xml_file" echo "From: $dump_dir" echo "URL: $url" if wget -O /tmp/new_dump.xml "$url" --progress=bar:force 2>&1; then echo "Download successful!" return 0 else echo "Download failed!" return 1 fi } # Function to backup current database backup_database() { echo "Creating database backup..." TIMESTAMP=$(date +%Y%m%d_%H%M%S) mysqldump --user=wikiuser --password=wikipass completenoobs_wiki > /tmp/wiki_backup_${TIMESTAMP}.sql echo "Backup created: /tmp/wiki_backup_${TIMESTAMP}.sql" } # Function to analyze and import changes analyze_and_import() { echo "Analyzing differences between XML and local wiki..." # Create analysis and import script for MediaWiki 1.44+ cat > /tmp/analyze_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class AnalyzeAndImport extends Maintenance { private $db; private $new_pages = []; private $changed_pages = []; private $unchanged_pages = []; public function __construct() { parent::__construct(); $this->addDescription('Analyze and selectively import from XML dump'); } public function execute() { $this->db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // MediaWiki 1.35+ uses slots and content tables // Get existing pages with their content $query = " SELECT p.page_title, p.page_id, c.content_address, c.content_sha1 FROM page p JOIN revision r ON p.page_latest = r.rev_id JOIN slots s ON r.rev_id = s.slot_revision_id JOIN slot_roles sr ON s.slot_role_id = sr.role_id JOIN content c ON s.slot_content_id = c.content_id WHERE p.page_namespace = 0 AND sr.role_name = 'main' "; $result = $this->db->query($query); if (!$result) { $this->error("Database query failed: " . $this->db->error); return; } $existing = []; while ($row = $result->fetch_assoc()) { // Get actual text content $text_content = $this->getTextContent($row['content_address']); $existing[$row['page_title']] = [ 'id' => $row['page_id'], 'content' => $text_content, 'sha1' => $row['content_sha1'] ]; } // Parse XML and compare $xml = simplexml_load_file('/tmp/new_dump.xml'); foreach ($xml->page as $page) { $title = str_replace(' ', '_', (string)$page->title); $xml_content = (string)$page->revision->text; if (!isset($existing[$title])) { // New page $this->new_pages[$title] = $xml_content; } else { // Compare content using SHA1 for efficiency $xml_sha1 = sha1($xml_content); if ($existing[$title]['sha1'] !== $xml_sha1) { // Content is different $this->changed_pages[$title] = [ 'local' => $existing[$title]['content'], 'xml' => $xml_content, 'page_id' => $existing[$title]['id'] ]; } else { $this->unchanged_pages[] = $title; } } } // Display summary $this->output("\n=== Update Analysis ===\n"); $this->output("New pages to import: " . count($this->new_pages) . "\n"); $this->output("Changed pages found: " . count($this->changed_pages) . "\n"); $this->output("Unchanged pages: " . count($this->unchanged_pages) . "\n"); // Save analysis for review file_put_contents('/tmp/update_analysis.json', json_encode([ 'new' => array_keys($this->new_pages), 'changed' => array_keys($this->changed_pages), 'unchanged' => $this->unchanged_pages ], JSON_PRETTY_PRINT)); // Show changed pages with preview (limit to first 20 for readability) if (count($this->changed_pages) > 0) { $this->output("\n=== Changed Pages ===\n"); $count = 0; $total_changed = count($this->changed_pages); foreach ($this->changed_pages as $title => $data) { $count++; if ($count <= 20) { $this->output("\n$count. $title\n"); // Create a simple diff preview (first 300 chars) $xml_preview = substr($data['xml'], 0, 100); // Save full diff to file $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; file_put_contents($diff_file, "=== FULL DIFF FOR: $title ===\n\n"); file_put_contents($diff_file, "--- LOCAL VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['local'] . "\n\n", FILE_APPEND); file_put_contents($diff_file, "--- XML VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['xml'], FILE_APPEND); $this->output(" Preview: " . $xml_preview . "...\n"); } } if ($total_changed > 20) { $this->output("\n... and " . ($total_changed - 20) . " more changed pages.\n"); $this->output("All diff files saved to /tmp/diff_*.txt\n"); } } // Interactive selection if (count($this->new_pages) > 0 || count($this->changed_pages) > 0) { $this->output("\n=== Import Options ===\n"); $this->output("1. Import new pages only (preserve all local changes)\n"); $this->output("2. Import new pages + update ALL changed pages (overwrites local changes)\n"); $this->output("3. Selective import (choose which updates to apply)\n"); $this->output("4. Cancel (no changes)\n"); // Save state for import script WITHOUT the XML object $import_data = [ 'new_pages' => $this->new_pages, 'changed_pages' => $this->changed_pages, 'xml_file' => '/tmp/new_dump.xml' // Save path instead of object ]; file_put_contents('/tmp/import_data.ser', serialize($import_data)); } else { $this->output("\nNo changes detected. Your wiki is up to date!\n"); } } private function getTextContent($address) { // Handle different content storage formats in MW 1.35+ if (strpos($address, 'tt:') === 0) { // Text table reference $text_id = substr($address, 3); $result = $this->db->query("SELECT old_text FROM text WHERE old_id = $text_id"); if ($row = $result->fetch_assoc()) { return $row['old_text']; } } elseif (strpos($address, 'es:') === 0) { // External storage - would need special handling return "[External storage content]"; } // Direct content return $address; } } $maintClass = AnalyzeAndImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/analyze_import.php } # Function to perform selected import perform_import() { local choice=$1 cat > /tmp/do_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class DoImport extends Maintenance { public function __construct() { parent::__construct(); $this->addOption('mode', 'Import mode', true, true); } public function execute() { $mode = $this->getOption('mode'); $data = unserialize(file_get_contents('/tmp/import_data.ser')); // Load XML file $xml = simplexml_load_file($data['xml_file']); $new_imported = 0; $updated = 0; // Import new pages (always for modes 1-3) if ($mode != '4') { foreach ($data['new_pages'] as $title => $content) { $this->importPage($title, $content, $xml); $new_imported++; $this->output("Imported new page: $title\n"); } } // Handle changed pages based on mode if ($mode == '2') { // Update all changed pages foreach ($data['changed_pages'] as $title => $info) { $this->output("Updating: $title\n"); if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated page: $title\n"); } else { $this->output("Failed to update: $title\n"); } } } elseif ($mode == '3') { // Selective update $this->output("\n=== Selective Import Mode ===\n"); $this->output("For each changed page, choose:\n"); $this->output(" y = yes, update this page\n"); $this->output(" n = no, keep local version\n"); $this->output(" d = show diff file\n"); $this->output(" a = update all remaining pages\n"); $this->output(" s = skip all remaining pages\n\n"); $update_all = false; $skip_all = false; foreach ($data['changed_pages'] as $title => $info) { if ($skip_all) { $this->output("Skipped: $title\n"); continue; } if ($update_all) { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } continue; } $this->output("\nPage: $title\n"); $this->output("Action (y/n/d/a/s): "); $handle = fopen("php://stdin", "r"); $line = trim(fgets($handle)); while ($line == 'd') { // Show diff $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; if (file_exists($diff_file)) { system("head -50 $diff_file"); $this->output("\n[Showing first 50 lines - full file at $diff_file]\n"); } $this->output("Action (y/n/a/s): "); $line = trim(fgets($handle)); } if ($line == 'a') { $update_all = true; if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } } elseif ($line == 's') { $skip_all = true; $this->output("Skipped: $title\n"); } elseif ($line == 'y') { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } else { $this->output("Failed to update: $title\n"); } } else { $this->output("Skipped: $title\n"); } } } $this->output("\n=== Import Complete ===\n"); $this->output("New pages imported: $new_imported\n"); $this->output("Pages updated: $updated\n"); } private function importPage($title, $content, $xml) { // Create single page XML for import $tempFile = '/tmp/single_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } // Find and add the page foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } break; } } $singlePage->asXML($tempFile); exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1"); unlink($tempFile); } private function reimportPage($title, $xml) { // For updating existing pages, delete then reimport $db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // Delete the existing page $safe_title = $db->real_escape_string(str_replace(' ', '_', $title)); $db->query("DELETE FROM page WHERE page_title = '$safe_title' AND page_namespace = 0"); $db->close(); // Now import the new version foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $tempFile = '/tmp/update_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } $singlePage->asXML($tempFile); $result = exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1", $output, $return); unlink($tempFile); return ($return === 0); } } return false; } } $maintClass = DoImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/do_import.php --mode="$choice" } # Main execution main() { check_environment # Start MariaDB if not running service mariadb status > /dev/null 2>&1 || service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then break fi sleep 1 done CURRENT=$(get_current_version) echo "Current version: $CURRENT" echo "" echo "Checking for updates..." LATEST=$(check_for_updates 2>/dev/null) if [ $? -ne 0 ] || [ -z "$LATEST" ] || [[ "$LATEST" == *"ERROR"* ]]; then echo "Failed to check for updates" exit 1 fi echo "Latest available: $LATEST" echo "" # Always proceed to analysis even if versions match # (there might be content updates in the same version) echo "Proceeding with content analysis..." echo "" # Backup database backup_database # Download new XML if ! download_xml "$LATEST"; then echo "Failed to download new XML" exit 1 fi # Analyze differences analyze_and_import # Check if there are changes to import if [ -f "/tmp/import_data.ser" ]; then echo "" read -p "Choose option (1-4): " -n 1 -r echo if [[ $REPLY =~ ^[1-4]$ ]]; then if [ "$REPLY" != "4" ]; then perform_import "$REPLY" # Update version info echo "Import: $LATEST" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import # Rebuild indices echo "Rebuilding indices..." php maintenance/rebuildrecentchanges.php php maintenance/initSiteStats.php else echo "Update cancelled" fi else echo "Invalid option. Update cancelled" fi fi # Clean up temp files rm -f /tmp/import_data.ser /tmp/update_analysis.json /tmp/diff_*.txt /tmp/analyze_import.php /tmp/do_import.php 2>/dev/null echo "" echo "Done!" } # Run main function main "$@" </syntaxhighlight> === 2.5: Entrypoint Script === <syntaxhighlight lang="bash"> nano entrypoint.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash echo "Starting CompleteNoobs Wiki..." service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 1 done echo "" echo "CompleteNoobs Wiki ready at: http://localhost:8080" echo "Admin login: admin / AdminPass123!" echo "" echo "Features:" echo "- Complete wiki content imported from XML" echo "- License notices on all pages (via PageNotice)" echo "- SyntaxHighlight for code blocks" echo "- YouTube video embedding" echo "- Contribution Scores special page" echo "- XML update system (preserves local edits)" echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" echo "" apache2-foreground </syntaxhighlight> == Step 3: Build and Run == === 3.1: Build the Image === <syntaxhighlight lang="bash"> docker build -t completenoobs/wiki:latest . </syntaxhighlight> This will take several minutes. === 3.2: Run the Container === <syntaxhighlight lang="bash"> docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> * NOTE: The above <code>docker run</code> command is for quick testing, if you want to be able to export your wiki's database to an XML file you can backup and share, please use method in expanding info box below. <div class="toccolours mw-collapsible mw-collapsed"> If you want to be able to Export Your MediaWiki Database to Dated XML File - use this <code>docker run</code> method: <div class="mw-collapsible-content"> To export your MediaWiki database to a dated XML file (e.g., <code>20250901.xml</code>) and save it to the host’s <code>~/wiki-container</code> directory, run the export script inside the Docker container and use a volume mount to write the file to the host.<br><br> <b>Step 1: Create Host Directory</b><br> On the host, ensure the <code>~/wiki-container</code> directory exists:<br> <syntaxhighlight lang="bash"> mkdir -p ~/wiki-container </syntaxhighlight><br> <b>Step 2: Run Container with Volume Mount</b><br> If your container isn’t already using a volume for <code>~/wiki-container</code>, stop and remove it, then restart with a volume mount:<br> <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/cnoobs-wiki:0.1 </syntaxhighlight><br> <b>Step 3: Run Export Script in Container</b><br> Access the container’s shell:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> Inside the container, run the export script to create a dated XML file:<br> <syntaxhighlight lang="bash"> DATE=$(date +%Y%m%d) php /var/www/html/maintenance/run.php dumpBackup.php --full --output=file:/export/$DATE.xml exit </syntaxhighlight> This writes the file (e.g., <code>20250901.xml</code>) to <code>/export</code> in the container, which maps to <code>~/wiki-container</code> on the host.<br><br> <b>Step 4: Verify the File</b><br> On the host, check for the XML file:<br> <syntaxhighlight lang="bash"> ls ~/wiki-container </syntaxhighlight> You should see a file like <code>20250901.xml</code>.<br><br> <b>Notes</b><br> - If you encounter permission issues, ensure the container’s user has write access to <code>/export</code>:<br> <syntaxhighlight lang="bash"> chmod -R 777 /export </syntaxhighlight> - The script must be run inside the container, as it requires MediaWiki’s environment and database access.<br> - If your container uses a different volume setup, adjust the mount point accordingly. </div> </div> == Step 4: Test Everything == === 4.1: Check the Wiki === * Visit: http://localhost:8080 * You should see the PageNotice at the top * Login with: admin / AdminPass123! <div class="toccolours mw-collapsible mw-collapsed"> Change Admin Password: <div class="mw-collapsible-content"> By default, the admin user's password is <code>AdminPass123!</code>. It's highly recommended to change this immediately. You can do this either through the wiki's web interface or directly in the Docker terminal.<br><br> <b>Method 1: Change Password via Web Interface</b><br> This is the easiest method. You can change your password directly from the wiki itself.<br> 1. Log in to your wiki with the default credentials: <code>admin</code> / <code>AdminPass123!</code>.<br> 2. Once logged in, click your username (<code>admin</code>) in the top-right corner of the page.<br> 3. From the drop-down menu, select <b>Preferences</b>.<br> 4. On the Preferences page, go to the <b>Password</b> tab.<br> 5. Enter the current password (<code>AdminPass123!</code>), then enter your new password twice.<br> 6. Click <b>Change password</b>.<br> Your password is now changed, and you will need to use the new one for future logins.<br><br> <b>Method 2: Change Password via Terminal (No-Email Reset)</b><br> If you have forgotten the password or prefer to use the command line, you can reset it directly inside the Docker container using a MediaWiki maintenance script.<br> 1. <b>Access the container's shell</b> with the following command from your host machine:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> 2. Once inside the container, use the <code>changePassword.php</code> maintenance script to change the password. This is the modern, recommended way to run MediaWiki maintenance scripts.<br> * Change <b>NEWPASSWORD</b> to your new password<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD </syntaxhighlight> 3. Type <code>exit</code> to leave the container's shell.<br> The admin password has now been reset. You can log in to your wiki with the new password. </div> </div> === 4.2: Test Extensions === * '''YouTube''': Edit any page, add <code><youtube>N9qYF9DZPdw</youtube></code> * '''PageNotice''': Should already be visible at the top * '''SyntaxHighlight''': Add code blocks with <nowiki><code><syntaxhighlight lang="python">code here</syntaxhighlight></code></nowiki> === 4.3: Check Status === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki /var/www/html/check_status.sh </syntaxhighlight> == Step 5: XML Update Operations == *NOTE: update_xml.sh still needs alot of work, this just idea placeholder for now. === 5.1: Check for Updates (Interactive) === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki /var/www/html/check_updates.sh </syntaxhighlight> This will: * Check the CompleteNoobs XML repository for new dumps * Compare with your current version * Ask for confirmation before updating * Import ONLY new pages (preserves your edits) * Create a backup before making changes === 5.2: Force Update (Non-Interactive) === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki bash -c "echo 'y' | /var/www/html/update_xml.sh" </syntaxhighlight> === 5.3: Manual Update Process === <syntaxhighlight lang="bash"> # 1. Enter container docker exec -it completenoobs_wiki bash # 2. Check current version cat /var/www/html/.last_import # 3. Run update /var/www/html/check_updates.sh # 4. Exit container exit </syntaxhighlight> == Step 6: Troubleshooting Commands == === Access container shell: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> === Edit configuration: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki nano /var/www/html/LocalSettings.php </syntaxhighlight> === Check logs: === <syntaxhighlight lang="bash"> docker logs completenoobs_wiki </syntaxhighlight> === View update logs: === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki tail -f /tmp/mediawiki-debug.log </syntaxhighlight> === Complete restart: === <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Expected Results == * Working wiki with imported CompleteNoobs content * PageNotice visible at top of all pages * All extensions functional * Text editors (nano/vim) available in container * Utility scripts for maintenance * XML update system that preserves local edits ==need to add== * way for user to backup there local custom wiki - xml exporter 2v7wntjdx193p1qimkfcr5x53w5ev0n 669 665 2025-09-02T10:23:46Z AwesomO 5 /* 4.1: Check the Wiki */ 669 wikitext text/x-wiki = Complete Noobs Docker Wiki Tutorial = * [[Docker_Install_Guide| Docker install guide]] ==errors== * This mainly works - just need to fix the extensions popular pages and contrubtion scores * The XML updater requires more work - currently idea placeholder == Prerequisites == * Ubuntu 24.04 * Docker installed and running * Your user in docker group: <code>sudo usermod -aG docker $USER</code> (then logout/login) == Step 2: Create All Files == === 2.1: Dockerfile === <syntaxhighlight lang="bash"> nano Dockerfile </syntaxhighlight> Copy this exactly: <syntaxhighlight lang="dockerfile"> FROM mediawiki:1.44 # Mediawiki 1.44 used over latest because can confirm extensions youtube and pagenotice works # Install dependencies RUN apt-get update && apt-get install -y \ mariadb-server \ python3 \ python3-requests \ python3-bs4 \ python3-pygments \ curl \ wget \ unzip \ nano \ git \ && apt-get clean # Copy scripts COPY download_latest_xml.py /usr/src/download_latest_xml.py COPY setup_wiki.sh /usr/src/setup_wiki.sh COPY update_xml.sh /usr/src/update_xml.sh COPY entrypoint.sh /entrypoint.sh # Make executable RUN chmod +x /usr/src/setup_wiki.sh /entrypoint.sh /usr/src/update_xml.sh # Download XML RUN python3 /usr/src/download_latest_xml.py # Setup wiki RUN /usr/src/setup_wiki.sh EXPOSE 80 VOLUME /var/lib/mysql VOLUME /var/www/html/images ENTRYPOINT ["/entrypoint.sh"] </syntaxhighlight> === 2.2: XML Download Script === <syntaxhighlight lang="bash"> nano download_latest_xml.py </syntaxhighlight> <syntaxhighlight lang="python"> #!/usr/bin/env python3 import os import requests from bs4 import BeautifulSoup import re BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_available_dumps(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] return sorted(dumps, key=parse_date_from_dump, reverse=True) except Exception as e: print(f"Error fetching dumps: {e}") return [] def get_dump_files(dump): try: response = requests.get(f"{BASE_URL}{dump}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] return sorted(files, reverse=True) except Exception as e: print(f"Error fetching dump files: {e}") return [] def download_file(url, filename): try: print(f"Downloading {filename}...") response = requests.get(url, stream=True, timeout=60) response.raise_for_status() total_size = int(response.headers.get('content-length', 0)) downloaded = 0 with open(filename, 'wb') as f: for chunk in response.iter_content(chunk_size=8192): if chunk: f.write(chunk) downloaded += len(chunk) if total_size > 0: progress = (downloaded / total_size) * 100 print(f"\rProgress: {progress:.1f}%", end='', flush=True) print() return True except Exception as e: print(f"Error downloading {filename}: {e}") return False def main(): print("Fetching available XML dumps...") dumps = get_available_dumps() if not dumps: print("No dumps found!") exit(1) newest_dump = dumps[0] print(f"Latest dump: {newest_dump}") files = get_dump_files(newest_dump) if not files: print("No XML files found in latest dump!") exit(1) newest_xml = files[0] xml_url = f"{BASE_URL}{newest_dump}/{newest_xml}" local_filename = "/tmp/completenoobs_dump.xml" if download_file(xml_url, local_filename): print(f"Successfully downloaded {newest_xml}") with open("/tmp/dump_info.txt", "w") as f: f.write(f"{newest_dump}/{newest_xml}") else: print("Failed to download XML dump!") exit(1) if __name__ == "__main__": main() </syntaxhighlight> === 2.3: Main Setup Script === <syntaxhighlight lang="bash"> nano setup_wiki.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "Setting up CompleteNoobs Wiki..." # Initialize MariaDB if [ ! -d "/var/lib/mysql/mysql" ]; then mysql_install_db --user=mysql --datadir=/var/lib/mysql fi service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 2 done # Setup database mysql -e "CREATE DATABASE IF NOT EXISTS completenoobs_wiki CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'127.0.0.1' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'127.0.0.1';" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'localhost' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'localhost';" mysql -e "FLUSH PRIVILEGES;" # Install MediaWiki cd /var/www/html php maintenance/install.php \ --dbtype=mysql \ --dbserver=127.0.0.1 \ --dbname=completenoobs_wiki \ --dbuser=wikiuser \ --dbpass=wikipass \ --server="http://localhost:8080" \ --scriptpath="" \ --lang=en \ --pass=AdminPass123! \ "CompleteNoobs Wiki" \ "admin" # Download and install extensions cd extensions/ git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/PageNotice --branch REL1_44 || echo "PageNotice download failed, continuing..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/YouTube --branch REL1_44 || echo "YouTube download failed, continuing..." cd /var/www/html # Configure LocalSettings.php cat >> LocalSettings.php << 'EOF' # Basic settings $wgEnableUploads = true; $wgUseImageMagick = true; $wgImageMagickConvertCommand = "/usr/bin/convert"; $wgDefaultSkin = "vector-2022"; $wgAllowExternalImages = true; # Debug (can be removed later) $wgShowExceptionDetails = true; $wgDebugLogFile = "/tmp/mediawiki-debug.log"; # PageNotice extension (if available) if ( file_exists( "$IP/extensions/PageNotice/extension.json" ) ) { wfLoadExtension( 'PageNotice' ); } # YouTube extension (if available) if ( file_exists( "$IP/extensions/YouTube/extension.json" ) ) { wfLoadExtension( 'YouTube' ); } # SyntaxHighlight (usually bundled) if ( file_exists( "$IP/extensions/SyntaxHighlight_GeSHi/extension.json" ) ) { wfLoadExtension( 'SyntaxHighlight_GeSHi' ); $wgPygmentizePath = '/usr/bin/pygmentize'; } EOF # Import XML dump if available if [ -f "/tmp/completenoobs_dump.xml" ]; then echo "Importing XML dump..." if php maintenance/importDump.php --uploads < /tmp/completenoobs_dump.xml; then echo "XML import completed!" else echo "XML import had warnings" fi # Basic maintenance php maintenance/update.php --quick || echo "Update completed with warnings" php maintenance/rebuildrecentchanges.php || echo "RecentChanges rebuilt with warnings" php maintenance/initSiteStats.php || echo "SiteStats initialized with warnings" if [ -f "/tmp/dump_info.txt" ]; then echo "Import: $(cat /tmp/dump_info.txt)" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import fi else echo "No XML dump found - starting with empty wiki" fi # Copy update script to accessible location cp /usr/src/update_xml.sh /var/www/html/update_xml.sh chmod +x /var/www/html/update_xml.sh # Create user-friendly update wrapper cat > /var/www/html/check_updates.sh << 'UPDATE_WRAPPER_EOF' #!/bin/bash echo "=== CompleteNoobs Wiki Update Checker ===" echo "" echo "This tool checks for new content from the CompleteNoobs XML repository" echo "and imports ONLY new pages, preserving all your local edits." echo "" /var/www/html/update_xml.sh UPDATE_WRAPPER_EOF chmod +x /var/www/html/check_updates.sh # Create simple status script cat > /var/www/html/check_status.sh << 'STATUS_EOF' #!/bin/bash cd /var/www/html echo "=== Wiki Status ===" echo "Pages: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "Error")" echo "Users: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM user WHERE user_id > 0;" -s -N 2>/dev/null || echo "Error")" echo "" echo "=== Extensions ===" if [ -d "extensions/PageNotice" ]; then echo "PageNotice: Installed" else echo "PageNotice: Not installed" fi if [ -d "extensions/YouTube" ]; then echo "YouTube: Installed" else echo "YouTube: Not installed" fi if [ -d "extensions/ContributionScores" ]; then echo "ContributionScores: Installed" else echo "ContributionScores: Not installed" fi echo "" echo "=== Update System ===" if [ -f ".last_import" ]; then echo "Current version: $(grep 'Import:' .last_import | cut -d' ' -f2)" echo "Import date: $(grep 'Date:' .last_import | cut -d' ' -f2-)" else echo "No version info available" fi echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" STATUS_EOF chmod +x /var/www/html/check_status.sh echo "" echo "Setup completed!" echo "Admin: admin / AdminPass123!" echo "Update scripts installed:" echo "- /var/www/html/check_updates.sh (user-friendly)" echo "- /var/www/html/update_xml.sh (direct)" # Final counts PAGES=$(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "0") echo "Pages imported: $PAGES" service mariadb stop </syntaxhighlight> === 2.4: XML Update Script === <syntaxhighlight lang="bash"> nano update_xml.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "=== CompleteNoobs Wiki XML Updater ===" echo "This will check for new and updated pages" echo "" # Function to check if running in container check_environment() { if [ ! -f "/var/www/html/LocalSettings.php" ]; then echo "Error: This script must be run inside the wiki container" exit 1 fi } # Function to get current XML version get_current_version() { if [ -f "/var/www/html/.last_import" ]; then grep "Import:" /var/www/html/.last_import | cut -d' ' -f2 else echo "none" fi } # Function to check for updates check_for_updates() { python3 - << 'PYTHON_EOF' import requests from bs4 import BeautifulSoup import re import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_latest_dump(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] if dumps: latest = sorted(dumps, key=parse_date_from_dump, reverse=True)[0] # Get XML files from latest dump response = requests.get(f"{BASE_URL}{latest}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] if files: newest_xml = sorted(files, reverse=True)[0] print(f"{latest}/{newest_xml}") sys.exit(0) except Exception as e: print(f"ERROR: {e}", file=sys.stderr) sys.exit(1) print("ERROR: No dumps found", file=sys.stderr) sys.exit(1) get_latest_dump() PYTHON_EOF } # Function to download new XML download_xml() { local dump_info="$1" local dump_dir=$(echo "$dump_info" | cut -d'/' -f1) local xml_file=$(echo "$dump_info" | cut -d'/' -f2) local url="https://xml.completenoobs.com/xmlDumps/${dump_info}" echo "Downloading: $xml_file" echo "From: $dump_dir" echo "URL: $url" if wget -O /tmp/new_dump.xml "$url" --progress=bar:force 2>&1; then echo "Download successful!" return 0 else echo "Download failed!" return 1 fi } # Function to backup current database backup_database() { echo "Creating database backup..." TIMESTAMP=$(date +%Y%m%d_%H%M%S) mysqldump --user=wikiuser --password=wikipass completenoobs_wiki > /tmp/wiki_backup_${TIMESTAMP}.sql echo "Backup created: /tmp/wiki_backup_${TIMESTAMP}.sql" } # Function to analyze and import changes analyze_and_import() { echo "Analyzing differences between XML and local wiki..." # Create analysis and import script for MediaWiki 1.44+ cat > /tmp/analyze_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class AnalyzeAndImport extends Maintenance { private $db; private $new_pages = []; private $changed_pages = []; private $unchanged_pages = []; public function __construct() { parent::__construct(); $this->addDescription('Analyze and selectively import from XML dump'); } public function execute() { $this->db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // MediaWiki 1.35+ uses slots and content tables // Get existing pages with their content $query = " SELECT p.page_title, p.page_id, c.content_address, c.content_sha1 FROM page p JOIN revision r ON p.page_latest = r.rev_id JOIN slots s ON r.rev_id = s.slot_revision_id JOIN slot_roles sr ON s.slot_role_id = sr.role_id JOIN content c ON s.slot_content_id = c.content_id WHERE p.page_namespace = 0 AND sr.role_name = 'main' "; $result = $this->db->query($query); if (!$result) { $this->error("Database query failed: " . $this->db->error); return; } $existing = []; while ($row = $result->fetch_assoc()) { // Get actual text content $text_content = $this->getTextContent($row['content_address']); $existing[$row['page_title']] = [ 'id' => $row['page_id'], 'content' => $text_content, 'sha1' => $row['content_sha1'] ]; } // Parse XML and compare $xml = simplexml_load_file('/tmp/new_dump.xml'); foreach ($xml->page as $page) { $title = str_replace(' ', '_', (string)$page->title); $xml_content = (string)$page->revision->text; if (!isset($existing[$title])) { // New page $this->new_pages[$title] = $xml_content; } else { // Compare content using SHA1 for efficiency $xml_sha1 = sha1($xml_content); if ($existing[$title]['sha1'] !== $xml_sha1) { // Content is different $this->changed_pages[$title] = [ 'local' => $existing[$title]['content'], 'xml' => $xml_content, 'page_id' => $existing[$title]['id'] ]; } else { $this->unchanged_pages[] = $title; } } } // Display summary $this->output("\n=== Update Analysis ===\n"); $this->output("New pages to import: " . count($this->new_pages) . "\n"); $this->output("Changed pages found: " . count($this->changed_pages) . "\n"); $this->output("Unchanged pages: " . count($this->unchanged_pages) . "\n"); // Save analysis for review file_put_contents('/tmp/update_analysis.json', json_encode([ 'new' => array_keys($this->new_pages), 'changed' => array_keys($this->changed_pages), 'unchanged' => $this->unchanged_pages ], JSON_PRETTY_PRINT)); // Show changed pages with preview (limit to first 20 for readability) if (count($this->changed_pages) > 0) { $this->output("\n=== Changed Pages ===\n"); $count = 0; $total_changed = count($this->changed_pages); foreach ($this->changed_pages as $title => $data) { $count++; if ($count <= 20) { $this->output("\n$count. $title\n"); // Create a simple diff preview (first 300 chars) $xml_preview = substr($data['xml'], 0, 100); // Save full diff to file $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; file_put_contents($diff_file, "=== FULL DIFF FOR: $title ===\n\n"); file_put_contents($diff_file, "--- LOCAL VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['local'] . "\n\n", FILE_APPEND); file_put_contents($diff_file, "--- XML VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['xml'], FILE_APPEND); $this->output(" Preview: " . $xml_preview . "...\n"); } } if ($total_changed > 20) { $this->output("\n... and " . ($total_changed - 20) . " more changed pages.\n"); $this->output("All diff files saved to /tmp/diff_*.txt\n"); } } // Interactive selection if (count($this->new_pages) > 0 || count($this->changed_pages) > 0) { $this->output("\n=== Import Options ===\n"); $this->output("1. Import new pages only (preserve all local changes)\n"); $this->output("2. Import new pages + update ALL changed pages (overwrites local changes)\n"); $this->output("3. Selective import (choose which updates to apply)\n"); $this->output("4. Cancel (no changes)\n"); // Save state for import script WITHOUT the XML object $import_data = [ 'new_pages' => $this->new_pages, 'changed_pages' => $this->changed_pages, 'xml_file' => '/tmp/new_dump.xml' // Save path instead of object ]; file_put_contents('/tmp/import_data.ser', serialize($import_data)); } else { $this->output("\nNo changes detected. Your wiki is up to date!\n"); } } private function getTextContent($address) { // Handle different content storage formats in MW 1.35+ if (strpos($address, 'tt:') === 0) { // Text table reference $text_id = substr($address, 3); $result = $this->db->query("SELECT old_text FROM text WHERE old_id = $text_id"); if ($row = $result->fetch_assoc()) { return $row['old_text']; } } elseif (strpos($address, 'es:') === 0) { // External storage - would need special handling return "[External storage content]"; } // Direct content return $address; } } $maintClass = AnalyzeAndImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/analyze_import.php } # Function to perform selected import perform_import() { local choice=$1 cat > /tmp/do_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class DoImport extends Maintenance { public function __construct() { parent::__construct(); $this->addOption('mode', 'Import mode', true, true); } public function execute() { $mode = $this->getOption('mode'); $data = unserialize(file_get_contents('/tmp/import_data.ser')); // Load XML file $xml = simplexml_load_file($data['xml_file']); $new_imported = 0; $updated = 0; // Import new pages (always for modes 1-3) if ($mode != '4') { foreach ($data['new_pages'] as $title => $content) { $this->importPage($title, $content, $xml); $new_imported++; $this->output("Imported new page: $title\n"); } } // Handle changed pages based on mode if ($mode == '2') { // Update all changed pages foreach ($data['changed_pages'] as $title => $info) { $this->output("Updating: $title\n"); if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated page: $title\n"); } else { $this->output("Failed to update: $title\n"); } } } elseif ($mode == '3') { // Selective update $this->output("\n=== Selective Import Mode ===\n"); $this->output("For each changed page, choose:\n"); $this->output(" y = yes, update this page\n"); $this->output(" n = no, keep local version\n"); $this->output(" d = show diff file\n"); $this->output(" a = update all remaining pages\n"); $this->output(" s = skip all remaining pages\n\n"); $update_all = false; $skip_all = false; foreach ($data['changed_pages'] as $title => $info) { if ($skip_all) { $this->output("Skipped: $title\n"); continue; } if ($update_all) { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } continue; } $this->output("\nPage: $title\n"); $this->output("Action (y/n/d/a/s): "); $handle = fopen("php://stdin", "r"); $line = trim(fgets($handle)); while ($line == 'd') { // Show diff $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; if (file_exists($diff_file)) { system("head -50 $diff_file"); $this->output("\n[Showing first 50 lines - full file at $diff_file]\n"); } $this->output("Action (y/n/a/s): "); $line = trim(fgets($handle)); } if ($line == 'a') { $update_all = true; if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } } elseif ($line == 's') { $skip_all = true; $this->output("Skipped: $title\n"); } elseif ($line == 'y') { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } else { $this->output("Failed to update: $title\n"); } } else { $this->output("Skipped: $title\n"); } } } $this->output("\n=== Import Complete ===\n"); $this->output("New pages imported: $new_imported\n"); $this->output("Pages updated: $updated\n"); } private function importPage($title, $content, $xml) { // Create single page XML for import $tempFile = '/tmp/single_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } // Find and add the page foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } break; } } $singlePage->asXML($tempFile); exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1"); unlink($tempFile); } private function reimportPage($title, $xml) { // For updating existing pages, delete then reimport $db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // Delete the existing page $safe_title = $db->real_escape_string(str_replace(' ', '_', $title)); $db->query("DELETE FROM page WHERE page_title = '$safe_title' AND page_namespace = 0"); $db->close(); // Now import the new version foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $tempFile = '/tmp/update_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } $singlePage->asXML($tempFile); $result = exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1", $output, $return); unlink($tempFile); return ($return === 0); } } return false; } } $maintClass = DoImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/do_import.php --mode="$choice" } # Main execution main() { check_environment # Start MariaDB if not running service mariadb status > /dev/null 2>&1 || service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then break fi sleep 1 done CURRENT=$(get_current_version) echo "Current version: $CURRENT" echo "" echo "Checking for updates..." LATEST=$(check_for_updates 2>/dev/null) if [ $? -ne 0 ] || [ -z "$LATEST" ] || [[ "$LATEST" == *"ERROR"* ]]; then echo "Failed to check for updates" exit 1 fi echo "Latest available: $LATEST" echo "" # Always proceed to analysis even if versions match # (there might be content updates in the same version) echo "Proceeding with content analysis..." echo "" # Backup database backup_database # Download new XML if ! download_xml "$LATEST"; then echo "Failed to download new XML" exit 1 fi # Analyze differences analyze_and_import # Check if there are changes to import if [ -f "/tmp/import_data.ser" ]; then echo "" read -p "Choose option (1-4): " -n 1 -r echo if [[ $REPLY =~ ^[1-4]$ ]]; then if [ "$REPLY" != "4" ]; then perform_import "$REPLY" # Update version info echo "Import: $LATEST" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import # Rebuild indices echo "Rebuilding indices..." php maintenance/rebuildrecentchanges.php php maintenance/initSiteStats.php else echo "Update cancelled" fi else echo "Invalid option. Update cancelled" fi fi # Clean up temp files rm -f /tmp/import_data.ser /tmp/update_analysis.json /tmp/diff_*.txt /tmp/analyze_import.php /tmp/do_import.php 2>/dev/null echo "" echo "Done!" } # Run main function main "$@" </syntaxhighlight> === 2.5: Entrypoint Script === <syntaxhighlight lang="bash"> nano entrypoint.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash echo "Starting CompleteNoobs Wiki..." service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 1 done echo "" echo "CompleteNoobs Wiki ready at: http://localhost:8080" echo "Admin login: admin / AdminPass123!" echo "" echo "Features:" echo "- Complete wiki content imported from XML" echo "- License notices on all pages (via PageNotice)" echo "- SyntaxHighlight for code blocks" echo "- YouTube video embedding" echo "- Contribution Scores special page" echo "- XML update system (preserves local edits)" echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" echo "" apache2-foreground </syntaxhighlight> == Step 3: Build and Run == === 3.1: Build the Image === <syntaxhighlight lang="bash"> docker build -t completenoobs/wiki:latest . </syntaxhighlight> This will take several minutes. === 3.2: Run the Container === <syntaxhighlight lang="bash"> docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> * NOTE: The above <code>docker run</code> command is for quick testing, if you want to be able to export your wiki's database to an XML file you can backup and share, please use method in expanding info box below. <div class="toccolours mw-collapsible mw-collapsed"> If you want to be able to Export Your MediaWiki Database to Dated XML File - use this <code>docker run</code> method: <div class="mw-collapsible-content"> To export your MediaWiki database to a dated XML file (e.g., <code>20250901.xml</code>) and save it to the host’s <code>~/wiki-container</code> directory, run the export script inside the Docker container and use a volume mount to write the file to the host.<br><br> <b>Step 1: Create Host Directory</b><br> On the host, ensure the <code>~/wiki-container</code> directory exists:<br> <syntaxhighlight lang="bash"> mkdir -p ~/wiki-container </syntaxhighlight><br> <b>Step 2: Run Container with Volume Mount</b><br> If your container isn’t already using a volume for <code>~/wiki-container</code>, stop and remove it, then restart with a volume mount:<br> <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/cnoobs-wiki:0.1 </syntaxhighlight><br> <b>Step 3: Run Export Script in Container</b><br> Access the container’s shell:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> Inside the container, run the export script to create a dated XML file:<br> <syntaxhighlight lang="bash"> DATE=$(date +%Y%m%d) php /var/www/html/maintenance/run.php dumpBackup.php --full --output=file:/export/$DATE.xml exit </syntaxhighlight> This writes the file (e.g., <code>20250901.xml</code>) to <code>/export</code> in the container, which maps to <code>~/wiki-container</code> on the host.<br><br> <b>Step 4: Verify the File</b><br> On the host, check for the XML file:<br> <syntaxhighlight lang="bash"> ls ~/wiki-container </syntaxhighlight> You should see a file like <code>20250901.xml</code>.<br><br> <b>Notes</b><br> - If you encounter permission issues, ensure the container’s user has write access to <code>/export</code>:<br> <syntaxhighlight lang="bash"> chmod -R 777 /export </syntaxhighlight> - The script must be run inside the container, as it requires MediaWiki’s environment and database access.<br> - If your container uses a different volume setup, adjust the mount point accordingly. </div> </div> == Step 4: Test Everything == === 4.1: Check the Wiki === * Visit: http://localhost:8080 * You should see the PageNotice at the top * Login with: admin / AdminPass123! {{:Restore_the_completenoobs_Main_Page}} <div class="toccolours mw-collapsible mw-collapsed"> Change Admin Password: <div class="mw-collapsible-content"> By default, the admin user's password is <code>AdminPass123!</code>. It's highly recommended to change this immediately. You can do this either through the wiki's web interface or directly in the Docker terminal.<br><br> <b>Method 1: Change Password via Web Interface</b><br> This is the easiest method. You can change your password directly from the wiki itself.<br> 1. Log in to your wiki with the default credentials: <code>admin</code> / <code>AdminPass123!</code>.<br> 2. Once logged in, click your username (<code>admin</code>) in the top-right corner of the page.<br> 3. From the drop-down menu, select <b>Preferences</b>.<br> 4. On the Preferences page, go to the <b>Password</b> tab.<br> 5. Enter the current password (<code>AdminPass123!</code>), then enter your new password twice.<br> 6. Click <b>Change password</b>.<br> Your password is now changed, and you will need to use the new one for future logins.<br><br> <b>Method 2: Change Password via Terminal (No-Email Reset)</b><br> If you have forgotten the password or prefer to use the command line, you can reset it directly inside the Docker container using a MediaWiki maintenance script.<br> 1. <b>Access the container's shell</b> with the following command from your host machine:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> 2. Once inside the container, use the <code>changePassword.php</code> maintenance script to change the password. This is the modern, recommended way to run MediaWiki maintenance scripts.<br> * Change <b>NEWPASSWORD</b> to your new password<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD </syntaxhighlight> 3. Type <code>exit</code> to leave the container's shell.<br> The admin password has now been reset. You can log in to your wiki with the new password. </div> </div> === 4.2: Test Extensions === * '''YouTube''': Edit any page, add <code><youtube>N9qYF9DZPdw</youtube></code> * '''PageNotice''': Should already be visible at the top * '''SyntaxHighlight''': Add code blocks with <nowiki><code><syntaxhighlight lang="python">code here</syntaxhighlight></code></nowiki> === 4.3: Check Status === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki /var/www/html/check_status.sh </syntaxhighlight> == Step 5: XML Update Operations == *NOTE: update_xml.sh still needs alot of work, this just idea placeholder for now. === 5.1: Check for Updates (Interactive) === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki /var/www/html/check_updates.sh </syntaxhighlight> This will: * Check the CompleteNoobs XML repository for new dumps * Compare with your current version * Ask for confirmation before updating * Import ONLY new pages (preserves your edits) * Create a backup before making changes === 5.2: Force Update (Non-Interactive) === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki bash -c "echo 'y' | /var/www/html/update_xml.sh" </syntaxhighlight> === 5.3: Manual Update Process === <syntaxhighlight lang="bash"> # 1. Enter container docker exec -it completenoobs_wiki bash # 2. Check current version cat /var/www/html/.last_import # 3. Run update /var/www/html/check_updates.sh # 4. Exit container exit </syntaxhighlight> == Step 6: Troubleshooting Commands == === Access container shell: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> === Edit configuration: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki nano /var/www/html/LocalSettings.php </syntaxhighlight> === Check logs: === <syntaxhighlight lang="bash"> docker logs completenoobs_wiki </syntaxhighlight> === View update logs: === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki tail -f /tmp/mediawiki-debug.log </syntaxhighlight> === Complete restart: === <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Expected Results == * Working wiki with imported CompleteNoobs content * PageNotice visible at top of all pages * All extensions functional * Text editors (nano/vim) available in container * Utility scripts for maintenance * XML update system that preserves local edits ==need to add== * way for user to backup there local custom wiki - xml exporter ed8x11qhnrqbik8x8mfhbie41e76drn 671 669 2025-09-02T10:53:40Z AwesomO 5 /* Complete Noobs Docker Wiki Tutorial */ 671 wikitext text/x-wiki = Versions = * This is version 0.1 - many bugs * [[todo| CompleteNoobs Docker Image 0.2]] = Complete Noobs Docker Wiki Tutorial = * [[Docker_Install_Guide| Docker install guide]] ==errors== * This mainly works - just need to fix the extensions popular pages and contrubtion scores * The XML updater requires more work - currently idea placeholder == Prerequisites == * Ubuntu 24.04 * Docker installed and running * Your user in docker group: <code>sudo usermod -aG docker $USER</code> (then logout/login) == Step 2: Create All Files == === 2.1: Dockerfile === <syntaxhighlight lang="bash"> nano Dockerfile </syntaxhighlight> Copy this exactly: <syntaxhighlight lang="dockerfile"> FROM mediawiki:1.44 # Mediawiki 1.44 used over latest because can confirm extensions youtube and pagenotice works # Install dependencies RUN apt-get update && apt-get install -y \ mariadb-server \ python3 \ python3-requests \ python3-bs4 \ python3-pygments \ curl \ wget \ unzip \ nano \ git \ && apt-get clean # Copy scripts COPY download_latest_xml.py /usr/src/download_latest_xml.py COPY setup_wiki.sh /usr/src/setup_wiki.sh COPY update_xml.sh /usr/src/update_xml.sh COPY entrypoint.sh /entrypoint.sh # Make executable RUN chmod +x /usr/src/setup_wiki.sh /entrypoint.sh /usr/src/update_xml.sh # Download XML RUN python3 /usr/src/download_latest_xml.py # Setup wiki RUN /usr/src/setup_wiki.sh EXPOSE 80 VOLUME /var/lib/mysql VOLUME /var/www/html/images ENTRYPOINT ["/entrypoint.sh"] </syntaxhighlight> === 2.2: XML Download Script === <syntaxhighlight lang="bash"> nano download_latest_xml.py </syntaxhighlight> <syntaxhighlight lang="python"> #!/usr/bin/env python3 import os import requests from bs4 import BeautifulSoup import re BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_available_dumps(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] return sorted(dumps, key=parse_date_from_dump, reverse=True) except Exception as e: print(f"Error fetching dumps: {e}") return [] def get_dump_files(dump): try: response = requests.get(f"{BASE_URL}{dump}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] return sorted(files, reverse=True) except Exception as e: print(f"Error fetching dump files: {e}") return [] def download_file(url, filename): try: print(f"Downloading {filename}...") response = requests.get(url, stream=True, timeout=60) response.raise_for_status() total_size = int(response.headers.get('content-length', 0)) downloaded = 0 with open(filename, 'wb') as f: for chunk in response.iter_content(chunk_size=8192): if chunk: f.write(chunk) downloaded += len(chunk) if total_size > 0: progress = (downloaded / total_size) * 100 print(f"\rProgress: {progress:.1f}%", end='', flush=True) print() return True except Exception as e: print(f"Error downloading {filename}: {e}") return False def main(): print("Fetching available XML dumps...") dumps = get_available_dumps() if not dumps: print("No dumps found!") exit(1) newest_dump = dumps[0] print(f"Latest dump: {newest_dump}") files = get_dump_files(newest_dump) if not files: print("No XML files found in latest dump!") exit(1) newest_xml = files[0] xml_url = f"{BASE_URL}{newest_dump}/{newest_xml}" local_filename = "/tmp/completenoobs_dump.xml" if download_file(xml_url, local_filename): print(f"Successfully downloaded {newest_xml}") with open("/tmp/dump_info.txt", "w") as f: f.write(f"{newest_dump}/{newest_xml}") else: print("Failed to download XML dump!") exit(1) if __name__ == "__main__": main() </syntaxhighlight> === 2.3: Main Setup Script === <syntaxhighlight lang="bash"> nano setup_wiki.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "Setting up CompleteNoobs Wiki..." # Initialize MariaDB if [ ! -d "/var/lib/mysql/mysql" ]; then mysql_install_db --user=mysql --datadir=/var/lib/mysql fi service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 2 done # Setup database mysql -e "CREATE DATABASE IF NOT EXISTS completenoobs_wiki CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'127.0.0.1' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'127.0.0.1';" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'localhost' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'localhost';" mysql -e "FLUSH PRIVILEGES;" # Install MediaWiki cd /var/www/html php maintenance/install.php \ --dbtype=mysql \ --dbserver=127.0.0.1 \ --dbname=completenoobs_wiki \ --dbuser=wikiuser \ --dbpass=wikipass \ --server="http://localhost:8080" \ --scriptpath="" \ --lang=en \ --pass=AdminPass123! \ "CompleteNoobs Wiki" \ "admin" # Download and install extensions cd extensions/ git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/PageNotice --branch REL1_44 || echo "PageNotice download failed, continuing..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/YouTube --branch REL1_44 || echo "YouTube download failed, continuing..." cd /var/www/html # Configure LocalSettings.php cat >> LocalSettings.php << 'EOF' # Basic settings $wgEnableUploads = true; $wgUseImageMagick = true; $wgImageMagickConvertCommand = "/usr/bin/convert"; $wgDefaultSkin = "vector-2022"; $wgAllowExternalImages = true; # Debug (can be removed later) $wgShowExceptionDetails = true; $wgDebugLogFile = "/tmp/mediawiki-debug.log"; # PageNotice extension (if available) if ( file_exists( "$IP/extensions/PageNotice/extension.json" ) ) { wfLoadExtension( 'PageNotice' ); } # YouTube extension (if available) if ( file_exists( "$IP/extensions/YouTube/extension.json" ) ) { wfLoadExtension( 'YouTube' ); } # SyntaxHighlight (usually bundled) if ( file_exists( "$IP/extensions/SyntaxHighlight_GeSHi/extension.json" ) ) { wfLoadExtension( 'SyntaxHighlight_GeSHi' ); $wgPygmentizePath = '/usr/bin/pygmentize'; } EOF # Import XML dump if available if [ -f "/tmp/completenoobs_dump.xml" ]; then echo "Importing XML dump..." if php maintenance/importDump.php --uploads < /tmp/completenoobs_dump.xml; then echo "XML import completed!" else echo "XML import had warnings" fi # Basic maintenance php maintenance/update.php --quick || echo "Update completed with warnings" php maintenance/rebuildrecentchanges.php || echo "RecentChanges rebuilt with warnings" php maintenance/initSiteStats.php || echo "SiteStats initialized with warnings" if [ -f "/tmp/dump_info.txt" ]; then echo "Import: $(cat /tmp/dump_info.txt)" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import fi else echo "No XML dump found - starting with empty wiki" fi # Copy update script to accessible location cp /usr/src/update_xml.sh /var/www/html/update_xml.sh chmod +x /var/www/html/update_xml.sh # Create user-friendly update wrapper cat > /var/www/html/check_updates.sh << 'UPDATE_WRAPPER_EOF' #!/bin/bash echo "=== CompleteNoobs Wiki Update Checker ===" echo "" echo "This tool checks for new content from the CompleteNoobs XML repository" echo "and imports ONLY new pages, preserving all your local edits." echo "" /var/www/html/update_xml.sh UPDATE_WRAPPER_EOF chmod +x /var/www/html/check_updates.sh # Create simple status script cat > /var/www/html/check_status.sh << 'STATUS_EOF' #!/bin/bash cd /var/www/html echo "=== Wiki Status ===" echo "Pages: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "Error")" echo "Users: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM user WHERE user_id > 0;" -s -N 2>/dev/null || echo "Error")" echo "" echo "=== Extensions ===" if [ -d "extensions/PageNotice" ]; then echo "PageNotice: Installed" else echo "PageNotice: Not installed" fi if [ -d "extensions/YouTube" ]; then echo "YouTube: Installed" else echo "YouTube: Not installed" fi if [ -d "extensions/ContributionScores" ]; then echo "ContributionScores: Installed" else echo "ContributionScores: Not installed" fi echo "" echo "=== Update System ===" if [ -f ".last_import" ]; then echo "Current version: $(grep 'Import:' .last_import | cut -d' ' -f2)" echo "Import date: $(grep 'Date:' .last_import | cut -d' ' -f2-)" else echo "No version info available" fi echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" STATUS_EOF chmod +x /var/www/html/check_status.sh echo "" echo "Setup completed!" echo "Admin: admin / AdminPass123!" echo "Update scripts installed:" echo "- /var/www/html/check_updates.sh (user-friendly)" echo "- /var/www/html/update_xml.sh (direct)" # Final counts PAGES=$(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "0") echo "Pages imported: $PAGES" service mariadb stop </syntaxhighlight> === 2.4: XML Update Script === <syntaxhighlight lang="bash"> nano update_xml.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "=== CompleteNoobs Wiki XML Updater ===" echo "This will check for new and updated pages" echo "" # Function to check if running in container check_environment() { if [ ! -f "/var/www/html/LocalSettings.php" ]; then echo "Error: This script must be run inside the wiki container" exit 1 fi } # Function to get current XML version get_current_version() { if [ -f "/var/www/html/.last_import" ]; then grep "Import:" /var/www/html/.last_import | cut -d' ' -f2 else echo "none" fi } # Function to check for updates check_for_updates() { python3 - << 'PYTHON_EOF' import requests from bs4 import BeautifulSoup import re import sys BASE_URL = "https://xml.completenoobs.com/xmlDumps/" def parse_date_from_dump(dump_name): match = re.match(r'(\d{2})_(\d{2})_(\d{2})\.Noobs', dump_name) if match: day, month, year = match.groups() year_int = int(year) full_year = 2000 + year_int if year_int <= 49 else 1900 + year_int return (full_year, int(month), int(day)) return (0, 0, 0) def get_latest_dump(): try: response = requests.get(BASE_URL, timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') dumps = [link.get('href').rstrip('/') for link in soup.find_all('a') if re.match(r'\d{2}_\d{2}_\d{2}\.Noobs/$', link.get('href', ''))] if dumps: latest = sorted(dumps, key=parse_date_from_dump, reverse=True)[0] # Get XML files from latest dump response = requests.get(f"{BASE_URL}{latest}/", timeout=30) response.raise_for_status() soup = BeautifulSoup(response.text, 'html.parser') files = [link.get('href') for link in soup.find_all('a') if link.get('href', '').endswith('.xml')] if files: newest_xml = sorted(files, reverse=True)[0] print(f"{latest}/{newest_xml}") sys.exit(0) except Exception as e: print(f"ERROR: {e}", file=sys.stderr) sys.exit(1) print("ERROR: No dumps found", file=sys.stderr) sys.exit(1) get_latest_dump() PYTHON_EOF } # Function to download new XML download_xml() { local dump_info="$1" local dump_dir=$(echo "$dump_info" | cut -d'/' -f1) local xml_file=$(echo "$dump_info" | cut -d'/' -f2) local url="https://xml.completenoobs.com/xmlDumps/${dump_info}" echo "Downloading: $xml_file" echo "From: $dump_dir" echo "URL: $url" if wget -O /tmp/new_dump.xml "$url" --progress=bar:force 2>&1; then echo "Download successful!" return 0 else echo "Download failed!" return 1 fi } # Function to backup current database backup_database() { echo "Creating database backup..." TIMESTAMP=$(date +%Y%m%d_%H%M%S) mysqldump --user=wikiuser --password=wikipass completenoobs_wiki > /tmp/wiki_backup_${TIMESTAMP}.sql echo "Backup created: /tmp/wiki_backup_${TIMESTAMP}.sql" } # Function to analyze and import changes analyze_and_import() { echo "Analyzing differences between XML and local wiki..." # Create analysis and import script for MediaWiki 1.44+ cat > /tmp/analyze_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class AnalyzeAndImport extends Maintenance { private $db; private $new_pages = []; private $changed_pages = []; private $unchanged_pages = []; public function __construct() { parent::__construct(); $this->addDescription('Analyze and selectively import from XML dump'); } public function execute() { $this->db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // MediaWiki 1.35+ uses slots and content tables // Get existing pages with their content $query = " SELECT p.page_title, p.page_id, c.content_address, c.content_sha1 FROM page p JOIN revision r ON p.page_latest = r.rev_id JOIN slots s ON r.rev_id = s.slot_revision_id JOIN slot_roles sr ON s.slot_role_id = sr.role_id JOIN content c ON s.slot_content_id = c.content_id WHERE p.page_namespace = 0 AND sr.role_name = 'main' "; $result = $this->db->query($query); if (!$result) { $this->error("Database query failed: " . $this->db->error); return; } $existing = []; while ($row = $result->fetch_assoc()) { // Get actual text content $text_content = $this->getTextContent($row['content_address']); $existing[$row['page_title']] = [ 'id' => $row['page_id'], 'content' => $text_content, 'sha1' => $row['content_sha1'] ]; } // Parse XML and compare $xml = simplexml_load_file('/tmp/new_dump.xml'); foreach ($xml->page as $page) { $title = str_replace(' ', '_', (string)$page->title); $xml_content = (string)$page->revision->text; if (!isset($existing[$title])) { // New page $this->new_pages[$title] = $xml_content; } else { // Compare content using SHA1 for efficiency $xml_sha1 = sha1($xml_content); if ($existing[$title]['sha1'] !== $xml_sha1) { // Content is different $this->changed_pages[$title] = [ 'local' => $existing[$title]['content'], 'xml' => $xml_content, 'page_id' => $existing[$title]['id'] ]; } else { $this->unchanged_pages[] = $title; } } } // Display summary $this->output("\n=== Update Analysis ===\n"); $this->output("New pages to import: " . count($this->new_pages) . "\n"); $this->output("Changed pages found: " . count($this->changed_pages) . "\n"); $this->output("Unchanged pages: " . count($this->unchanged_pages) . "\n"); // Save analysis for review file_put_contents('/tmp/update_analysis.json', json_encode([ 'new' => array_keys($this->new_pages), 'changed' => array_keys($this->changed_pages), 'unchanged' => $this->unchanged_pages ], JSON_PRETTY_PRINT)); // Show changed pages with preview (limit to first 20 for readability) if (count($this->changed_pages) > 0) { $this->output("\n=== Changed Pages ===\n"); $count = 0; $total_changed = count($this->changed_pages); foreach ($this->changed_pages as $title => $data) { $count++; if ($count <= 20) { $this->output("\n$count. $title\n"); // Create a simple diff preview (first 300 chars) $xml_preview = substr($data['xml'], 0, 100); // Save full diff to file $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; file_put_contents($diff_file, "=== FULL DIFF FOR: $title ===\n\n"); file_put_contents($diff_file, "--- LOCAL VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['local'] . "\n\n", FILE_APPEND); file_put_contents($diff_file, "--- XML VERSION ---\n", FILE_APPEND); file_put_contents($diff_file, $data['xml'], FILE_APPEND); $this->output(" Preview: " . $xml_preview . "...\n"); } } if ($total_changed > 20) { $this->output("\n... and " . ($total_changed - 20) . " more changed pages.\n"); $this->output("All diff files saved to /tmp/diff_*.txt\n"); } } // Interactive selection if (count($this->new_pages) > 0 || count($this->changed_pages) > 0) { $this->output("\n=== Import Options ===\n"); $this->output("1. Import new pages only (preserve all local changes)\n"); $this->output("2. Import new pages + update ALL changed pages (overwrites local changes)\n"); $this->output("3. Selective import (choose which updates to apply)\n"); $this->output("4. Cancel (no changes)\n"); // Save state for import script WITHOUT the XML object $import_data = [ 'new_pages' => $this->new_pages, 'changed_pages' => $this->changed_pages, 'xml_file' => '/tmp/new_dump.xml' // Save path instead of object ]; file_put_contents('/tmp/import_data.ser', serialize($import_data)); } else { $this->output("\nNo changes detected. Your wiki is up to date!\n"); } } private function getTextContent($address) { // Handle different content storage formats in MW 1.35+ if (strpos($address, 'tt:') === 0) { // Text table reference $text_id = substr($address, 3); $result = $this->db->query("SELECT old_text FROM text WHERE old_id = $text_id"); if ($row = $result->fetch_assoc()) { return $row['old_text']; } } elseif (strpos($address, 'es:') === 0) { // External storage - would need special handling return "[External storage content]"; } // Direct content return $address; } } $maintClass = AnalyzeAndImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/analyze_import.php } # Function to perform selected import perform_import() { local choice=$1 cat > /tmp/do_import.php << 'PHP_EOF' <?php require_once '/var/www/html/maintenance/Maintenance.php'; class DoImport extends Maintenance { public function __construct() { parent::__construct(); $this->addOption('mode', 'Import mode', true, true); } public function execute() { $mode = $this->getOption('mode'); $data = unserialize(file_get_contents('/tmp/import_data.ser')); // Load XML file $xml = simplexml_load_file($data['xml_file']); $new_imported = 0; $updated = 0; // Import new pages (always for modes 1-3) if ($mode != '4') { foreach ($data['new_pages'] as $title => $content) { $this->importPage($title, $content, $xml); $new_imported++; $this->output("Imported new page: $title\n"); } } // Handle changed pages based on mode if ($mode == '2') { // Update all changed pages foreach ($data['changed_pages'] as $title => $info) { $this->output("Updating: $title\n"); if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated page: $title\n"); } else { $this->output("Failed to update: $title\n"); } } } elseif ($mode == '3') { // Selective update $this->output("\n=== Selective Import Mode ===\n"); $this->output("For each changed page, choose:\n"); $this->output(" y = yes, update this page\n"); $this->output(" n = no, keep local version\n"); $this->output(" d = show diff file\n"); $this->output(" a = update all remaining pages\n"); $this->output(" s = skip all remaining pages\n\n"); $update_all = false; $skip_all = false; foreach ($data['changed_pages'] as $title => $info) { if ($skip_all) { $this->output("Skipped: $title\n"); continue; } if ($update_all) { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } continue; } $this->output("\nPage: $title\n"); $this->output("Action (y/n/d/a/s): "); $handle = fopen("php://stdin", "r"); $line = trim(fgets($handle)); while ($line == 'd') { // Show diff $safe_title = preg_replace('/[^a-zA-Z0-9_-]/', '_', $title); $diff_file = "/tmp/diff_${safe_title}.txt"; if (file_exists($diff_file)) { system("head -50 $diff_file"); $this->output("\n[Showing first 50 lines - full file at $diff_file]\n"); } $this->output("Action (y/n/a/s): "); $line = trim(fgets($handle)); } if ($line == 'a') { $update_all = true; if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } } elseif ($line == 's') { $skip_all = true; $this->output("Skipped: $title\n"); } elseif ($line == 'y') { if ($this->reimportPage($title, $xml)) { $updated++; $this->output("Updated: $title\n"); } else { $this->output("Failed to update: $title\n"); } } else { $this->output("Skipped: $title\n"); } } } $this->output("\n=== Import Complete ===\n"); $this->output("New pages imported: $new_imported\n"); $this->output("Pages updated: $updated\n"); } private function importPage($title, $content, $xml) { // Create single page XML for import $tempFile = '/tmp/single_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } // Find and add the page foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } break; } } $singlePage->asXML($tempFile); exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1"); unlink($tempFile); } private function reimportPage($title, $xml) { // For updating existing pages, delete then reimport $db = new mysqli('127.0.0.1', 'wikiuser', 'wikipass', 'completenoobs_wiki'); // Delete the existing page $safe_title = $db->real_escape_string(str_replace(' ', '_', $title)); $db->query("DELETE FROM page WHERE page_title = '$safe_title' AND page_namespace = 0"); $db->close(); // Now import the new version foreach ($xml->page as $page) { if (str_replace(' ', '_', (string)$page->title) == $title) { $tempFile = '/tmp/update_page_' . md5($title) . '.xml'; $singlePage = new SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><mediawiki></mediawiki>'); if ($xml->siteinfo) { $siteinfo = $singlePage->addChild('siteinfo'); foreach ($xml->siteinfo->children() as $child) { $siteinfo->addChild($child->getName(), (string)$child); } } $newPage = $singlePage->addChild('page'); foreach ($page->children() as $child) { if ($child->getName() == 'revision') { $revision = $newPage->addChild('revision'); foreach ($child->children() as $revChild) { $revision->addChild($revChild->getName(), (string)$revChild); } } else { $newPage->addChild($child->getName(), (string)$child); } } $singlePage->asXML($tempFile); $result = exec("php /var/www/html/maintenance/importDump.php < $tempFile 2>&1", $output, $return); unlink($tempFile); return ($return === 0); } } return false; } } $maintClass = DoImport::class; require_once RUN_MAINTENANCE_IF_MAIN; PHP_EOF cd /var/www/html php /tmp/do_import.php --mode="$choice" } # Main execution main() { check_environment # Start MariaDB if not running service mariadb status > /dev/null 2>&1 || service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then break fi sleep 1 done CURRENT=$(get_current_version) echo "Current version: $CURRENT" echo "" echo "Checking for updates..." LATEST=$(check_for_updates 2>/dev/null) if [ $? -ne 0 ] || [ -z "$LATEST" ] || [[ "$LATEST" == *"ERROR"* ]]; then echo "Failed to check for updates" exit 1 fi echo "Latest available: $LATEST" echo "" # Always proceed to analysis even if versions match # (there might be content updates in the same version) echo "Proceeding with content analysis..." echo "" # Backup database backup_database # Download new XML if ! download_xml "$LATEST"; then echo "Failed to download new XML" exit 1 fi # Analyze differences analyze_and_import # Check if there are changes to import if [ -f "/tmp/import_data.ser" ]; then echo "" read -p "Choose option (1-4): " -n 1 -r echo if [[ $REPLY =~ ^[1-4]$ ]]; then if [ "$REPLY" != "4" ]; then perform_import "$REPLY" # Update version info echo "Import: $LATEST" > /var/www/html/.last_import echo "Date: $(date)" >> /var/www/html/.last_import # Rebuild indices echo "Rebuilding indices..." php maintenance/rebuildrecentchanges.php php maintenance/initSiteStats.php else echo "Update cancelled" fi else echo "Invalid option. Update cancelled" fi fi # Clean up temp files rm -f /tmp/import_data.ser /tmp/update_analysis.json /tmp/diff_*.txt /tmp/analyze_import.php /tmp/do_import.php 2>/dev/null echo "" echo "Done!" } # Run main function main "$@" </syntaxhighlight> === 2.5: Entrypoint Script === <syntaxhighlight lang="bash"> nano entrypoint.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash echo "Starting CompleteNoobs Wiki..." service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 1 done echo "" echo "CompleteNoobs Wiki ready at: http://localhost:8080" echo "Admin login: admin / AdminPass123!" echo "" echo "Features:" echo "- Complete wiki content imported from XML" echo "- License notices on all pages (via PageNotice)" echo "- SyntaxHighlight for code blocks" echo "- YouTube video embedding" echo "- Contribution Scores special page" echo "- XML update system (preserves local edits)" echo "" echo "To check for updates: docker exec -it completenoobs_wiki /var/www/html/check_updates.sh" echo "" apache2-foreground </syntaxhighlight> == Step 3: Build and Run == === 3.1: Build the Image === <syntaxhighlight lang="bash"> docker build -t completenoobs/wiki:latest . </syntaxhighlight> This will take several minutes. === 3.2: Run the Container === <syntaxhighlight lang="bash"> docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> * NOTE: The above <code>docker run</code> command is for quick testing, if you want to be able to export your wiki's database to an XML file you can backup and share, please use method in expanding info box below. <div class="toccolours mw-collapsible mw-collapsed"> If you want to be able to Export Your MediaWiki Database to Dated XML File - use this <code>docker run</code> method: <div class="mw-collapsible-content"> To export your MediaWiki database to a dated XML file (e.g., <code>20250901.xml</code>) and save it to the host’s <code>~/wiki-container</code> directory, run the export script inside the Docker container and use a volume mount to write the file to the host.<br><br> <b>Step 1: Create Host Directory</b><br> On the host, ensure the <code>~/wiki-container</code> directory exists:<br> <syntaxhighlight lang="bash"> mkdir -p ~/wiki-container </syntaxhighlight><br> <b>Step 2: Run Container with Volume Mount</b><br> If your container isn’t already using a volume for <code>~/wiki-container</code>, stop and remove it, then restart with a volume mount:<br> <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/cnoobs-wiki:0.1 </syntaxhighlight><br> <b>Step 3: Run Export Script in Container</b><br> Access the container’s shell:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> Inside the container, run the export script to create a dated XML file:<br> <syntaxhighlight lang="bash"> DATE=$(date +%Y%m%d) php /var/www/html/maintenance/run.php dumpBackup.php --full --output=file:/export/$DATE.xml exit </syntaxhighlight> This writes the file (e.g., <code>20250901.xml</code>) to <code>/export</code> in the container, which maps to <code>~/wiki-container</code> on the host.<br><br> <b>Step 4: Verify the File</b><br> On the host, check for the XML file:<br> <syntaxhighlight lang="bash"> ls ~/wiki-container </syntaxhighlight> You should see a file like <code>20250901.xml</code>.<br><br> <b>Notes</b><br> - If you encounter permission issues, ensure the container’s user has write access to <code>/export</code>:<br> <syntaxhighlight lang="bash"> chmod -R 777 /export </syntaxhighlight> - The script must be run inside the container, as it requires MediaWiki’s environment and database access.<br> - If your container uses a different volume setup, adjust the mount point accordingly. </div> </div> == Step 4: Test Everything == === 4.1: Check the Wiki === * Visit: http://localhost:8080 * You should see the PageNotice at the top * Login with: admin / AdminPass123! {{:Restore_the_completenoobs_Main_Page}} <div class="toccolours mw-collapsible mw-collapsed"> Change Admin Password: <div class="mw-collapsible-content"> By default, the admin user's password is <code>AdminPass123!</code>. It's highly recommended to change this immediately. You can do this either through the wiki's web interface or directly in the Docker terminal.<br><br> <b>Method 1: Change Password via Web Interface</b><br> This is the easiest method. You can change your password directly from the wiki itself.<br> 1. Log in to your wiki with the default credentials: <code>admin</code> / <code>AdminPass123!</code>.<br> 2. Once logged in, click your username (<code>admin</code>) in the top-right corner of the page.<br> 3. From the drop-down menu, select <b>Preferences</b>.<br> 4. On the Preferences page, go to the <b>Password</b> tab.<br> 5. Enter the current password (<code>AdminPass123!</code>), then enter your new password twice.<br> 6. Click <b>Change password</b>.<br> Your password is now changed, and you will need to use the new one for future logins.<br><br> <b>Method 2: Change Password via Terminal (No-Email Reset)</b><br> If you have forgotten the password or prefer to use the command line, you can reset it directly inside the Docker container using a MediaWiki maintenance script.<br> 1. <b>Access the container's shell</b> with the following command from your host machine:<br> <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> 2. Once inside the container, use the <code>changePassword.php</code> maintenance script to change the password. This is the modern, recommended way to run MediaWiki maintenance scripts.<br> * Change <b>NEWPASSWORD</b> to your new password<br> <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD </syntaxhighlight> 3. Type <code>exit</code> to leave the container's shell.<br> The admin password has now been reset. You can log in to your wiki with the new password. </div> </div> === 4.2: Test Extensions === * '''YouTube''': Edit any page, add <code><youtube>N9qYF9DZPdw</youtube></code> * '''PageNotice''': Should already be visible at the top * '''SyntaxHighlight''': Add code blocks with <nowiki><code><syntaxhighlight lang="python">code here</syntaxhighlight></code></nowiki> === 4.3: Check Status === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki /var/www/html/check_status.sh </syntaxhighlight> == Step 5: XML Update Operations == *NOTE: update_xml.sh still needs alot of work, this just idea placeholder for now. === 5.1: Check for Updates (Interactive) === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki /var/www/html/check_updates.sh </syntaxhighlight> This will: * Check the CompleteNoobs XML repository for new dumps * Compare with your current version * Ask for confirmation before updating * Import ONLY new pages (preserves your edits) * Create a backup before making changes === 5.2: Force Update (Non-Interactive) === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki bash -c "echo 'y' | /var/www/html/update_xml.sh" </syntaxhighlight> === 5.3: Manual Update Process === <syntaxhighlight lang="bash"> # 1. Enter container docker exec -it completenoobs_wiki bash # 2. Check current version cat /var/www/html/.last_import # 3. Run update /var/www/html/check_updates.sh # 4. Exit container exit </syntaxhighlight> == Step 6: Troubleshooting Commands == === Access container shell: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> === Edit configuration: === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki nano /var/www/html/LocalSettings.php </syntaxhighlight> === Check logs: === <syntaxhighlight lang="bash"> docker logs completenoobs_wiki </syntaxhighlight> === View update logs: === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki tail -f /tmp/mediawiki-debug.log </syntaxhighlight> === Complete restart: === <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki completenoobs/wiki:latest </syntaxhighlight> == Expected Results == * Working wiki with imported CompleteNoobs content * PageNotice visible at top of all pages * All extensions functional * Text editors (nano/vim) available in container * Utility scripts for maintenance * XML update system that preserves local edits ==need to add== * way for user to backup there local custom wiki - xml exporter q6ac6bq9uc84g7tcpr03ryb3103nyri 0 197 653 2025-09-01T17:41:45Z AwesomO 5 Created page with "= Upload Your Docker Image to Docker Hub on Ubuntu 24.04 - Complete Beginner's Guide = This tutorial will walk you through uploading your first Docker image to Docker Hub, making it available for anyone to download and run. We'll use the CompleteNoobs Wiki image as our example. == What is Docker Hub? == Docker Hub is like GitHub but for Docker images. It's a cloud-based registry where you can: * Store your Docker images publicly (free) or privately (paid) * Share conta..." 653 wikitext text/x-wiki = Upload Your Docker Image to Docker Hub on Ubuntu 24.04 - Complete Beginner's Guide = This tutorial will walk you through uploading your first Docker image to Docker Hub, making it available for anyone to download and run. We'll use the CompleteNoobs Wiki image as our example. == What is Docker Hub? == Docker Hub is like GitHub but for Docker images. It's a cloud-based registry where you can: * Store your Docker images publicly (free) or privately (paid) * Share containers with the community * Download images others have created * Automate builds from GitHub repositories == Prerequisites == * Ubuntu 24.04 with Docker installed * A working Docker image (we'll use completenoobs/wiki:latest from the previous tutorial) * Internet connection * Email address for Docker Hub account == Step 1: Create Docker Hub Account == === 1.1: Sign Up === # Open your web browser # Navigate to: https://hub.docker.com # Click '''Sign Up''' button (top right) # Fill in the registration form: #* '''Docker ID''': Choose a unique username (e.g., "yourname" or "completenoobs") #* '''Email''': Your email address #* '''Password''': Strong password (mix of letters, numbers, symbols) # Complete the CAPTCHA # Click '''Sign Up''' # Verify your email (check inbox for Docker confirmation email) '''Important''': Your Docker ID becomes part of your image name (e.g., yourname/wiki:latest) === 1.2: Sign In to Docker Hub === # Return to https://hub.docker.com # Click '''Sign In''' # Enter your Docker ID and password # You'll see your Docker Hub dashboard == Step 2: Create Repository on Docker Hub == === 2.1: Create New Repository === # On Docker Hub dashboard, click '''Create Repository''' # Fill in repository details: #* '''Name''': <code>wiki</code> (or <code>completenoobs-wiki</code>) #* '''Description''': <code>CompleteNoobs Wiki - MediaWiki with pre-imported content from CompleteNoobs.com</code> #* '''Visibility''': Select '''Public''' (free) or '''Private''' (requires subscription) # Click '''Create''' You now have a repository at: <code>docker.io/yourdockerid/wiki</code> == Step 3: Login to Docker Hub from Terminal == === 3.1: Open Terminal === <syntaxhighlight lang="bash"> # Open terminal on Ubuntu 24.04 # You can use Ctrl+Alt+T or search for "Terminal" </syntaxhighlight> === 3.2: Login to Docker Hub === <syntaxhighlight lang="bash"> docker login </syntaxhighlight> You will see:<br> <syntaxhighlight lang="bash"> USING WEB-BASED LOGIN i Info → To sign in with credentials on the command line, use 'docker login -u <username>' Your one-time device confirmation code is: MPMR-BKUH Press ENTER to open your browser or submit your device code here: https://login.docker.com/activate Waiting for authentication in the browser… </syntaxhighlight> go to https://login.docker.com/activate and enter the <b>confirmation code</b>, after which you will be asked to sign into docker, after that your set. the terminal will change to include: <pre> WARNING! Your credentials are stored unencrypted in '/home/noob/.docker/config.json'. Configure a credential helper to remove this warning. See https://docs.docker.com/go/credential-store/ Login Succeeded </pre> == Step 4: Prepare Your Image == === 4.1: Check Your Local Images === <syntaxhighlight lang="bash"> docker images </syntaxhighlight> You should see: <syntaxhighlight lang="text"> REPOSITORY TAG IMAGE ID CREATED SIZE completenoobs/wiki latest abc123def456 2 hours ago 1.5GB </syntaxhighlight> === 4.2: Tag Your Image for Docker Hub === Replace <code>wiki</code> with your repo name Replace <code>yourdockerid</code> with your actual Docker ID: * Syntax:<code>docker tag YOURDOCKERID/YOUR_REPO_NAME:VERSION</code> <syntaxhighlight lang="bash"> # Tag your image with your Docker Hub username docker tag completenoobs/wiki:latest yourdockerid/wiki:latest # Also create a version tag for better practice docker tag completenoobs/wiki:latest yourdockerid/wiki:1.0 # Verify the tags docker images docker images | grep wiki </syntaxhighlight> You should now see multiple tags for the same image ID. == Step 5: Push Image to Docker Hub == === 5.1: Push the Image === <syntaxhighlight lang="bash"> # Push the latest tag docker push yourdockerid/wiki:latest # Push the version tag docker push yourdockerid/wiki:1.0 </syntaxhighlight> You'll see upload progress: <syntaxhighlight lang="text"> The push refers to repository [docker.io/yourdockerid/wiki] a1b2c3d4e5f6: Pushing [==============> ] 45.3MB/150MB 7g8h9i0j1k2l: Pushed 3m4n5o6p7q8r: Pushing [========> ] 25.6MB/100MB ... latest: digest: sha256:abc123... size: 3245 </syntaxhighlight> '''Note''': First push takes longer (uploads all layers). Subsequent pushes only upload changes. == Step 6: Verify Upload == === 6.1: Check on Docker Hub === # Go to: https://hub.docker.com/r/yourdockerid/wiki # You should see: #* Your repository #* Tags (latest, 1.0) #* Last pushed timestamp #* Image size #* Pull count (starts at 0) === 6.2: Update Repository Description === # Click on your repository # Click '''Manage Repository''' (gear icon) # Add a detailed description # Add README content (supports Markdown): <syntaxhighlight lang="markdown"> CompleteNoobs Wiki Docker Image Pre-configured MediaWiki with CompleteNoobs.com content - For Local Use. May require an update after first install - as for some reason some pages missing from first xml import ```bash docker exec -it completenoobs_wiki /var/www/html/check_updates.sh ``` ## Quick Start ```bash docker run -d -p 8080:80 yourdockerid/wiki:latest ``` ##Quick Start with Persistent Storage ```bash docker run -d -p 8080:80 \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/cnoobs-wiki:latest ``` ## Features - MediaWiki 1.44 - Pre-imported CompleteNoobs content - YouTube extension - PageNotice extension - SyntaxHighlight support - XML update system ## Default Credentials - Username: admin - Password: AdminPass123! ## Volumes - `/var/lib/mysql` - Database storage - `/var/www/html/images` - Uploaded images ## More Information Visit: https://completenoobs.com </syntaxhighlight> == Step 7: Test Download (Verify It Works) == === 7.1: Remove Local Images (Optional) === To truly test downloading from Docker Hub: <syntaxhighlight lang="bash"> # Stop and remove container if running docker stop completenoobs_wiki docker rm completenoobs_wiki # Remove local images docker rmi yourdockerid/wiki:latest docker rmi yourdockerid/wiki:1.0 docker rmi completenoobs/wiki:latest </syntaxhighlight> === 7.2: Pull From Docker Hub === <syntaxhighlight lang="bash"> # Pull your image from Docker Hub docker pull yourdockerid/wiki:latest # Run it docker run -d -p 8080:80 --name test_wiki yourdockerid/wiki:latest # Check it's working docker logs test_wiki curl http://localhost:8080 </syntaxhighlight> == Step 8: Share With Others == === 8.1: Basic Run Command === Share this simple command for others to use your image: <syntaxhighlight lang="bash"> docker run -d -p 8080:80 yourdockerid/wiki:latest </syntaxhighlight> === 8.2: Docker Compose File === Create a <code>docker-compose.yml</code> for easier deployment: * With version 0.1 its all in one container so these commands do not really apply - just placeholder do now - will fix for 0.2 <syntaxhighlight lang="yaml"> version: '3.8' services: wiki: image: yourdockerid/wiki:latest container_name: completenoobs_wiki ports: - "8080:80" volumes: - mysql_data:/var/lib/mysql - wiki_images:/var/www/html/images restart: unless-stopped environment: - TZ=America/New_York # Adjust timezone volumes: mysql_data: wiki_images: </syntaxhighlight> == Step 9: Best Practices == === 9.1: Versioning === Always use version tags alongside 'latest': <syntaxhighlight lang="bash"> # Bad (only latest) docker push yourdockerid/wiki:latest # Good (version + latest) docker push yourdockerid/wiki:1.0 docker push yourdockerid/wiki:latest # When updating docker tag yourdockerid/wiki:latest yourdockerid/wiki:1.1 docker push yourdockerid/wiki:1.1 docker push yourdockerid/wiki:latest </syntaxhighlight> === 9.2: Image Size Optimization === Before pushing, consider reducing image size: <syntaxhighlight lang="bash"> # Check image size docker images yourdockerid/wiki # Remove unnecessary files in Dockerfile # Use multi-stage builds if possible # Clean package manager cache </syntaxhighlight> === 9.3: Security === * Never include passwords in image (use environment variables) * Regularly update base images * Scan for vulnerabilities: <syntaxhighlight lang="bash"> # Docker Scout (built-in to Docker Desktop) docker scout cves yourdockerid/wiki:latest # Or use Trivy docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \ aquasec/trivy image yourdockerid/wiki:latest </syntaxhighlight> == Step 10: Maintain Your Image == === 10.1: Update Your Image === When you need to update: <syntaxhighlight lang="bash"> # 1. Make changes to Dockerfile or scripts cd ~/completenoobs-docker-image # 2. Rebuild with new version docker build -t yourdockerid/wiki:1.1 . # 3. Test locally docker run -d -p 8080:80 --name test yourdockerid/wiki:1.1 # ... test everything works ... docker stop test && docker rm test # 4. Tag as latest docker tag yourdockerid/wiki:1.1 yourdockerid/wiki:latest # 5. Push both tags docker push yourdockerid/wiki:1.1 docker push yourdockerid/wiki:latest # 6. Update Docker Hub description with changelog </syntaxhighlight> === 10.2: Monitor Usage === Check Docker Hub regularly for: * Pull count (how many times downloaded) * User issues (check if you've linked a GitHub repo) * Security scanning results = Backup Docker Image Locally = To back up a Docker image locally as a .tar file, which can then be stored on an external drive or transferred to another server, follow these steps. == Steps == === Save the Docker Image to a .tar File === Use the <code>docker save</code> command to export the image to a tarball: <pre> docker save -o /path/to/backup/my-image.tar my-image:latest </pre> * <code>-o</code>: Specifies the output file path (e.g., <code>/path/to/backup/my-image.tar</code>). * <code>my-image:latest</code>: The name and tag of the image to back up. Example: <pre> docker save -o /home/user/backups/my-image.tar my-image:latest </pre> === Verify the Tarball === Ensure the .tar file was created: <pre> ls -lh /path/to/backup/my-image.tar </pre> === Store on an External Drive === To store the image on an external drive (e.g., mounted at <code>/mnt/external</code>): # Copy the .tar file to the external drive: <pre> cp /path/to/backup/my-image.tar /mnt/external/ </pre> # Verify the file on the external drive: <pre> ls /mnt/external/ </pre> # Safely unmount the external drive after copying: <pre> sudo umount /mnt/external </pre> = Send Docker Image to Another Server = To transfer the saved Docker image to another server, use tools like <code>scp</code>, <code>rsync</code>, or <code>sftp</code> to securely copy the .tar file. == Steps == === Save the Docker Image === Follow the same <code>docker save</code> step as above to create the .tar file: <pre> docker save -o /path/to/backup/my-image.tar my-image:latest </pre> === Transfer the Image to Another Server === Use <code>scp</code> to copy the .tar file to the remote server: <pre> scp /path/to/backup/my-image.tar user@remote-server:/path/to/destination/ </pre> * Replace <code>user</code> with the remote server's username. * Replace <code>remote-server</code> with the server's IP address or hostname. * Replace <code>/path/to/destination/</code> with the destination path on the remote server. Example: <pre> scp /home/user/backups/my-image.tar admin@192.168.1.100:/home/admin/backups/ </pre> === Load the Image on the Remote Server === On the remote server, use <code>docker load</code> to import the .tar file into Docker: <pre> docker load -i /path/to/destination/my-image.tar </pre> Example: <pre> docker load -i /home/admin/backups/my-image.tar </pre> Verify the image is loaded: <pre> docker images </pre> = Additional Tips = == Compress the Image (Optional) == To save space, compress the .tar file before storing or transferring: <pre> gzip /path/to/backup/my-image.tar </pre> This creates <code>my-image.tar.gz</code>. To decompress on the destination: <pre> gunzip /path/to/backup/my-image.tar.gz </pre> == Use rsync for Large Files == For large .tar files, <code>rsync</code> can be more reliable than <code>scp</code>: <pre> rsync -avz /path/to/backup/my-image.tar user@remote-server:/path/to/destination/ </pre> == Automate Backups == Create a script (e.g., <code>backup_docker.sh</code>) to automate backups: <pre> #!/bin/bash IMAGE_NAME="my-image:latest" BACKUP_PATH="/home/user/backups" TIMESTAMP=$(date +%F_%H-%M-%S) docker save -o "$BACKUP_PATH/my-image-$TIMESTAMP.tar" $IMAGE_NAME </pre> Make it executable: <pre> chmod +x backup_docker.sh </pre> Schedule it with cron: <pre> crontab -e </pre> Add a line to run daily at midnight: <pre> 0 0 * * * /path/to/backup_docker.sh </pre> == Check Disk Space == Before saving or copying, ensure there's enough disk space: <pre> df -h /path/to/backup df -h /mnt/external </pre> = Restoring the Image Locally = To restore the image from an external drive or a local .tar file: <pre> docker load -i /path/to/backup/my-image.tar </pre> Verify: <pre> docker images </pre> == Common Issues and Solutions == === Issue: "denied: requested access to the resource is denied" === '''Solution''': You're not logged in or using wrong username <syntaxhighlight lang="bash"> docker logout docker login # Make sure to use YOUR Docker ID in the tag docker tag completenoobs/wiki:latest YOURDOCKERID/wiki:latest </syntaxhighlight> === Issue: "name unknown: repository name must be lowercase" === '''Solution''': Docker Hub requires lowercase names <syntaxhighlight lang="bash"> # Wrong docker tag image:latest YourName/Wiki:latest # Correct docker tag image:latest yourname/wiki:latest </syntaxhighlight> === Issue: Push takes forever === '''Solution''': Large images take time on first push * Be patient (can take 30+ minutes for large images) * Ensure stable internet connection * Consider optimizing image size * Use <code>.dockerignore</code> file to exclude unnecessary files === Issue: "filesystem layer verification failed" === '''Solution''': Corrupted layer, rebuild and repush <syntaxhighlight lang="bash"> docker build --no-cache -t yourdockerid/wiki:latest . docker push yourdockerid/wiki:latest </syntaxhighlight> === Issue: Error response from daemon: Get "https://registry-1.docker.io/v2/completenoobs/cnoobs-wiki/manifests/sha256:d6cc": net/http: TLS handshake timeout=== If then pulling a container <code>docker pull completenoobs/cnoobs-wiki:0.1</code> you see this error: <pre> Error response from daemon: Get "https://registry-1.docker.io/v2/completenoobs/cnoobs-wiki/manifests/sha256:d6cc65ee8f9716986c6b406a9c037b18ab3cf39326b21b42c6ad0d84c80693f4": net/http: TLS handshake timeout </pre> * Then restart docker <pre> sudo systemctl restart docker </pre> == Example Commands Summary == For quick reference, here are all the essential commands: <syntaxhighlight lang="bash"> # Login to Docker Hub docker login # Tag your image docker tag completenoobs/wiki:latest yourdockerid/wiki:latest docker tag completenoobs/wiki:latest yourdockerid/wiki:1.0 # Push to Docker Hub docker push yourdockerid/wiki:latest docker push yourdockerid/wiki:1.0 # Others can now pull and run docker pull yourdockerid/wiki:latest docker run -d -p 8080:80 yourdockerid/wiki:latest # Logout when done docker logout </syntaxhighlight> 7w9wxwc4zwp0fliiih97ba0peifckyt 0 198 668 2025-09-02T10:21:02Z AwesomO 5 Created page with "<div class="toccolours mw-collapsible mw-collapsed"> Restore the completenoobs Main Page: <div class="mw-collapsible-content"> By default, the <code>completenoobs</code> MediaWiki instance overwrites the Main Page with content like "<strong>MediaWiki has been installed.</strong>" To revert to the page’s state before this change, undo the initial revision:<br><br> 1. Go to <code>http://localhost:8080</code> in your browser.<br> 2. On the Main Page, click <b>View Histo..." 668 wikitext text/x-wiki <div class="toccolours mw-collapsible mw-collapsed"> Restore the completenoobs Main Page: <div class="mw-collapsible-content"> By default, the <code>completenoobs</code> MediaWiki instance overwrites the Main Page with content like "<strong>MediaWiki has been installed.</strong>" To revert to the page’s state before this change, undo the initial revision:<br><br> 1. Go to <code>http://localhost:8080</code> in your browser.<br> 2. On the Main Page, click <b>View History</b> (top-right corner).<br> 3. Find the top revision by <code>MediaWiki default</code> and click <b>Undo</b>.<br> 4. Scroll down and click <b>Save changes</b> to revert the Main Page.<br><br> </div> </div> aq3yl07uwvns7x0dm7e3odbrktwi5c0 1 199 670 2025-09-02T10:38:21Z AwesomO 5 Created page with "* Enter in page - saves retyping <pre>{{:Restore_the_completenoobs_Main_Page}}</pre>" 670 wikitext text/x-wiki * Enter in page - saves retyping <pre>{{:Restore_the_completenoobs_Main_Page}}</pre> r49qlxr8pm84bv26gbkcurx71qbmlz7 0 200 672 2025-09-02T12:24:39Z AwesomO 5 Created page with " ==todo== * Use Dir for import export of xml. * Min scripts - just setup mediawiki with extensions. = Complete Noobs Docker Wiki Tutorial v0.2 = * Version 0.2 - Simplified with manual import/export * [[Docker_Install_Guide| Docker install guide]] == Overview == This tutorial creates a MediaWiki Docker container with: * MediaWiki 1.44 * PageNotice extension (for license notices) * YouTube extension (for video embedding) * Shared directory for XML import/export == Prere..." 672 wikitext text/x-wiki ==todo== * Use Dir for import export of xml. * Min scripts - just setup mediawiki with extensions. = Complete Noobs Docker Wiki Tutorial v0.2 = * Version 0.2 - Simplified with manual import/export * [[Docker_Install_Guide| Docker install guide]] == Overview == This tutorial creates a MediaWiki Docker container with: * MediaWiki 1.44 * PageNotice extension (for license notices) * YouTube extension (for video embedding) * Shared directory for XML import/export == Prerequisites == * Ubuntu 24.04 * Docker installed and running * Your user in docker group: <code>sudo usermod -aG docker $USER</code> (then logout/login) == Step 1: Create Directory Structure == === 1.1: Create Project Directory === <syntaxhighlight lang="bash"> mkdir ~/completenoobs-docker-v2 cd ~/completenoobs-docker-v2 </syntaxhighlight> === 1.2: Create Shared Directory === <syntaxhighlight lang="bash"> mkdir ~/wiki-container </syntaxhighlight> This directory will be used for importing and exporting XML files. == Step 2: Create All Files == === 2.1: Dockerfile === <syntaxhighlight lang="bash"> nano Dockerfile </syntaxhighlight> <syntaxhighlight lang="dockerfile"> FROM mediawiki:1.44 # Install dependencies RUN apt-get update && apt-get install -y \ mariadb-server \ python3-pygments \ curl \ wget \ unzip \ nano \ vim \ git \ && apt-get clean # Copy setup script COPY setup_wiki.sh /usr/src/setup_wiki.sh COPY entrypoint.sh /entrypoint.sh # Make executable RUN chmod +x /usr/src/setup_wiki.sh /entrypoint.sh # Setup wiki RUN /usr/src/setup_wiki.sh EXPOSE 80 VOLUME /var/lib/mysql VOLUME /var/www/html/images VOLUME /export ENTRYPOINT ["/entrypoint.sh"] </syntaxhighlight> === 2.2: Main Setup Script === <syntaxhighlight lang="bash"> nano setup_wiki.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "Setting up CompleteNoobs Wiki..." # Initialize MariaDB if [ ! -d "/var/lib/mysql/mysql" ]; then mysql_install_db --user=mysql --datadir=/var/lib/mysql fi service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 2 done # Setup database mysql -e "CREATE DATABASE IF NOT EXISTS completenoobs_wiki CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'127.0.0.1' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'127.0.0.1';" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'localhost' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'localhost';" mysql -e "FLUSH PRIVILEGES;" # Install MediaWiki cd /var/www/html php maintenance/install.php \ --dbtype=mysql \ --dbserver=127.0.0.1 \ --dbname=completenoobs_wiki \ --dbuser=wikiuser \ --dbpass=wikipass \ --server="http://localhost:8080" \ --scriptpath="" \ --lang=en \ --pass=AdminPass123! \ "CompleteNoobs Wiki" \ "admin" # Download and install extensions cd extensions/ echo "Installing PageNotice extension..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/PageNotice --branch REL1_44 || echo "PageNotice download failed, continuing..." echo "Installing YouTube extension..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/YouTube --branch REL1_44 || echo "YouTube download failed, continuing..." cd /var/www/html # Configure LocalSettings.php cat >> LocalSettings.php << 'EOF' # Basic settings $wgEnableUploads = true; $wgUseImageMagick = true; $wgImageMagickConvertCommand = "/usr/bin/convert"; $wgDefaultSkin = "vector-2022"; $wgAllowExternalImages = true; # Debug settings (remove in production) $wgShowExceptionDetails = true; $wgDebugLogFile = "/tmp/mediawiki-debug.log"; # PageNotice extension if ( file_exists( "$IP/extensions/PageNotice/extension.json" ) ) { wfLoadExtension( 'PageNotice' ); } # YouTube extension if ( file_exists( "$IP/extensions/YouTube/extension.json" ) ) { wfLoadExtension( 'YouTube' ); } # SyntaxHighlight (usually bundled) if ( file_exists( "$IP/extensions/SyntaxHighlight_GeSHi/extension.json" ) ) { wfLoadExtension( 'SyntaxHighlight_GeSHi' ); $wgPygmentizePath = '/usr/bin/pygmentize'; } EOF # Create helper scripts cat > /var/www/html/export_wiki.sh << 'EXPORT_EOF' #!/bin/bash echo "=== Wiki Export Tool ===" DATE=$(date +%Y%m%d) OUTPUT_FILE="/export/${DATE}_wiki_export.xml" echo "Exporting wiki to: $OUTPUT_FILE" php /var/www/html/maintenance/run.php dumpBackup.php --full --output=file:$OUTPUT_FILE if [ -f "$OUTPUT_FILE" ]; then echo "Export successful!" echo "File saved to: $OUTPUT_FILE" echo "On host system: ~/wiki-container/${DATE}_wiki_export.xml" else echo "Export failed!" fi EXPORT_EOF chmod +x /var/www/html/export_wiki.sh cat > /var/www/html/import_wiki.sh << 'IMPORT_EOF' #!/bin/bash echo "=== Wiki Import Tool ===" echo "" echo "Available XML files in /export:" ls -la /export/*.xml 2>/dev/null || echo "No XML files found" echo "" if [ -z "$1" ]; then echo "Usage: /var/www/html/import_wiki.sh <filename>" echo "Example: /var/www/html/import_wiki.sh /export/wiki.xml" exit 1 fi if [ ! -f "$1" ]; then echo "Error: File $1 not found!" exit 1 fi echo "Importing from: $1" echo "This may take several minutes..." php /var/www/html/maintenance/run.php importDump.php "$1" if [ $? -eq 0 ]; then echo "Import completed!" echo "Rebuilding indexes..." php /var/www/html/maintenance/run.php rebuildrecentchanges.php php /var/www/html/maintenance/run.php initSiteStats.php echo "Done!" else echo "Import failed! Check /tmp/mediawiki-debug.log for details" fi IMPORT_EOF chmod +x /var/www/html/import_wiki.sh # Create status check script cat > /var/www/html/check_status.sh << 'STATUS_EOF' #!/bin/bash cd /var/www/html echo "=== Wiki Status ===" echo "Pages: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "Error")" echo "Users: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM user WHERE user_id > 0;" -s -N 2>/dev/null || echo "Error")" echo "" echo "=== Extensions ===" if [ -d "extensions/PageNotice" ]; then echo "PageNotice: Installed ✓" else echo "PageNotice: Not installed ✗" fi if [ -d "extensions/YouTube" ]; then echo "YouTube: Installed ✓" else echo "YouTube: Not installed ✗" fi if [ -d "extensions/SyntaxHighlight_GeSHi" ]; then echo "SyntaxHighlight: Installed ✓" else echo "SyntaxHighlight: Not installed ✗" fi echo "" echo "=== Shared Directory ===" if [ -d "/export" ]; then echo "/export mounted ✓" echo "Files in /export:" ls -la /export/*.xml 2>/dev/null || echo " No XML files" else echo "/export not mounted ✗" fi STATUS_EOF chmod +x /var/www/html/check_status.sh echo "" echo "Setup completed!" echo "Admin: admin / AdminPass123!" service mariadb stop </syntaxhighlight> === 2.3: Entrypoint Script === <syntaxhighlight lang="bash"> nano entrypoint.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash echo "Starting CompleteNoobs Wiki..." service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 1 done echo "" echo "=========================================" echo "CompleteNoobs Wiki v0.2 Ready!" echo "=========================================" echo "" echo "Access: http://localhost:8080" echo "Admin: admin / AdminPass123!" echo "" echo "Features:" echo "- MediaWiki 1.44" echo "- PageNotice extension" echo "- YouTube extension" echo "- SyntaxHighlight extension" echo "- Import/Export via ~/wiki-container" echo "" echo "Available commands:" echo "- Export wiki: docker exec completenoobs_wiki /var/www/html/export_wiki.sh" echo "- Import XML: docker exec completenoobs_wiki /var/www/html/import_wiki.sh /export/filename.xml" echo "- Check status: docker exec completenoobs_wiki /var/www/html/check_status.sh" echo "" apache2-foreground </syntaxhighlight> == Step 3: Build and Run == === 3.1: Build the Image === <syntaxhighlight lang="bash"> docker build -t completenoobs/wiki:v0.2 . </syntaxhighlight> === 3.2: Run the Container with Shared Directory === <syntaxhighlight lang="bash"> docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/wiki:v0.2 </syntaxhighlight> == Step 4: Import/Export Operations == === 4.1: Import an XML File === * https://xml.completenoobs.com/xmlDumps/ ==== Place XML file in shared directory ==== <syntaxhighlight lang="bash"> # Copy your XML file to the shared directory cp ~/Downloads/completenoobs.xml ~/wiki-container/ </syntaxhighlight> ==== Import the file ==== * All files in host <code>wiki-container</code> directory will also be in the containers <code>/export/</code> directory. <syntaxhighlight lang="bash"> # Run the import command docker exec completenoobs_wiki /var/www/html/import_wiki.sh /export/completenoobs.xml </syntaxhighlight> {{:Restore_the_completenoobs_Main_Page}} === 4.2: Export Your Wiki === <syntaxhighlight lang="bash"> # Export wiki to dated XML file docker exec completenoobs_wiki /var/www/html/export_wiki.sh # Check the exported file ls -la ~/wiki-container/ </syntaxhighlight> === 4.3: Manual Import/Export (Advanced) === ==== Access container shell ==== <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> ==== Manual export with custom filename ==== <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php dumpBackup.php --full --output=file:/export/my_wiki_backup.xml exit </syntaxhighlight> ==== Manual import with options ==== <syntaxhighlight lang="bash"> # Basic import php /var/www/html/maintenance/run.php importDump.php /export/wiki.xml # Import with image uploads php /var/www/html/maintenance/run.php importDump.php --uploads /export/wiki.xml # Then rebuild indexes php /var/www/html/maintenance/run.php rebuildall.php exit </syntaxhighlight> == Step 5: Testing and Verification == === 5.1: Check Wiki Status === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki /var/www/html/check_status.sh </syntaxhighlight> === 5.2: Test Extensions === 1. Visit http://localhost:8080 2. Login with admin / AdminPass123! 3. Create or edit a page and test: * YouTube: Add <code><youtube>VIDEO_ID</youtube></code> * SyntaxHighlight: Add <nowiki><syntaxhighlight lang="python">print("Hello")</syntaxhighlight></nowiki> === 5.3: View Logs === <syntaxhighlight lang="bash"> # Container logs docker logs completenoobs_wiki # MediaWiki debug log docker exec completenoobs_wiki tail -f /tmp/mediawiki-debug.log </syntaxhighlight> == Step 6: Common Operations == === 6.1: Change Admin Password === ==== Via Web Interface ==== 1. Login at http://localhost:8080 2. Click username → Preferences 3. Go to Password tab 4. Change password ==== Via Terminal ==== <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD exit </syntaxhighlight> === 6.2: Backup Your Wiki === <syntaxhighlight lang="bash"> # Create dated backup docker exec completenoobs_wiki /var/www/html/export_wiki.sh # Copy to safe location cp ~/wiki-container/*_wiki_export.xml ~/backups/ </syntaxhighlight> === 6.3: Restore from Backup === <syntaxhighlight lang="bash"> # Place backup in shared directory cp ~/backups/20250101_wiki_export.xml ~/wiki-container/ # Import the backup docker exec completenoobs_wiki /var/www/html/import_wiki.sh /export/20250101_wiki_export.xml </syntaxhighlight> === 6.4: Complete Reset === <syntaxhighlight lang="bash"> # Stop and remove container docker stop completenoobs_wiki docker rm completenoobs_wiki # Remove volumes (WARNING: This deletes all data!) docker volume rm completenoobs_mysql completenoobs_images # Rebuild and start fresh docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/wiki:v0.2 </syntaxhighlight> == Troubleshooting == === Permission Issues === If you encounter permission errors with the shared directory: <syntaxhighlight lang="bash"> # Fix permissions on host chmod 777 ~/wiki-container </syntaxhighlight> === Import Failures === If imports fail, check: * File exists in ~/wiki-container * File is valid XML format * Sufficient disk space * Check debug log: <code>docker exec completenoobs_wiki tail /tmp/mediawiki-debug.log</code> === Container Won't Start === <syntaxhighlight lang="bash"> # Check logs docker logs completenoobs_wiki # Try interactive mode docker run -it --rm completenoobs/wiki:v0.2 bash </syntaxhighlight> == Summary == This setup provides: * Clean MediaWiki 1.44 installation * Essential extensions (PageNotice, YouTube, SyntaxHighlight) * Simple import/export via ~/wiki-container directory * No automatic updates - full control over your content * Easy backup and restore capabilities The shared directory approach gives you complete control over when and what to import/export, making it ideal for: * Migrating content between wikis * Regular backups * Sharing wiki content * Testing imports before applying to production 1ru6hr7lm2gvglk1lrwohh8yggpro6o 677 672 2025-09-02T14:42:36Z AwesomO 5 /* 5.2: Test Extensions */ 677 wikitext text/x-wiki ==todo== * Use Dir for import export of xml. * Min scripts - just setup mediawiki with extensions. = Complete Noobs Docker Wiki Tutorial v0.2 = * Version 0.2 - Simplified with manual import/export * [[Docker_Install_Guide| Docker install guide]] == Overview == This tutorial creates a MediaWiki Docker container with: * MediaWiki 1.44 * PageNotice extension (for license notices) * YouTube extension (for video embedding) * Shared directory for XML import/export == Prerequisites == * Ubuntu 24.04 * Docker installed and running * Your user in docker group: <code>sudo usermod -aG docker $USER</code> (then logout/login) == Step 1: Create Directory Structure == === 1.1: Create Project Directory === <syntaxhighlight lang="bash"> mkdir ~/completenoobs-docker-v2 cd ~/completenoobs-docker-v2 </syntaxhighlight> === 1.2: Create Shared Directory === <syntaxhighlight lang="bash"> mkdir ~/wiki-container </syntaxhighlight> This directory will be used for importing and exporting XML files. == Step 2: Create All Files == === 2.1: Dockerfile === <syntaxhighlight lang="bash"> nano Dockerfile </syntaxhighlight> <syntaxhighlight lang="dockerfile"> FROM mediawiki:1.44 # Install dependencies RUN apt-get update && apt-get install -y \ mariadb-server \ python3-pygments \ curl \ wget \ unzip \ nano \ vim \ git \ && apt-get clean # Copy setup script COPY setup_wiki.sh /usr/src/setup_wiki.sh COPY entrypoint.sh /entrypoint.sh # Make executable RUN chmod +x /usr/src/setup_wiki.sh /entrypoint.sh # Setup wiki RUN /usr/src/setup_wiki.sh EXPOSE 80 VOLUME /var/lib/mysql VOLUME /var/www/html/images VOLUME /export ENTRYPOINT ["/entrypoint.sh"] </syntaxhighlight> === 2.2: Main Setup Script === <syntaxhighlight lang="bash"> nano setup_wiki.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "Setting up CompleteNoobs Wiki..." # Initialize MariaDB if [ ! -d "/var/lib/mysql/mysql" ]; then mysql_install_db --user=mysql --datadir=/var/lib/mysql fi service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 2 done # Setup database mysql -e "CREATE DATABASE IF NOT EXISTS completenoobs_wiki CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'127.0.0.1' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'127.0.0.1';" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'localhost' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'localhost';" mysql -e "FLUSH PRIVILEGES;" # Install MediaWiki cd /var/www/html php maintenance/install.php \ --dbtype=mysql \ --dbserver=127.0.0.1 \ --dbname=completenoobs_wiki \ --dbuser=wikiuser \ --dbpass=wikipass \ --server="http://localhost:8080" \ --scriptpath="" \ --lang=en \ --pass=AdminPass123! \ "CompleteNoobs Wiki" \ "admin" # Download and install extensions cd extensions/ echo "Installing PageNotice extension..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/PageNotice --branch REL1_44 || echo "PageNotice download failed, continuing..." echo "Installing YouTube extension..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/YouTube --branch REL1_44 || echo "YouTube download failed, continuing..." cd /var/www/html # Configure LocalSettings.php cat >> LocalSettings.php << 'EOF' # Basic settings $wgEnableUploads = true; $wgUseImageMagick = true; $wgImageMagickConvertCommand = "/usr/bin/convert"; $wgDefaultSkin = "vector-2022"; $wgAllowExternalImages = true; # Debug settings (remove in production) $wgShowExceptionDetails = true; $wgDebugLogFile = "/tmp/mediawiki-debug.log"; # PageNotice extension if ( file_exists( "$IP/extensions/PageNotice/extension.json" ) ) { wfLoadExtension( 'PageNotice' ); } # YouTube extension if ( file_exists( "$IP/extensions/YouTube/extension.json" ) ) { wfLoadExtension( 'YouTube' ); } # SyntaxHighlight (usually bundled) if ( file_exists( "$IP/extensions/SyntaxHighlight_GeSHi/extension.json" ) ) { wfLoadExtension( 'SyntaxHighlight_GeSHi' ); $wgPygmentizePath = '/usr/bin/pygmentize'; } EOF # Create helper scripts cat > /var/www/html/export_wiki.sh << 'EXPORT_EOF' #!/bin/bash echo "=== Wiki Export Tool ===" DATE=$(date +%Y%m%d) OUTPUT_FILE="/export/${DATE}_wiki_export.xml" echo "Exporting wiki to: $OUTPUT_FILE" php /var/www/html/maintenance/run.php dumpBackup.php --full --output=file:$OUTPUT_FILE if [ -f "$OUTPUT_FILE" ]; then echo "Export successful!" echo "File saved to: $OUTPUT_FILE" echo "On host system: ~/wiki-container/${DATE}_wiki_export.xml" else echo "Export failed!" fi EXPORT_EOF chmod +x /var/www/html/export_wiki.sh cat > /var/www/html/import_wiki.sh << 'IMPORT_EOF' #!/bin/bash echo "=== Wiki Import Tool ===" echo "" echo "Available XML files in /export:" ls -la /export/*.xml 2>/dev/null || echo "No XML files found" echo "" if [ -z "$1" ]; then echo "Usage: /var/www/html/import_wiki.sh <filename>" echo "Example: /var/www/html/import_wiki.sh /export/wiki.xml" exit 1 fi if [ ! -f "$1" ]; then echo "Error: File $1 not found!" exit 1 fi echo "Importing from: $1" echo "This may take several minutes..." php /var/www/html/maintenance/run.php importDump.php "$1" if [ $? -eq 0 ]; then echo "Import completed!" echo "Rebuilding indexes..." php /var/www/html/maintenance/run.php rebuildrecentchanges.php php /var/www/html/maintenance/run.php initSiteStats.php echo "Done!" else echo "Import failed! Check /tmp/mediawiki-debug.log for details" fi IMPORT_EOF chmod +x /var/www/html/import_wiki.sh # Create status check script cat > /var/www/html/check_status.sh << 'STATUS_EOF' #!/bin/bash cd /var/www/html echo "=== Wiki Status ===" echo "Pages: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "Error")" echo "Users: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM user WHERE user_id > 0;" -s -N 2>/dev/null || echo "Error")" echo "" echo "=== Extensions ===" if [ -d "extensions/PageNotice" ]; then echo "PageNotice: Installed ✓" else echo "PageNotice: Not installed ✗" fi if [ -d "extensions/YouTube" ]; then echo "YouTube: Installed ✓" else echo "YouTube: Not installed ✗" fi if [ -d "extensions/SyntaxHighlight_GeSHi" ]; then echo "SyntaxHighlight: Installed ✓" else echo "SyntaxHighlight: Not installed ✗" fi echo "" echo "=== Shared Directory ===" if [ -d "/export" ]; then echo "/export mounted ✓" echo "Files in /export:" ls -la /export/*.xml 2>/dev/null || echo " No XML files" else echo "/export not mounted ✗" fi STATUS_EOF chmod +x /var/www/html/check_status.sh echo "" echo "Setup completed!" echo "Admin: admin / AdminPass123!" service mariadb stop </syntaxhighlight> === 2.3: Entrypoint Script === <syntaxhighlight lang="bash"> nano entrypoint.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash echo "Starting CompleteNoobs Wiki..." service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 1 done echo "" echo "=========================================" echo "CompleteNoobs Wiki v0.2 Ready!" echo "=========================================" echo "" echo "Access: http://localhost:8080" echo "Admin: admin / AdminPass123!" echo "" echo "Features:" echo "- MediaWiki 1.44" echo "- PageNotice extension" echo "- YouTube extension" echo "- SyntaxHighlight extension" echo "- Import/Export via ~/wiki-container" echo "" echo "Available commands:" echo "- Export wiki: docker exec completenoobs_wiki /var/www/html/export_wiki.sh" echo "- Import XML: docker exec completenoobs_wiki /var/www/html/import_wiki.sh /export/filename.xml" echo "- Check status: docker exec completenoobs_wiki /var/www/html/check_status.sh" echo "" apache2-foreground </syntaxhighlight> == Step 3: Build and Run == === 3.1: Build the Image === <syntaxhighlight lang="bash"> docker build -t completenoobs/wiki:v0.2 . </syntaxhighlight> === 3.2: Run the Container with Shared Directory === <syntaxhighlight lang="bash"> docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/wiki:v0.2 </syntaxhighlight> == Step 4: Import/Export Operations == === 4.1: Import an XML File === * https://xml.completenoobs.com/xmlDumps/ ==== Place XML file in shared directory ==== <syntaxhighlight lang="bash"> # Copy your XML file to the shared directory cp ~/Downloads/completenoobs.xml ~/wiki-container/ </syntaxhighlight> ==== Import the file ==== * All files in host <code>wiki-container</code> directory will also be in the containers <code>/export/</code> directory. <syntaxhighlight lang="bash"> # Run the import command docker exec completenoobs_wiki /var/www/html/import_wiki.sh /export/completenoobs.xml </syntaxhighlight> {{:Restore_the_completenoobs_Main_Page}} === 4.2: Export Your Wiki === <syntaxhighlight lang="bash"> # Export wiki to dated XML file docker exec completenoobs_wiki /var/www/html/export_wiki.sh # Check the exported file ls -la ~/wiki-container/ </syntaxhighlight> === 4.3: Manual Import/Export (Advanced) === ==== Access container shell ==== <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> ==== Manual export with custom filename ==== <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php dumpBackup.php --full --output=file:/export/my_wiki_backup.xml exit </syntaxhighlight> ==== Manual import with options ==== <syntaxhighlight lang="bash"> # Basic import php /var/www/html/maintenance/run.php importDump.php /export/wiki.xml # Import with image uploads php /var/www/html/maintenance/run.php importDump.php --uploads /export/wiki.xml # Then rebuild indexes php /var/www/html/maintenance/run.php rebuildall.php exit </syntaxhighlight> == Step 5: Testing and Verification == === 5.1: Check Wiki Status === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki /var/www/html/check_status.sh </syntaxhighlight> === 5.2: Test Extensions === 1. Visit http://localhost:8080 2. Login with admin / AdminPass123! 3. Create or edit a page and test: * YouTube: Add <code><youtube>gBML6zuUpK0</youtube></code> * SyntaxHighlight: Add <nowiki><syntaxhighlight lang="python">print("Hello")</syntaxhighlight></nowiki> === 5.3: View Logs === <syntaxhighlight lang="bash"> # Container logs docker logs completenoobs_wiki # MediaWiki debug log docker exec completenoobs_wiki tail -f /tmp/mediawiki-debug.log </syntaxhighlight> == Step 6: Common Operations == === 6.1: Change Admin Password === ==== Via Web Interface ==== 1. Login at http://localhost:8080 2. Click username → Preferences 3. Go to Password tab 4. Change password ==== Via Terminal ==== <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD exit </syntaxhighlight> === 6.2: Backup Your Wiki === <syntaxhighlight lang="bash"> # Create dated backup docker exec completenoobs_wiki /var/www/html/export_wiki.sh # Copy to safe location cp ~/wiki-container/*_wiki_export.xml ~/backups/ </syntaxhighlight> === 6.3: Restore from Backup === <syntaxhighlight lang="bash"> # Place backup in shared directory cp ~/backups/20250101_wiki_export.xml ~/wiki-container/ # Import the backup docker exec completenoobs_wiki /var/www/html/import_wiki.sh /export/20250101_wiki_export.xml </syntaxhighlight> === 6.4: Complete Reset === <syntaxhighlight lang="bash"> # Stop and remove container docker stop completenoobs_wiki docker rm completenoobs_wiki # Remove volumes (WARNING: This deletes all data!) docker volume rm completenoobs_mysql completenoobs_images # Rebuild and start fresh docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/wiki:v0.2 </syntaxhighlight> == Troubleshooting == === Permission Issues === If you encounter permission errors with the shared directory: <syntaxhighlight lang="bash"> # Fix permissions on host chmod 777 ~/wiki-container </syntaxhighlight> === Import Failures === If imports fail, check: * File exists in ~/wiki-container * File is valid XML format * Sufficient disk space * Check debug log: <code>docker exec completenoobs_wiki tail /tmp/mediawiki-debug.log</code> === Container Won't Start === <syntaxhighlight lang="bash"> # Check logs docker logs completenoobs_wiki # Try interactive mode docker run -it --rm completenoobs/wiki:v0.2 bash </syntaxhighlight> == Summary == This setup provides: * Clean MediaWiki 1.44 installation * Essential extensions (PageNotice, YouTube, SyntaxHighlight) * Simple import/export via ~/wiki-container directory * No automatic updates - full control over your content * Easy backup and restore capabilities The shared directory approach gives you complete control over when and what to import/export, making it ideal for: * Migrating content between wikis * Regular backups * Sharing wiki content * Testing imports before applying to production ddvenmaqjr810ktnt984hezplbwv5lc 678 677 2025-09-02T14:46:21Z AwesomO 5 /* 5.2: Test Extensions */ 678 wikitext text/x-wiki ==todo== * Use Dir for import export of xml. * Min scripts - just setup mediawiki with extensions. = Complete Noobs Docker Wiki Tutorial v0.2 = * Version 0.2 - Simplified with manual import/export * [[Docker_Install_Guide| Docker install guide]] == Overview == This tutorial creates a MediaWiki Docker container with: * MediaWiki 1.44 * PageNotice extension (for license notices) * YouTube extension (for video embedding) * Shared directory for XML import/export == Prerequisites == * Ubuntu 24.04 * Docker installed and running * Your user in docker group: <code>sudo usermod -aG docker $USER</code> (then logout/login) == Step 1: Create Directory Structure == === 1.1: Create Project Directory === <syntaxhighlight lang="bash"> mkdir ~/completenoobs-docker-v2 cd ~/completenoobs-docker-v2 </syntaxhighlight> === 1.2: Create Shared Directory === <syntaxhighlight lang="bash"> mkdir ~/wiki-container </syntaxhighlight> This directory will be used for importing and exporting XML files. == Step 2: Create All Files == === 2.1: Dockerfile === <syntaxhighlight lang="bash"> nano Dockerfile </syntaxhighlight> <syntaxhighlight lang="dockerfile"> FROM mediawiki:1.44 # Install dependencies RUN apt-get update && apt-get install -y \ mariadb-server \ python3-pygments \ curl \ wget \ unzip \ nano \ vim \ git \ && apt-get clean # Copy setup script COPY setup_wiki.sh /usr/src/setup_wiki.sh COPY entrypoint.sh /entrypoint.sh # Make executable RUN chmod +x /usr/src/setup_wiki.sh /entrypoint.sh # Setup wiki RUN /usr/src/setup_wiki.sh EXPOSE 80 VOLUME /var/lib/mysql VOLUME /var/www/html/images VOLUME /export ENTRYPOINT ["/entrypoint.sh"] </syntaxhighlight> === 2.2: Main Setup Script === <syntaxhighlight lang="bash"> nano setup_wiki.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash set -e echo "Setting up CompleteNoobs Wiki..." # Initialize MariaDB if [ ! -d "/var/lib/mysql/mysql" ]; then mysql_install_db --user=mysql --datadir=/var/lib/mysql fi service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 2 done # Setup database mysql -e "CREATE DATABASE IF NOT EXISTS completenoobs_wiki CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'127.0.0.1' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'127.0.0.1';" mysql -e "CREATE USER IF NOT EXISTS 'wikiuser'@'localhost' IDENTIFIED BY 'wikipass';" mysql -e "GRANT ALL PRIVILEGES ON completenoobs_wiki.* TO 'wikiuser'@'localhost';" mysql -e "FLUSH PRIVILEGES;" # Install MediaWiki cd /var/www/html php maintenance/install.php \ --dbtype=mysql \ --dbserver=127.0.0.1 \ --dbname=completenoobs_wiki \ --dbuser=wikiuser \ --dbpass=wikipass \ --server="http://localhost:8080" \ --scriptpath="" \ --lang=en \ --pass=AdminPass123! \ "CompleteNoobs Wiki" \ "admin" # Download and install extensions cd extensions/ echo "Installing PageNotice extension..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/PageNotice --branch REL1_44 || echo "PageNotice download failed, continuing..." echo "Installing YouTube extension..." git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/YouTube --branch REL1_44 || echo "YouTube download failed, continuing..." cd /var/www/html # Configure LocalSettings.php cat >> LocalSettings.php << 'EOF' # Basic settings $wgEnableUploads = true; $wgUseImageMagick = true; $wgImageMagickConvertCommand = "/usr/bin/convert"; $wgDefaultSkin = "vector-2022"; $wgAllowExternalImages = true; # Debug settings (remove in production) $wgShowExceptionDetails = true; $wgDebugLogFile = "/tmp/mediawiki-debug.log"; # PageNotice extension if ( file_exists( "$IP/extensions/PageNotice/extension.json" ) ) { wfLoadExtension( 'PageNotice' ); } # YouTube extension if ( file_exists( "$IP/extensions/YouTube/extension.json" ) ) { wfLoadExtension( 'YouTube' ); } # SyntaxHighlight (usually bundled) if ( file_exists( "$IP/extensions/SyntaxHighlight_GeSHi/extension.json" ) ) { wfLoadExtension( 'SyntaxHighlight_GeSHi' ); $wgPygmentizePath = '/usr/bin/pygmentize'; } EOF # Create helper scripts cat > /var/www/html/export_wiki.sh << 'EXPORT_EOF' #!/bin/bash echo "=== Wiki Export Tool ===" DATE=$(date +%Y%m%d) OUTPUT_FILE="/export/${DATE}_wiki_export.xml" echo "Exporting wiki to: $OUTPUT_FILE" php /var/www/html/maintenance/run.php dumpBackup.php --full --output=file:$OUTPUT_FILE if [ -f "$OUTPUT_FILE" ]; then echo "Export successful!" echo "File saved to: $OUTPUT_FILE" echo "On host system: ~/wiki-container/${DATE}_wiki_export.xml" else echo "Export failed!" fi EXPORT_EOF chmod +x /var/www/html/export_wiki.sh cat > /var/www/html/import_wiki.sh << 'IMPORT_EOF' #!/bin/bash echo "=== Wiki Import Tool ===" echo "" echo "Available XML files in /export:" ls -la /export/*.xml 2>/dev/null || echo "No XML files found" echo "" if [ -z "$1" ]; then echo "Usage: /var/www/html/import_wiki.sh <filename>" echo "Example: /var/www/html/import_wiki.sh /export/wiki.xml" exit 1 fi if [ ! -f "$1" ]; then echo "Error: File $1 not found!" exit 1 fi echo "Importing from: $1" echo "This may take several minutes..." php /var/www/html/maintenance/run.php importDump.php "$1" if [ $? -eq 0 ]; then echo "Import completed!" echo "Rebuilding indexes..." php /var/www/html/maintenance/run.php rebuildrecentchanges.php php /var/www/html/maintenance/run.php initSiteStats.php echo "Done!" else echo "Import failed! Check /tmp/mediawiki-debug.log for details" fi IMPORT_EOF chmod +x /var/www/html/import_wiki.sh # Create status check script cat > /var/www/html/check_status.sh << 'STATUS_EOF' #!/bin/bash cd /var/www/html echo "=== Wiki Status ===" echo "Pages: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM page;" -s -N 2>/dev/null || echo "Error")" echo "Users: $(mysql --user=wikiuser --password=wikipass completenoobs_wiki -e "SELECT COUNT(*) FROM user WHERE user_id > 0;" -s -N 2>/dev/null || echo "Error")" echo "" echo "=== Extensions ===" if [ -d "extensions/PageNotice" ]; then echo "PageNotice: Installed ✓" else echo "PageNotice: Not installed ✗" fi if [ -d "extensions/YouTube" ]; then echo "YouTube: Installed ✓" else echo "YouTube: Not installed ✗" fi if [ -d "extensions/SyntaxHighlight_GeSHi" ]; then echo "SyntaxHighlight: Installed ✓" else echo "SyntaxHighlight: Not installed ✗" fi echo "" echo "=== Shared Directory ===" if [ -d "/export" ]; then echo "/export mounted ✓" echo "Files in /export:" ls -la /export/*.xml 2>/dev/null || echo " No XML files" else echo "/export not mounted ✗" fi STATUS_EOF chmod +x /var/www/html/check_status.sh echo "" echo "Setup completed!" echo "Admin: admin / AdminPass123!" service mariadb stop </syntaxhighlight> === 2.3: Entrypoint Script === <syntaxhighlight lang="bash"> nano entrypoint.sh </syntaxhighlight> <syntaxhighlight lang="bash"> #!/bin/bash echo "Starting CompleteNoobs Wiki..." service mariadb start # Wait for MariaDB for i in {1..30}; do if mysql -e "SELECT 1;" &>/dev/null; then echo "MariaDB ready!" break fi sleep 1 done echo "" echo "=========================================" echo "CompleteNoobs Wiki v0.2 Ready!" echo "=========================================" echo "" echo "Access: http://localhost:8080" echo "Admin: admin / AdminPass123!" echo "" echo "Features:" echo "- MediaWiki 1.44" echo "- PageNotice extension" echo "- YouTube extension" echo "- SyntaxHighlight extension" echo "- Import/Export via ~/wiki-container" echo "" echo "Available commands:" echo "- Export wiki: docker exec completenoobs_wiki /var/www/html/export_wiki.sh" echo "- Import XML: docker exec completenoobs_wiki /var/www/html/import_wiki.sh /export/filename.xml" echo "- Check status: docker exec completenoobs_wiki /var/www/html/check_status.sh" echo "" apache2-foreground </syntaxhighlight> == Step 3: Build and Run == === 3.1: Build the Image === <syntaxhighlight lang="bash"> docker build -t completenoobs/wiki:v0.2 . </syntaxhighlight> === 3.2: Run the Container with Shared Directory === <syntaxhighlight lang="bash"> docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/wiki:v0.2 </syntaxhighlight> == Step 4: Import/Export Operations == === 4.1: Import an XML File === * https://xml.completenoobs.com/xmlDumps/ ==== Place XML file in shared directory ==== <syntaxhighlight lang="bash"> # Copy your XML file to the shared directory cp ~/Downloads/completenoobs.xml ~/wiki-container/ </syntaxhighlight> ==== Import the file ==== * All files in host <code>wiki-container</code> directory will also be in the containers <code>/export/</code> directory. <syntaxhighlight lang="bash"> # Run the import command docker exec completenoobs_wiki /var/www/html/import_wiki.sh /export/completenoobs.xml </syntaxhighlight> {{:Restore_the_completenoobs_Main_Page}} === 4.2: Export Your Wiki === <syntaxhighlight lang="bash"> # Export wiki to dated XML file docker exec completenoobs_wiki /var/www/html/export_wiki.sh # Check the exported file ls -la ~/wiki-container/ </syntaxhighlight> === 4.3: Manual Import/Export (Advanced) === ==== Access container shell ==== <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash </syntaxhighlight> ==== Manual export with custom filename ==== <syntaxhighlight lang="bash"> php /var/www/html/maintenance/run.php dumpBackup.php --full --output=file:/export/my_wiki_backup.xml exit </syntaxhighlight> ==== Manual import with options ==== <syntaxhighlight lang="bash"> # Basic import php /var/www/html/maintenance/run.php importDump.php /export/wiki.xml # Import with image uploads php /var/www/html/maintenance/run.php importDump.php --uploads /export/wiki.xml # Then rebuild indexes php /var/www/html/maintenance/run.php rebuildall.php exit </syntaxhighlight> == Step 5: Testing and Verification == === 5.1: Check Wiki Status === <syntaxhighlight lang="bash"> docker exec completenoobs_wiki /var/www/html/check_status.sh </syntaxhighlight> === 5.2: Test Extensions === 1. Visit http://localhost:8080 2. Login with admin / AdminPass123! 3. Create or edit a page and test: * YouTube: Add/Test <nowiki><youtube>gBML6zuUpK0</youtube></nowiki> <code><youtube>gBML6zuUpK0</youtube></code> * SyntaxHighlight: Add <nowiki><syntaxhighlight lang="python">print("Hello")</syntaxhighlight></nowiki> === 5.3: View Logs === <syntaxhighlight lang="bash"> # Container logs docker logs completenoobs_wiki # MediaWiki debug log docker exec completenoobs_wiki tail -f /tmp/mediawiki-debug.log </syntaxhighlight> == Step 6: Common Operations == === 6.1: Change Admin Password === ==== Via Web Interface ==== 1. Login at http://localhost:8080 2. Click username → Preferences 3. Go to Password tab 4. Change password ==== Via Terminal ==== <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD exit </syntaxhighlight> === 6.2: Backup Your Wiki === <syntaxhighlight lang="bash"> # Create dated backup docker exec completenoobs_wiki /var/www/html/export_wiki.sh # Copy to safe location cp ~/wiki-container/*_wiki_export.xml ~/backups/ </syntaxhighlight> === 6.3: Restore from Backup === <syntaxhighlight lang="bash"> # Place backup in shared directory cp ~/backups/20250101_wiki_export.xml ~/wiki-container/ # Import the backup docker exec completenoobs_wiki /var/www/html/import_wiki.sh /export/20250101_wiki_export.xml </syntaxhighlight> === 6.4: Complete Reset === <syntaxhighlight lang="bash"> # Stop and remove container docker stop completenoobs_wiki docker rm completenoobs_wiki # Remove volumes (WARNING: This deletes all data!) docker volume rm completenoobs_mysql completenoobs_images # Rebuild and start fresh docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/wiki:v0.2 </syntaxhighlight> == Troubleshooting == === Permission Issues === If you encounter permission errors with the shared directory: <syntaxhighlight lang="bash"> # Fix permissions on host chmod 777 ~/wiki-container </syntaxhighlight> === Import Failures === If imports fail, check: * File exists in ~/wiki-container * File is valid XML format * Sufficient disk space * Check debug log: <code>docker exec completenoobs_wiki tail /tmp/mediawiki-debug.log</code> === Container Won't Start === <syntaxhighlight lang="bash"> # Check logs docker logs completenoobs_wiki # Try interactive mode docker run -it --rm completenoobs/wiki:v0.2 bash </syntaxhighlight> == Summary == This setup provides: * Clean MediaWiki 1.44 installation * Essential extensions (PageNotice, YouTube, SyntaxHighlight) * Simple import/export via ~/wiki-container directory * No automatic updates - full control over your content * Easy backup and restore capabilities The shared directory approach gives you complete control over when and what to import/export, making it ideal for: * Migrating content between wikis * Regular backups * Sharing wiki content * Testing imports before applying to production kzvlmclil4vnnevlp6ab4j25atx87ss 0 201 673 2025-09-02T12:27:21Z AwesomO 5 Created page with "placeholder" 673 wikitext text/x-wiki placeholder ttq660buc3t1k9gdj9qcb1pc2td7nfc 676 673 2025-09-02T14:36:54Z AwesomO 5 676 wikitext text/x-wiki * [[CompleteNoobs_Docker_Image_0.2_Install_Basics| cnoobs-wiki 0.2 basic install guide]] c54mabyeyuw6mkey0p552vgy9rst6fi 0 202 674 2025-09-02T14:31:06Z AwesomO 5 Created page with " * Requires docker installed on system == Download image== * Download the completenoobs container image. <code>docker pull completenoobs/cnoobs-wiki:0.2</code> == Create directory for file sharing == * If you do not create this file - docker will create one for you when you run the <code>docker run</code> command. ** If docker run creates the file, you will not have permissions to send data to that directory. ** Change permission's if that happens <code>sudo chmod 777..." 674 wikitext text/x-wiki * Requires docker installed on system == Download image== * Download the completenoobs container image. <code>docker pull completenoobs/cnoobs-wiki:0.2</code> == Create directory for file sharing == * If you do not create this file - docker will create one for you when you run the <code>docker run</code> command. ** If docker run creates the file, you will not have permissions to send data to that directory. ** Change permission's if that happens <code>sudo chmod 777 ~/wiki-container</code> <code>mkdir ~/wiki-container</code> == Run image == <pre> docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/cnoobs-wiki:0.2 </pre> == Download XMl == * https://xml.completenoobs.com/xmlDumps/ Download an xml file, like:<code>01_09_25.Noobs.xml</code> * Move to <code>~/wiki-container/</code> directory == Import XML == <code>docker exec completenoobs_wiki /var/www/html/import_wiki.sh /export/01_09_25.Noobs.xml</code> == Check Wiki == * In browser go to this address <code>http://localhost:8080</code> <br> {{:Restore_the_completenoobs_Main_Page}} ==Change Admin Password== * Can be done with 'Web Browser GUI' or 'Terminal' * Default Password for user <b>Admin</b> = <code>AdminPass123!</code> === Via Web Interface === 1. Login at http://localhost:8080 2. Click username → Preferences 3. Go to Password tab 4. Change password === Via Terminal === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD exit </syntaxhighlight> ==Export a backup of your wiki== * This will create a backup of your wiki to a dated.xml file <code>20250902_wiki_export.xml</code>, which you can find in your <code>~/wiki-container</code> directory on host, or <code>/export/</code> directory in container. <code>docker exec completenoobs_wiki /var/www/html/export_wiki.sh</code> ==Remove container== To completely remove the <code>completenoobs/cnoobs-wiki:0.1</code> container and image from your Ubuntu 24.04 system, follow these steps. <br> You can also remove associated persistent storage volumes if they were created.<br><br> <b>Step 1: Stop and Remove the Container</b><br> If the container is running, stop it and then remove it.<br> <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki </syntaxhighlight> Alternatively, stop and remove in one command:<br> <syntaxhighlight lang="bash"> docker rm -f completenoobs_wiki </syntaxhighlight><br> <b>Step 2: Remove the Docker Image</b><br> Remove the <code>completenoobs/cnoobs-wiki:0.2</code> image.<br> <syntaxhighlight lang="bash"> docker rmi completenoobs/cnoobs-wiki:0.2 </syntaxhighlight> Note: If the image is in use by other containers, remove those containers first or use <code>docker rmi -f completenoobs/cnoobs-wiki:0.1</code> to force removal (use with caution).<br><br> <b>Step 3: Remove Persistent Storage Volumes (Optional)</b><br> If you used persistent storage, remove the associated volumes to free up space.<br> <syntaxhighlight lang="bash"> docker volume rm completenoobs_mysql completenoobs_images </syntaxhighlight> Note: Ensure no other containers are using these volumes, as this will delete all stored data.<br><br> <b>Step 4: Verify Removal</b><br> Check that the container, image, and volumes are removed.<br> - List all containers (including stopped ones):<br> <syntaxhighlight lang="bash"> docker ps -a </syntaxhighlight> - List all images:<br> <syntaxhighlight lang="bash"> docker images </syntaxhighlight> - List all volumes:<br> <syntaxhighlight lang="bash"> docker volume ls </syntaxhighlight> If any items remain, repeat the relevant removal commands or check for dependencies. fplp10i56lietmh0vna5p4w8chdrh63 675 674 2025-09-02T14:31:39Z AwesomO 5 /* Create directory for file sharing */ 675 wikitext text/x-wiki * Requires docker installed on system == Download image== * Download the completenoobs container image. <code>docker pull completenoobs/cnoobs-wiki:0.2</code> == Create directory for file sharing == * If you do not create this directory - docker will create one for you when you run the <code>docker run</code> command. ** If docker run creates the directory, you will not have permissions to send data to that directory. ** Change permission's if that happens <code>sudo chmod 777 ~/wiki-container</code> <code>mkdir ~/wiki-container</code> == Run image == <pre> docker run -d -p 8080:80 \ -v ~/wiki-container:/export \ -v completenoobs_mysql:/var/lib/mysql \ -v completenoobs_images:/var/www/html/images \ --name completenoobs_wiki \ completenoobs/cnoobs-wiki:0.2 </pre> == Download XMl == * https://xml.completenoobs.com/xmlDumps/ Download an xml file, like:<code>01_09_25.Noobs.xml</code> * Move to <code>~/wiki-container/</code> directory == Import XML == <code>docker exec completenoobs_wiki /var/www/html/import_wiki.sh /export/01_09_25.Noobs.xml</code> == Check Wiki == * In browser go to this address <code>http://localhost:8080</code> <br> {{:Restore_the_completenoobs_Main_Page}} ==Change Admin Password== * Can be done with 'Web Browser GUI' or 'Terminal' * Default Password for user <b>Admin</b> = <code>AdminPass123!</code> === Via Web Interface === 1. Login at http://localhost:8080 2. Click username → Preferences 3. Go to Password tab 4. Change password === Via Terminal === <syntaxhighlight lang="bash"> docker exec -it completenoobs_wiki bash php /var/www/html/maintenance/run.php changePassword.php --user=admin --password=NEWPASSWORD exit </syntaxhighlight> ==Export a backup of your wiki== * This will create a backup of your wiki to a dated.xml file <code>20250902_wiki_export.xml</code>, which you can find in your <code>~/wiki-container</code> directory on host, or <code>/export/</code> directory in container. <code>docker exec completenoobs_wiki /var/www/html/export_wiki.sh</code> ==Remove container== To completely remove the <code>completenoobs/cnoobs-wiki:0.1</code> container and image from your Ubuntu 24.04 system, follow these steps. <br> You can also remove associated persistent storage volumes if they were created.<br><br> <b>Step 1: Stop and Remove the Container</b><br> If the container is running, stop it and then remove it.<br> <syntaxhighlight lang="bash"> docker stop completenoobs_wiki docker rm completenoobs_wiki </syntaxhighlight> Alternatively, stop and remove in one command:<br> <syntaxhighlight lang="bash"> docker rm -f completenoobs_wiki </syntaxhighlight><br> <b>Step 2: Remove the Docker Image</b><br> Remove the <code>completenoobs/cnoobs-wiki:0.2</code> image.<br> <syntaxhighlight lang="bash"> docker rmi completenoobs/cnoobs-wiki:0.2 </syntaxhighlight> Note: If the image is in use by other containers, remove those containers first or use <code>docker rmi -f completenoobs/cnoobs-wiki:0.1</code> to force removal (use with caution).<br><br> <b>Step 3: Remove Persistent Storage Volumes (Optional)</b><br> If you used persistent storage, remove the associated volumes to free up space.<br> <syntaxhighlight lang="bash"> docker volume rm completenoobs_mysql completenoobs_images </syntaxhighlight> Note: Ensure no other containers are using these volumes, as this will delete all stored data.<br><br> <b>Step 4: Verify Removal</b><br> Check that the container, image, and volumes are removed.<br> - List all containers (including stopped ones):<br> <syntaxhighlight lang="bash"> docker ps -a </syntaxhighlight> - List all images:<br> <syntaxhighlight lang="bash"> docker images </syntaxhighlight> - List all volumes:<br> <syntaxhighlight lang="bash"> docker volume ls </syntaxhighlight> If any items remain, repeat the relevant removal commands or check for dependencies. mxoiwpa0469tr4so7fdjq6900vzgvgo 2 203 695 2025-12-17T14:14:48Z HiltonRoundtree 25 Created page with "I am part of this community. I’m from Megasto.com.ua. <br>Nothing to tell about me at all. <br>I’m really to be here and read. <br>Cheers.<br>Promo: C4bjWthY7dcX8qi<br><br>Here is my homepage; [https://megasto.com.ua/catalog/strichka_konve_rna_/ стрічка транспортерна]" 695 wikitext text/x-wiki I am part of this community. I’m from Megasto.com.ua. <br>Nothing to tell about me at all. <br>I’m really to be here and read. <br>Cheers.<br>Promo: C4bjWthY7dcX8qi<br><br>Here is my homepage; [https://megasto.com.ua/catalog/strichka_konve_rna_/ стрічка транспортерна] ra6eyj7rot1y0zmwp6bx0at2ks3eqyg 2 204 696 2025-12-19T19:42:58Z ReinaldoTonga76 27 Created page with "Эй, [https://kwork.ru/links/83541/dobavlyu-vashu-ssylku-v-sotsialnie-zakladki обратные ссылки] оптимизаторы — есть тут те, кто в теме, как работают бэки?<br>Сел считать эффективность и понял — пока не займёшься ссылочным — топа не будет.<br><br>Тестил разные методы — от краудов до гостевых постов,..." 696 wikitext text/x-wiki Эй, [https://kwork.ru/links/83541/dobavlyu-vashu-ssylku-v-sotsialnie-zakladki обратные ссылки] оптимизаторы — есть тут те, кто в теме, как работают бэки?<br>Сел считать эффективность и понял — пока не займёшься ссылочным — топа не будет.<br><br>Тестил разные методы — от краудов до гостевых постов, [http://1577-1772.com/board_tebG35/71954 обратные ссылки] но цены кусаются.<br>В итоге нашёл способ, [https://kwork.ru/integrated-promotion/30412436/pomoshch-dlya-vyvoda-v-top-odnogo-klyucha backlinks] который реально работает.<br>Кому интересно — зацените �� [https://kwork.ru/links/39772968/csylki-vidny-v-majestic-i-ahrefs-obratnie-ssylki-dlya-lyubogo-url обратные ссылки] .<br><br>Ребята подробно расписали схему.<br>Результаты приятно удивили — особенно по конкурентным запросам.<br><br>Не теряйте время на спам и дешёвые [https://kwork.ru/links/37177/zaregistriruyu-sayt-v-profilyakh-programmoy-khrumer обратные ссылки] — посмотрите этот вариант.<br>Кому нужно — ссылка выше �� jx612ze64rtczynrfreyybhy3rsdk9s 705 696 2026-01-04T22:17:53Z ReinaldoTonga76 27 Replaced content with "%About_Yourself%" 705 wikitext text/x-wiki %About_Yourself% ql27cvlrfv930h7hfp8ppwdq2qfehi1 710 705 2026-01-06T20:21:40Z AwesomO 5 Blanked the page 710 wikitext text/x-wiki phoiac9h4m842xq45sp7s6u21eteeq1 715 710 2026-02-23T08:21:33Z ReinaldoTonga76 27 715 wikitext text/x-wiki %About_Yourself% ql27cvlrfv930h7hfp8ppwdq2qfehi1 2 205 697 2025-12-23T09:48:17Z CalebBrummitt88 28 Created page with "Гостевые дома на сутки <br><br>Домики посуточно подойдут для больших компаний. <br><br>- Можно провести время всей семьёй. <br>- Находятся за городом или у моря. <br>- Атмосфера уюта и спокойствия.<br>[http://taketombo.la.coocan.jp/cgi/cot_bbs/yydhtml_b.cgi отели на сутки]<br><br>@airbn@b77" 697 wikitext text/x-wiki Гостевые дома на сутки <br><br>Домики посуточно подойдут для больших компаний. <br><br>- Можно провести время всей семьёй. <br>- Находятся за городом или у моря. <br>- Атмосфера уюта и спокойствия.<br>[http://taketombo.la.coocan.jp/cgi/cot_bbs/yydhtml_b.cgi отели на сутки]<br><br>@airbn@b77 fxfqxfsyyjkic5b18nvuzzyly6t71s1 702 697 2026-01-01T16:40:43Z CalebBrummitt88 28 702 wikitext text/x-wiki Часто натыкаюсь с вопросами по типу: «а как без проблем конвертировать крипту в рубли?. Причём, интересуются даже опытные.<br><br>Вроде бы вопрос ерундовый: нажал кнопку — получил деньги. Но вылезает куча нюансов. Чаще всего как только речь идёт про законность.<br><br>Так что захотелось поделиться нормальным объяснением без бюрократии.<br><br>Почему все боятся слова «легально»<br><br>Когда обсуждают про законный вывод, многие по привычке думают о налогах.<br><br>По факту официально — это не сложно. Это значит: ты работаешь через платформы, которые официально работают.<br><br>Ни один сервис не вынуждает обычного человека идти в серую зону.<br><br>Какие варианты реально работают<br><br>В текущих реалиях [https://hiddenwiki.co/index.php?title=Crypto_%D0%9E%D0%B1%D0%BC%D0%B5%D0%BD где можно обналичить криптовалюту в москве] выделить несколько адекватных вариантов.<br><br>Самый популярный — используя крупные криптосервисы. Ты продаёшь крипту, а затем выводишь рубли на счёт. [https://sakumc.org/xe/?document_srl=4109442 криптообменник купить]<br><br>Другой вариант — официальные обменники. В этом случае нужно проверять историю работы.<br><br>P2P вполне бывает законным, если проходит через биржу.<br><br><br>Почему крупные платформы — самый спокойный вариант<br><br>По тому, что видел отмечу: меньше всего проблем бывает как раз у известных бирж.<br><br>Там понятные правила, есть поддержка, а вся цепочка прозрачны.<br><br>Без иллюзий: [https://astrophoto.co.kr/board_mXxV16/280725 криптообменник купить] порой нужно пройти верификацию. Но ты уверен, что в итоге конвертируешь активы без сюрпризов.<br><br>Небольшой совет напоследок<br><br>Лично я советую одну простую стратегию: посмотреть сервис.<br><br>Обычно нужно немного времени, чтобы понять, [https://waselplatform.org/blog/index.php?entryid=818771 криптообменник купить] подходит ли эта платформа.<br><br><br>Официально обменять криптовалюту сейчас возможно. Ключевое — не рисковать зря.<br><br>Если у тебя есть что расска[https://www.scdmtj.com/home.php?mod=space&uid=1854756&do=profile продать btc за рубли]ть вывода — расскажи ниже. Будет интересно. [https://trevorjd.com/index.php/%D0%93%D0%B4%D0%B5_%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C_%D0%90%D0%BB%D1%8C%D1%82%D0%BA%D0%BE%D0%B8%D0%BD белорусские криптобиржи легальные] f4bjv3i4lrrdmtli32fego779gh0v85 716 702 2026-02-23T13:57:42Z CalebBrummitt88 28 Replaced content with "%About_Yourself%" 716 wikitext text/x-wiki %About_Yourself% ql27cvlrfv930h7hfp8ppwdq2qfehi1 2 207 699 2025-12-24T11:45:19Z ShellaMullin34 30 Created page with "Digital media fan interested in modern platforms, usability, and digital media development. Enjoys discovering well-designed websites and sharing real opinions.<br><br>Here is my homepage; [https://gay0day.com https://gay0day.com]" 699 wikitext text/x-wiki Digital media fan interested in modern platforms, usability, and digital media development. Enjoys discovering well-designed websites and sharing real opinions.<br><br>Here is my homepage; [https://gay0day.com https://gay0day.com] 6ziu6ti9sj9llq37totd2nwmhub3egj 0 208 700 2025-12-24T12:58:24Z LuigiTunstall 31 Created page with "In recent years, modern 18+ video platforms have started to evolve the way users interact with adult content. Instead of relying on old-fashioned layouts and overloaded pages, many platforms are now focusing on simple design and usability.<br><br>A thoughtfully designed interface allows users to find content faster and enjoy a more pleasant browsing experience. Features like clear navigation, smooth playback, and fast loading times have become increasingly important for..." 700 wikitext text/x-wiki In recent years, modern 18+ video platforms have started to evolve the way users interact with adult content. Instead of relying on old-fashioned layouts and overloaded pages, many platforms are now focusing on simple design and usability.<br><br>A thoughtfully designed interface allows users to find content faster and enjoy a more pleasant browsing experience. Features like clear navigation, smooth playback, and fast loading times have become increasingly important for modern audiences.<br><br>Another noticeable trend is the growing emphasis on overall experience. Platforms that prioritize speed and avoid unnecessary distractions tend to feel more trustworthy. This approach not only improves usability but also encourages users to stay longer.<br><br>As expectations continue to rise, 18+ video sites that invest in structure and user experience clearly stand out from the rest. The shift toward simplicity and quality-focused development shows that even adult platforms are adapting to modern web standards and user needs.<br><br>If you treasured this article and you simply would like to acquire more info about [https://gay0day.com/ https://gay0day.com/] please visit the site. kcth8xysvpgyeq0ejp02i4ptcfsr1b7 703 700 2026-01-03T20:16:06Z SusanneHolleran 34 703 wikitext text/x-wiki In recent years, modern 18+ video platforms have started to evolve the way users interact with adult content. Instead of relying on old-fashioned layouts and overloaded pages, many platforms are now focusing on clean design and usability.<br><br>A well-structured interface allows users to find content faster and enjoy a more pleasant browsing experience. Features like better categorization, stable playback, and fast loading times have become increasingly important for modern audiences.<br><br>Another noticeable trend is the growing emphasis on user comfort. Platforms that prioritize performance and avoid unnecessary distractions tend to feel more professional. This approach not only improves usability but also encourages users to return more often.<br><br>As expectations continue to rise, 18+ video sites that invest in design and UX clearly stand out from the rest. The shift toward simplicity and user-focused development shows that even adult platforms are adapting to modern web standards and user needs.<br><br>Here's more about [https://thetranny.com/search/mature-british-crossdresser/ https://thetranny.com/search/mature-british-crossdresser/] stop by our web site. ap3vuq0nny6qdkmek08oxdsqhdbgr28 704 703 2026-01-03T22:27:35Z SusanneHolleran 34 704 wikitext text/x-wiki In recent years, newer 18+ video websites have started to shift the way users interact with adult content. Instead of relying on old-fashioned layouts and overloaded pages, many platforms are now focusing on minimal design and ease of use.<br><br>A well-structured interface allows users to find content faster and enjoy a more relaxed browsing experience. Features like clear navigation, smooth playback, and optimized loading times have become increasingly important for modern audiences.<br><br>Another noticeable trend is the growing emphasis on overall experience. Platforms that prioritize performance and avoid unnecessary distractions tend to feel more polished. This approach not only improves usability but also encourages users to stay longer.<br><br>As expectations continue to rise, 18+ video sites that invest in design and UX clearly stand out from the rest. The shift toward minimalism and quality-focused development shows that even adult platforms are adapting to modern web standards and user needs.<br><br>If you have any type of questions concerning where and the best ways to make use of [https://thetranny.com/videos/78664/transerotica-ts-foxxy-jessy-dubai/ https://thetranny.com/videos/78664/transerotica-ts-foxxy-jessy-dubai/], you could contact us at our web page. mmn3879llba4x24hb5qgk86uswl30yx 709 704 2026-01-06T20:21:05Z AwesomO 5 Blanked the page 709 wikitext text/x-wiki phoiac9h4m842xq45sp7s6u21eteeq1 2 209 701 2025-12-24T13:15:22Z AmbroseStanbury 32 Created page with "Web content fan interested in emerging platforms, usability, and online media trends. Likes discovering user-friendly websites and posting honest opinions.<br><br>Feel free to surf to my page [https://zeenite.com/it/videos/36805/mommy-watches-porn-with-not-her-son/ https://zeenite.com/it/videos/36805/mommy-watches-porn-with-not-her-son/]" 701 wikitext text/x-wiki Web content fan interested in emerging platforms, usability, and online media trends. Likes discovering user-friendly websites and posting honest opinions.<br><br>Feel free to surf to my page [https://zeenite.com/it/videos/36805/mommy-watches-porn-with-not-her-son/ https://zeenite.com/it/videos/36805/mommy-watches-porn-with-not-her-son/] rp8ih1x13jiank01s11o1nzs6zcczxq 2 210 706 2026-01-05T22:06:40Z StephaniaEberhar 36 Created page with "Digital content fan interested in new platforms, UX, and online media evolution. Likes discovering clean websites and leaving honest opinions.<br><br>Take a look at my web-site ... [https://fanshionren.com https://fanshionren.com]" 706 wikitext text/x-wiki Digital content fan interested in new platforms, UX, and online media evolution. Likes discovering clean websites and leaving honest opinions.<br><br>Take a look at my web-site ... [https://fanshionren.com https://fanshionren.com] fkjki9bha01gpk4y6bqg03ercykm0cq 711 706 2026-01-06T20:22:16Z AwesomO 5 Blanked the page 711 wikitext text/x-wiki phoiac9h4m842xq45sp7s6u21eteeq1 2 212 708 2026-01-05T23:30:28Z ChandraArgueta 38 Created page with "Online media fan interested in emerging platforms, usability, and digital media development. Enjoys discovering well-designed websites and posting honest opinions.<br><br>My page [https://eroticezine.com https://eroticezine.com]" 708 wikitext text/x-wiki Online media fan interested in emerging platforms, usability, and digital media development. Enjoys discovering well-designed websites and posting honest opinions.<br><br>My page [https://eroticezine.com https://eroticezine.com] 6fhj8n3ac64duidbh5u8b1fk96umtyx 713 708 2026-01-06T20:23:02Z AwesomO 5 Blanked the page 713 wikitext text/x-wiki phoiac9h4m842xq45sp7s6u21eteeq1 0 214 725 2026-03-28T11:17:43Z AwesomO 5 Created page with "= WebRTC Video Chat on Ubuntu 24.04 with LXC — Complete Beginner's Guide = * This walk through is tested on a ubuntu-mate 24.04 host. ** Guide written with help from claude.ai for Ubuntu 24.04 LTS (Noble Numbat). Node.js 20 LTS. Last verified March 2026 This guide walks you through setting up a working browser-based WebRTC video/audio chat application. The signalling server will run inside an '''LXC container''' on your Ubuntu 24.04 host machine, and you will conne..." 725 wikitext text/x-wiki = WebRTC Video Chat on Ubuntu 24.04 with LXC — Complete Beginner's Guide = * This walk through is tested on a ubuntu-mate 24.04 host. ** Guide written with help from claude.ai for Ubuntu 24.04 LTS (Noble Numbat). Node.js 20 LTS. Last verified March 2026 This guide walks you through setting up a working browser-based WebRTC video/audio chat application. The signalling server will run inside an '''LXC container''' on your Ubuntu 24.04 host machine, and you will connect to it from your browser. == What You Will End Up With == * An LXC container running Ubuntu 24.04 * A Node.js signalling server inside that container * A static HTML/JS frontend served from the container * Two browser tabs (or two devices on your network) that can video/audio chat peer-to-peer == How It Works (Plain English) == WebRTC lets two browsers talk directly to each other for audio and video. But before they can do that, they need to '''find each other''' and '''agree on connection details'''. This is called '''signalling'''. Think of it like two people wanting to call each other — they first need to exchange phone numbers through a third party. The signalling server is that third party. Once the call is set up, the signalling server steps aside and the browsers talk directly. [Browser A] <--WebSocket--> [Signalling Server in LXC] <--WebSocket--> [Browser B] | (only used during setup) | [Browser A] <============ WebRTC peer-to-peer audio/video ============> [Browser B] ---- == Part 1: Set Up the LXC Container == === Step 1.1 — Install LXC on Your Host === Open a terminal on your Ubuntu 24.04 host and run: * <b>NOTE: you can also install lxd with snap packages on ubuntu.</b> sudo apt update sudo apt install lxc lxc-utils -y Check it installed correctly: lxc-checkconfig You should see mostly '''enabled''' next to each item. A few '''missing''' items are normal and will not affect this guide. === Step 1.2 — Create the Container === Create a new Ubuntu 24.04 container called <code>webrtc</code>: sudo lxc-create -n webrtc -t download -- -d ubuntu -r noble -a amd64 This downloads the Ubuntu 24.04 (Noble) image. It may take a minute or two. === Step 1.3 — Start the Container === sudo lxc-start -n webrtc Check it is running: sudo lxc-ls --fancy You should see <code>webrtc</code> listed with state '''RUNNING'''. === Step 1.4 — Log Into the Container === sudo lxc-attach -n webrtc Your prompt will change — you are now '''inside''' the container. Everything from here until told otherwise runs inside the container. === Step 1.5 — Update the Container === apt update && apt upgrade -y ---- == Part 2: Install Node.js Inside the Container == === Step 2.1 — Install Node.js === We will use the official NodeSource repository to get a recent version of Node.js: apt install -y curl curl -fsSL https://deb.nodesource.com/setup_20.x | bash - apt install -y nodejs Check the versions installed: node -v npm -v You should see something like <code>v20.x.x</code> and <code>10.x.x</code>. Any version of Node 18 or higher is fine. ---- == Part 3: Create the Signalling Server == === Step 3.1 — Create a Project Folder === mkdir /opt/webrtc cd /opt/webrtc === Step 3.2 — Initialise the Node Project === npm init -y This creates a <code>package.json</code> file. The <code>-y</code> flag just accepts all the defaults. === Step 3.3 — Install Dependencies === We need two packages: * '''express''' — a simple web server to serve the HTML frontend * '''socket.io''' — handles WebSocket connections for signalling npm install express socket.io === Step 3.4 — Create the Server File === * <b>NOTE: <code>nano</code> will need to be installed in the container with <code>apt install nano -y</code></b> Create the file: nano server.js Paste in the following code exactly. Use '''Ctrl+Shift+V''' to paste in the terminal: <syntaxhighlight lang="javascript"> const express = require('express'); const http = require('http'); const { Server } = require('socket.io'); const path = require('path'); const app = express(); const server = http.createServer(app); const io = new Server(server); // Serve the frontend HTML file app.use(express.static(path.join(__dirname, 'public'))); // Keep track of who is in each room const rooms = {}; io.on('connection', (socket) => { console.log('A user connected:', socket.id); // User wants to join a room socket.on('join', (room) => { socket.join(room); if (!rooms[room]) { rooms[room] = []; } // Tell the new user who is already in the room socket.emit('room-users', rooms[room]); // Add this user to the room list rooms[room].push(socket.id); console.log(`${socket.id} joined room: ${room}`); }); // Relay a WebRTC offer to a specific user socket.on('offer', ({ to, offer }) => { io.to(to).emit('offer', { from: socket.id, offer }); }); // Relay a WebRTC answer to a specific user socket.on('answer', ({ to, answer }) => { io.to(to).emit('answer', { from: socket.id, answer }); }); // Relay ICE candidates between peers socket.on('ice-candidate', ({ to, candidate }) => { io.to(to).emit('ice-candidate', { from: socket.id, candidate }); }); // Clean up when a user disconnects socket.on('disconnect', () => { for (const room in rooms) { rooms[room] = rooms[room].filter((id) => id !== socket.id); // Tell others in the room this user left socket.to(room).emit('user-left', socket.id); } console.log('User disconnected:', socket.id); }); }); const PORT = 3000; server.listen(PORT, '0.0.0.0', () => { console.log(`Signalling server running on port ${PORT}`); }); </syntaxhighlight> Save and exit: press '''Ctrl+X''', then '''Y''', then '''Enter'''. === Step 3.5 — Create the Frontend === Create a folder for the HTML file: mkdir public nano public/index.html Paste in the following: <syntaxhighlight lang="html"> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0"/> <title>WebRTC Chat</title> <style> * { box-sizing: border-box; margin: 0; padding: 0; } body { font-family: sans-serif; background: #1a1a2e; color: #eee; display: flex; flex-direction: column; align-items: center; padding: 20px; } h1 { margin-bottom: 20px; color: #e94560; } #join-area { margin-bottom: 20px; display: flex; gap: 10px; } input { padding: 10px; border-radius: 6px; border: none; font-size: 1rem; width: 200px; } button { padding: 10px 20px; background: #e94560; color: white; border: none; border-radius: 6px; cursor: pointer; font-size: 1rem; } button:hover { background: #c73652; } #videos { display: flex; flex-wrap: wrap; gap: 10px; justify-content: center; } video { width: 320px; height: 240px; background: #000; border-radius: 8px; border: 2px solid #e94560; } #status { margin-top: 15px; font-size: 0.9rem; color: #aaa; } </style> </head> <body> <h1>WebRTC Chat</h1> <div id="join-area"> <input id="room-input" type="text" placeholder="Enter room name" value="room1" /> <button onclick="joinRoom()">Join Room</button> </div> <div id="videos"> <video id="local-video" autoplay muted playsinline></video> </div> <p id="status">Enter a room name and click Join.</p> <!-- Socket.io client is served automatically by the server --> <script src="/socket.io/socket.io.js"></script> <script> const socket = io(); let localStream; const peers = {}; // peerId -> RTCPeerConnection // STUN server config — Google's free public STUN server const iceConfig = { iceServers: [{ urls: 'stun:stun.l.google.com:19302' }] }; async function joinRoom() { const room = document.getElementById('room-input').value.trim(); if (!room) return alert('Please enter a room name'); document.getElementById('status').textContent = 'Getting camera and microphone...'; try { localStream = await navigator.mediaDevices.getUserMedia({ video: true, audio: true }); document.getElementById('local-video').srcObject = localStream; } catch (err) { alert('Could not access camera/microphone: ' + err.message); return; } document.getElementById('status').textContent = `Joining room: ${room}`; socket.emit('join', room); } // Server tells us who is already in the room socket.on('room-users', async (users) => { document.getElementById('status').textContent = `In room. ${users.length} other(s) here.`; // Send an offer to each existing user for (const userId of users) { await createOffer(userId); } }); // A remote peer sent us an offer socket.on('offer', async ({ from, offer }) => { const pc = createPeerConnection(from); await pc.setRemoteDescription(new RTCSessionDescription(offer)); const answer = await pc.createAnswer(); await pc.setLocalDescription(answer); socket.emit('answer', { to: from, answer }); }); // A remote peer accepted our offer socket.on('answer', async ({ from, answer }) => { const pc = peers[from]; if (pc) await pc.setRemoteDescription(new RTCSessionDescription(answer)); }); // ICE candidate from a remote peer socket.on('ice-candidate', async ({ from, candidate }) => { const pc = peers[from]; if (pc && candidate) { try { await pc.addIceCandidate(new RTCIceCandidate(candidate)); } catch (e) {} } }); // A user left the room socket.on('user-left', (userId) => { if (peers[userId]) { peers[userId].close(); delete peers[userId]; } const el = document.getElementById('video-' + userId); if (el) el.remove(); document.getElementById('status').textContent = 'A user left the room.'; }); function createPeerConnection(peerId) { const pc = new RTCPeerConnection(iceConfig); peers[peerId] = pc; // Add our local tracks so the remote peer gets our video/audio localStream.getTracks().forEach((track) => pc.addTrack(track, localStream)); // When we get an ICE candidate, send it to the remote peer pc.onicecandidate = ({ candidate }) => { if (candidate) socket.emit('ice-candidate', { to: peerId, candidate }); }; // When we receive a remote track, display it pc.ontrack = ({ streams }) => { let videoEl = document.getElementById('video-' + peerId); if (!videoEl) { videoEl = document.createElement('video'); videoEl.id = 'video-' + peerId; videoEl.autoplay = true; videoEl.playsInline = true; document.getElementById('videos').appendChild(videoEl); } videoEl.srcObject = streams[0]; }; return pc; } async function createOffer(peerId) { const pc = createPeerConnection(peerId); const offer = await pc.createOffer(); await pc.setLocalDescription(offer); socket.emit('offer', { to: peerId, offer }); } </script> </body> </html> </syntaxhighlight> Save and exit: '''Ctrl+X''', '''Y''', '''Enter'''. ---- == Part 4: Run the Server == === Step 4.1 — Test it Manually First === Inside the container, run: node /opt/webrtc/server.js You should see: Signalling server running on port 3000 Press '''Ctrl+C''' to stop it for now. We will set it up to run automatically in the next step. === Step 4.2 — Find the Container's IP Address === You need this to access the server from your host browser. Open a '''second terminal on your host''' (not inside the container) and run: sudo lxc-ls --fancy Look for your <code>webrtc</code> container and note the IP address in the '''IPV4''' column. It will look something like <code>10.0.3.15</code>. === Step 4.3 — Set Up Auto-start with systemd === We want the server to start automatically when the container boots. Back inside the container, create a systemd service file: nano /etc/systemd/system/webrtc.service Paste in: <syntaxhighlight lang="ini"> [Unit] Description=WebRTC Signalling Server After=network.target [Service] Type=simple WorkingDirectory=/opt/webrtc ExecStart=/usr/bin/node /opt/webrtc/server.js Restart=on-failure RestartSec=5 [Install] WantedBy=multi-user.target </syntaxhighlight> Save and exit. Then enable and start it: systemctl daemon-reload systemctl enable webrtc systemctl start webrtc Check it is running: systemctl status webrtc You should see '''active (running)''' in green. ---- == Part 5: Configure the LXC Container to Auto-start == We also want the container itself to start when your host boots. Exit the container first (type <code>exit</code> or press '''Ctrl+D''' to return to your host terminal), then run: sudo nano /var/lib/lxc/webrtc/config Add these two lines at the bottom of the file: lxc.start.auto = 1 lxc.start.delay = 5 Save and exit. Now the container (and the signalling server inside it) will start automatically on boot. ---- == Part 6: Open the App in Your Browser == === Step 6.1 — Open the App === On your host machine, open a browser and go to: http://<container-ip>:3000 Replace <code><container-ip></code> with the IP address you noted in Step 4.2. For example: http://10.0.3.15:3000 You should see the WebRTC Chat page. === Step 6.2 — Test With Two Browser Tabs === # Open the app in '''Tab 1'''. Type a room name (e.g. <code>room1</code>) and click '''Join Room'''. Allow camera and microphone access when the browser asks. # Open the app in '''Tab 2''' (you can use a private/incognito window to get a separate camera stream). Type the '''same room name''' and click '''Join Room'''. The two tabs should now connect and you will see two video feeds. <div class="toccolours mw-collapsible mw-collapsed"> NOTE:If you see <code>Could not access camera/microphone: Cannot read properties of undefined (reading 'getUserMedia')</code> <div class="mw-collapsible-content"> * <b>NOTE: if you see <code>Could not access camera/microphone: Cannot read properties of undefined (reading 'getUserMedia')</code> Then you need to go to step 7 and setup HTTPS</b> This is the HTTPS issue mentioned in Part 7. Browsers block camera/microphone access on plain http:// from non-localhost addresses — navigator.mediaDevices is simply undefined on insecure origins. Since you're accessing via the container's IP (e.g. http://10.0.3.15:3000), the browser sees it as insecure and disables the API entirely. Quickest fix — use mkcert on your host:While you choose — here's a quick workaround you can do right now with zero config, if you just want to test immediately: Option: Chrome flag to allow insecure origins Open Chrome and go to: chrome://flags/#unsafely-treat-insecure-origin-as-secure Paste your container URL (e.g. http://10.0.3.15:3000) into the text box and enable it Relaunch Chrome when prompted This tells Chrome to treat that specific IP as secure, enabling getUserMedia. Only use this for local dev/testing — never on a production machine. Firefox equivalent: go to about:config, search for media.devices.insecure.enabled and set it to true. Once you pick your preferred HTTPS method above I'll give you the exact step-by-step commands to do it properly inside your LXC container. </div> </div> === Step 6.3 — Test From Another Device on Your Network === On any other device connected to the same Wi-Fi or LAN, open a browser and go to the same URL: http://<container-ip>:3000 Join the same room name and you should connect peer-to-peer with the other browser. '''Note:''' Camera and microphone access in browsers requires either <code>localhost</code> or a secure HTTPS connection. For testing on the same machine, <code>http://localhost</code> works fine. For other devices on your network, you may need to set up HTTPS (see Part 7). ---- == Part 7: (Optional) Enable HTTPS for Other Devices == Browsers block camera/microphone access on plain HTTP from non-localhost addresses. To use this from other devices on your network, you have two options: === Option A — Use a Self-Signed Certificate (Quick) === Inside the container: apt install -y openssl cd /opt/webrtc openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/CN=localhost" Edit <code>server.js</code> and replace the <code>http</code> section: <syntaxhighlight lang="javascript"> const https = require('https'); const fs = require('fs'); const server = https.createServer({ key: fs.readFileSync('/opt/webrtc/key.pem'), cert: fs.readFileSync('/opt/webrtc/cert.pem'), }, app); </syntaxhighlight> <div class="toccolours mw-collapsible mw-collapsed"> Appended <code>server.js</code> file: <div class="mw-collapsible-content"> <pre> const express = require('express'); const https = require('https'); const { Server } = require('socket.io'); const path = require('path'); const app = express(); const fs = require('fs'); const server = https.createServer({ key: fs.readFileSync('/opt/webrtc/key.pem'), cert: fs.readFileSync('/opt/webrtc/cert.pem'), }, app); const io = new Server(server); // Serve the frontend HTML file app.use(express.static(path.join(__dirname, 'public'))); // Keep track of who is in each room const rooms = {}; io.on('connection', (socket) => { console.log('A user connected:', socket.id); // User wants to join a room socket.on('join', (room) => { socket.join(room); if (!rooms[room]) { rooms[room] = []; } // Tell the new user who is already in the room socket.emit('room-users', rooms[room]); // Add this user to the room list rooms[room].push(socket.id); console.log(`${socket.id} joined room: ${room}`); }); // Relay a WebRTC offer to a specific user socket.on('offer', ({ to, offer }) => { io.to(to).emit('offer', { from: socket.id, offer }); }); // Relay a WebRTC answer to a specific user socket.on('answer', ({ to, answer }) => { io.to(to).emit('answer', { from: socket.id, answer }); }); // Relay ICE candidates between peers socket.on('ice-candidate', ({ to, candidate }) => { io.to(to).emit('ice-candidate', { from: socket.id, candidate }); }); // Clean up when a user disconnects socket.on('disconnect', () => { for (const room in rooms) { rooms[room] = rooms[room].filter((id) => id !== socket.id); // Tell others in the room this user left socket.to(room).emit('user-left', socket.id); } console.log('User disconnected:', socket.id); }); }); const PORT = 3000; server.listen(PORT, '0.0.0.0', () => { console.log(`Signalling server running on port ${PORT}`); }); </pre> </div> </div> Change <code>const http = require('http');</code> and <code>const server = http.createServer(app);</code> lines accordingly. Restart the service: systemctl restart webrtc Access via: https://<container-ip>:3000 Your browser will warn about the self-signed certificate — click '''Advanced''' and '''Proceed''' to continue. === Option B — Use mkcert (Trusted Certificate, Recommended) === <code>mkcert</code> creates locally trusted certificates without browser warnings. On your '''host machine''': sudo apt install mkcert mkcert -install mkcert <container-ip> This creates <code><container-ip>.pem</code> and <code><container-ip>-key.pem</code>. Copy them into the container and follow the same server.js edits as Option A. ---- == Part 8: Useful Commands Reference == === Managing the Container === {| class="wikitable" |- ! Command !! What it does |- | <code>sudo lxc-start -n webrtc</code> || Start the container |- | <code>sudo lxc-stop -n webrtc</code> || Stop the container |- | <code>sudo lxc-attach -n webrtc</code> || Open a shell inside the container |- | <code>sudo lxc-ls --fancy</code> || List containers and their status/IP |} === Managing the Server (run inside the container) === {| class="wikitable" |- ! Command !! What it does |- | <code>systemctl status webrtc</code> || Check if the server is running |- | <code>systemctl restart webrtc</code> || Restart the server |- | <code>systemctl stop webrtc</code> || Stop the server |- | <code>journalctl -u webrtc -f</code> || Watch live server logs |} ---- == Adding a ChatBox == * Added: ** A name input on the join screen so people aren't just "Anonymous" ** A chat panel on the right with message bubbles (your messages on the right, others on the left) ** Automatic link detection — any URL typed becomes a clickable link ** Enter to send, Shift+Enter for a newline ** A 500 character counter that turns red when you're close to the limit ** System messages when users join/leave ** A live peer count header showing how many others are in the room ** The textarea auto-resizes as you type * Edit <code>public/index.html</code> <div class="toccolours mw-collapsible mw-collapsed"> Appended <code>public/index.html</code> <div class="mw-collapsible-content"> <pre> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0"/> <title>WebRTC Chat</title> <link rel="preconnect" href="https://fonts.googleapis.com"> <link href="https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;600&family=IBM+Plex+Sans:wght@400;500;600&display=swap" rel="stylesheet"> <style> :root { --bg: #0d0f14; --surface: #161920; --border: #252932; --accent: #4ade80; --accent2: #22d3ee; --muted: #4b5263; --text: #e2e8f0; --subtext: #8892a4; --self-msg: #1a2e22; --other-msg:#161d2e; --danger: #f87171; } * { box-sizing: border-box; margin: 0; padding: 0; } body { font-family: 'IBM Plex Sans', sans-serif; background: var(--bg); color: var(--text); height: 100dvh; display: flex; flex-direction: column; overflow: hidden; } /* ── Top bar ── */ header { display: flex; align-items: center; gap: 12px; padding: 12px 20px; border-bottom: 1px solid var(--border); background: var(--surface); flex-shrink: 0; } header h1 { font-family: 'IBM Plex Mono', monospace; font-size: 1rem; color: var(--accent); letter-spacing: 0.05em; } #room-badge { font-family: 'IBM Plex Mono', monospace; font-size: 0.75rem; color: var(--subtext); background: var(--border); padding: 2px 10px; border-radius: 999px; display: none; } #status-dot { width: 8px; height: 8px; border-radius: 50%; background: var(--muted); margin-left: auto; flex-shrink: 0; transition: background 0.3s; } #status-dot.live { background: var(--accent); box-shadow: 0 0 6px var(--accent); } /* ── Main layout ── */ main { display: flex; flex: 1; overflow: hidden; } /* ── Join screen ── */ #join-screen { display: flex; flex-direction: column; align-items: center; justify-content: center; gap: 16px; flex: 1; padding: 40px 20px; } #join-screen h2 { font-family: 'IBM Plex Mono', monospace; font-size: 1.4rem; color: var(--accent); } #join-screen p { color: var(--subtext); font-size: 0.9rem; text-align: center; max-width: 340px; } .field-group { display: flex; flex-direction: column; gap: 8px; width: 100%; max-width: 320px; } .field-group label { font-size: 0.8rem; color: var(--subtext); font-family: 'IBM Plex Mono', monospace; } input[type="text"] { padding: 10px 14px; background: var(--surface); border: 1px solid var(--border); border-radius: 6px; color: var(--text); font-family: 'IBM Plex Sans', sans-serif; font-size: 0.95rem; width: 100%; transition: border-color 0.2s; outline: none; } input[type="text"]:focus { border-color: var(--accent); } button.primary { padding: 11px 24px; background: var(--accent); color: #0d0f14; border: none; border-radius: 6px; cursor: pointer; font-family: 'IBM Plex Mono', monospace; font-weight: 600; font-size: 0.9rem; width: 100%; max-width: 320px; transition: opacity 0.2s, transform 0.1s; } button.primary:hover { opacity: 0.85; } button.primary:active { transform: scale(0.98); } /* ── App layout (after join) ── */ #app { display: none; flex: 1; overflow: hidden; } #app.visible { display: flex; } /* ── Video panel ── */ #video-panel { display: flex; flex-direction: column; gap: 0; background: #0a0c10; border-right: 1px solid var(--border); overflow-y: auto; flex-shrink: 0; width: 340px; } @media (max-width: 700px) { #app.visible { flex-direction: column; } #video-panel { width: 100%; max-height: 220px; flex-direction: row; overflow-x: auto; overflow-y: hidden; border-right: none; border-bottom: 1px solid var(--border); } } .video-wrapper { position: relative; background: #000; } .video-wrapper video { width: 100%; display: block; aspect-ratio: 4/3; object-fit: cover; } .video-label { position: absolute; bottom: 6px; left: 8px; font-family: 'IBM Plex Mono', monospace; font-size: 0.7rem; color: #fff; background: rgba(0,0,0,0.55); padding: 2px 7px; border-radius: 4px; } /* ── Chat panel ── */ #chat-panel { display: flex; flex-direction: column; flex: 1; overflow: hidden; } #chat-header { padding: 10px 16px; border-bottom: 1px solid var(--border); font-family: 'IBM Plex Mono', monospace; font-size: 0.78rem; color: var(--subtext); background: var(--surface); flex-shrink: 0; } #messages { flex: 1; overflow-y: auto; padding: 16px; display: flex; flex-direction: column; gap: 10px; scroll-behavior: smooth; } #messages::-webkit-scrollbar { width: 4px; } #messages::-webkit-scrollbar-track { background: transparent; } #messages::-webkit-scrollbar-thumb { background: var(--border); border-radius: 2px; } /* System messages */ .msg-system { text-align: center; font-size: 0.75rem; color: var(--muted); font-family: 'IBM Plex Mono', monospace; padding: 2px 0; } /* Chat bubbles */ .msg-bubble { display: flex; flex-direction: column; gap: 3px; max-width: 85%; } .msg-bubble.self { align-self: flex-end; align-items: flex-end; } .msg-bubble.other { align-self: flex-start; align-items: flex-start; } .msg-meta { font-size: 0.7rem; color: var(--subtext); font-family: 'IBM Plex Mono', monospace; padding: 0 4px; } .msg-bubble.self .msg-meta { color: var(--accent); } .msg-text { padding: 9px 13px; border-radius: 12px; font-size: 0.9rem; line-height: 1.5; word-break: break-word; } .msg-bubble.self .msg-text { background: var(--self-msg); border: 1px solid rgba(74,222,128,0.2); border-bottom-right-radius: 3px; } .msg-bubble.other .msg-text { background: var(--other-msg); border: 1px solid var(--border); border-bottom-left-radius: 3px; } /* Links inside messages */ .msg-text a { color: var(--accent2); text-decoration: underline; text-underline-offset: 2px; word-break: break-all; } .msg-text a:hover { opacity: 0.8; } /* ── Input bar ── */ #input-bar { display: flex; gap: 8px; padding: 12px 16px; border-top: 1px solid var(--border); background: var(--surface); flex-shrink: 0; } #msg-input { flex: 1; padding: 10px 14px; background: var(--bg); border: 1px solid var(--border); border-radius: 8px; color: var(--text); font-family: 'IBM Plex Sans', sans-serif; font-size: 0.9rem; outline: none; resize: none; height: 42px; max-height: 120px; overflow-y: auto; transition: border-color 0.2s; } #msg-input:focus { border-color: var(--accent); } #send-btn { padding: 0 16px; background: var(--accent); color: #0d0f14; border: none; border-radius: 8px; cursor: pointer; font-family: 'IBM Plex Mono', monospace; font-weight: 600; font-size: 0.85rem; flex-shrink: 0; transition: opacity 0.2s; } #send-btn:hover { opacity: 0.85; } #char-count { font-size: 0.7rem; color: var(--muted); font-family: 'IBM Plex Mono', monospace; align-self: flex-end; padding-bottom: 4px; flex-shrink: 0; width: 36px; text-align: right; } #char-count.warn { color: var(--danger); } </style> </head> <body> <header> <h1>// webrtc</h1> <span id="room-badge"></span> <div id="status-dot" title="Connecting..."></div> </header> <!-- Join screen --> <div id="join-screen"> <h2>join a room</h2> <p>Enter your name and a room name. Anyone with the same room name will connect with you.</p> <div class="field-group"> <label>YOUR NAME</label> <input id="name-input" type="text" placeholder="e.g. Alice" maxlength="24" /> </div> <div class="field-group"> <label>ROOM NAME</label> <input id="room-input" type="text" placeholder="e.g. room1" value="room1" maxlength="32" /> </div> <button class="primary" onclick="joinRoom()">Join Room →</button> </div> <!-- App (shown after joining) --> <main> <div id="app"> <!-- Left: videos --> <div id="video-panel"> <div class="video-wrapper" id="local-wrapper"> <video id="local-video" autoplay muted playsinline></video> <div class="video-label" id="local-label">you</div> </div> </div> <!-- Right: chat --> <div id="chat-panel"> <div id="chat-header">MESSAGES — <span id="peer-count">0 others in room</span></div> <div id="messages"> <div class="msg-system">Chat is end-to-end via your server. Video is peer-to-peer.</div> </div> <div id="input-bar"> <textarea id="msg-input" placeholder="Type a message… (Enter to send, Shift+Enter for newline)" rows="1"></textarea> <span id="char-count">500</span> <button id="send-btn" onclick="sendMessage()">Send</button> </div> </div> </div> </main> <script src="/socket.io/socket.io.js"></script> <script> const socket = io(); let localStream; let myName = 'Anonymous'; let currentRoom = ''; let peerCount = 0; const peers = {}; const MAX_MSG = 500; const iceConfig = { iceServers: [{ urls: 'stun:stun.l.google.com:19302' }] }; // ── Helpers ────────────────────────────────────────────── // Detect URLs in text and wrap them in <a> tags function linkify(text) { const escaped = text .replace(/&/g, '&amp;') .replace(/</g, '&lt;') .replace(/>/g, '&gt;'); const urlRegex = /(https?:\/\/[^\s<>"]+)/g; return escaped.replace(urlRegex, '<a href="$1" target="_blank" rel="noopener noreferrer">$1</a>'); } function addMessage({ name, message, isSelf, isSystem }) { const container = document.getElementById('messages'); if (isSystem) { const el = document.createElement('div'); el.className = 'msg-system'; el.textContent = message; container.appendChild(el); } else { const bubble = document.createElement('div'); bubble.className = 'msg-bubble ' + (isSelf ? 'self' : 'other'); const now = new Date().toLocaleTimeString([], { hour: '2-digit', minute: '2-digit' }); const meta = document.createElement('div'); meta.className = 'msg-meta'; meta.textContent = (isSelf ? 'you' : name) + ' · ' + now; const body = document.createElement('div'); body.className = 'msg-text'; // Linkify and preserve newlines body.innerHTML = linkify(message).replace(/\n/g, '<br>'); bubble.appendChild(meta); bubble.appendChild(body); container.appendChild(bubble); } // Auto-scroll to bottom container.scrollTop = container.scrollHeight; } function updatePeerCount() { document.getElementById('peer-count').textContent = peerCount === 0 ? 'no others in room yet' : peerCount === 1 ? '1 other in room' : `${peerCount} others in room`; } // ── Join ───────────────────────────────────────────────── async function joinRoom() { const nameVal = document.getElementById('name-input').value.trim(); const roomVal = document.getElementById('room-input').value.trim(); if (!roomVal) { alert('Please enter a room name'); return; } myName = nameVal || 'Anonymous'; currentRoom = roomVal; try { localStream = await navigator.mediaDevices.getUserMedia({ video: true, audio: true }); document.getElementById('local-video').srcObject = localStream; document.getElementById('local-label').textContent = myName + ' (you)'; } catch (err) { alert('Could not access camera/microphone: ' + err.message); return; } document.getElementById('join-screen').style.display = 'none'; document.getElementById('app').classList.add('visible'); document.getElementById('room-badge').textContent = '# ' + currentRoom; document.getElementById('room-badge').style.display = ''; document.getElementById('status-dot').classList.add('live'); socket.emit('join', currentRoom); addMessage({ isSystem: true, message: `You joined #${currentRoom} as "${myName}"` }); updatePeerCount(); } // ── Chat ───────────────────────────────────────────────── function sendMessage() { const input = document.getElementById('msg-input'); const text = input.value.trim(); if (!text || !currentRoom) return; if (text.length > MAX_MSG) { alert(`Max ${MAX_MSG} characters`); return; } socket.emit('chat-message', { room: currentRoom, message: text, name: myName }); addMessage({ name: myName, message: text, isSelf: true }); input.value = ''; input.style.height = '42px'; document.getElementById('char-count').textContent = MAX_MSG; document.getElementById('char-count').classList.remove('warn'); } socket.on('chat-message', ({ name, message }) => { addMessage({ name, message, isSelf: false }); }); // Enter to send, Shift+Enter for newline document.getElementById('msg-input').addEventListener('keydown', (e) => { if (e.key === 'Enter' && !e.shiftKey) { e.preventDefault(); sendMessage(); } }); // Char counter + auto-resize textarea document.getElementById('msg-input').addEventListener('input', function () { const remaining = MAX_MSG - this.value.length; const counter = document.getElementById('char-count'); counter.textContent = remaining; counter.classList.toggle('warn', remaining < 50); this.style.height = '42px'; this.style.height = Math.min(this.scrollHeight, 120) + 'px'; }); // ── WebRTC ─────────────────────────────────────────────── socket.on('room-users', async (users) => { peerCount = users.length; updatePeerCount(); for (const userId of users) { await createOffer(userId); } }); socket.on('offer', async ({ from, offer }) => { const pc = createPeerConnection(from); await pc.setRemoteDescription(new RTCSessionDescription(offer)); const answer = await pc.createAnswer(); await pc.setLocalDescription(answer); socket.emit('answer', { to: from, answer }); }); socket.on('answer', async ({ from, answer }) => { const pc = peers[from]; if (pc) await pc.setRemoteDescription(new RTCSessionDescription(answer)); }); socket.on('ice-candidate', async ({ from, candidate }) => { const pc = peers[from]; if (pc && candidate) { try { await pc.addIceCandidate(new RTCIceCandidate(candidate)); } catch (e) {} } }); socket.on('user-left', (userId) => { if (peers[userId]) { peers[userId].close(); delete peers[userId]; } const el = document.getElementById('video-' + userId); if (el) el.closest('.video-wrapper').remove(); peerCount = Math.max(0, peerCount - 1); updatePeerCount(); addMessage({ isSystem: true, message: 'A user left the room.' }); }); function createPeerConnection(peerId) { const pc = new RTCPeerConnection(iceConfig); peers[peerId] = pc; localStream.getTracks().forEach((track) => pc.addTrack(track, localStream)); pc.onicecandidate = ({ candidate }) => { if (candidate) socket.emit('ice-candidate', { to: peerId, candidate }); }; pc.ontrack = ({ streams }) => { let wrapper = document.getElementById('wrapper-' + peerId); if (!wrapper) { wrapper = document.createElement('div'); wrapper.className = 'video-wrapper'; wrapper.id = 'wrapper-' + peerId; const vid = document.createElement('video'); vid.id = 'video-' + peerId; vid.autoplay = true; vid.playsInline = true; const label = document.createElement('div'); label.className = 'video-label'; label.textContent = 'peer'; wrapper.appendChild(vid); wrapper.appendChild(label); document.getElementById('video-panel').appendChild(wrapper); peerCount = Object.keys(peers).length; updatePeerCount(); } document.getElementById('video-' + peerId).srcObject = streams[0]; }; return pc; } async function createOffer(peerId) { const pc = createPeerConnection(peerId); const offer = await pc.createOffer(); await pc.setLocalDescription(offer); socket.emit('offer', { to: peerId, offer }); } </script> </body> </html> </pre> </div> </div> * Edit <code>server.js</code> <div class="toccolours mw-collapsible mw-collapsed"> Appended <b>server.js</b> <div class="mw-collapsible-content"> <pre> const express = require('express'); const https = require('https'); const { Server } = require('socket.io'); const path = require('path'); const app = express(); const fs = require('fs'); const server = https.createServer({ key: fs.readFileSync('/opt/webrtc/key.pem'), cert: fs.readFileSync('/opt/webrtc/cert.pem'), }, app); const io = new Server(server); // Serve the frontend HTML file app.use(express.static(path.join(__dirname, 'public'))); // Keep track of who is in each room const rooms = {}; io.on('connection', (socket) => { console.log('A user connected:', socket.id); // User wants to join a room socket.on('join', (room) => { socket.join(room); if (!rooms[room]) { rooms[room] = []; } // Tell the new user who is already in the room socket.emit('room-users', rooms[room]); // Add this user to the room list rooms[room].push(socket.id); console.log(`${socket.id} joined room: ${room}`); }); // Relay a WebRTC offer to a specific user socket.on('offer', ({ to, offer }) => { io.to(to).emit('offer', { from: socket.id, offer }); }); // Relay a WebRTC answer to a specific user socket.on('answer', ({ to, answer }) => { io.to(to).emit('answer', { from: socket.id, answer }); }); // Relay ICE candidates between peers socket.on('ice-candidate', ({ to, candidate }) => { io.to(to).emit('ice-candidate', { from: socket.id, candidate }); }); // ---- CHAT ---- // Relay a chat message to everyone else in the room socket.on('chat-message', ({ room, message, name }) => { // Broadcast to everyone in the room EXCEPT the sender socket.to(room).emit('chat-message', { from: socket.id, name: name || 'Anonymous', message, time: new Date().toLocaleTimeString([], { hour: '2-digit', minute: '2-digit' }) }); }); // ---- END CHAT ---- // Clean up when a user disconnects socket.on('disconnect', () => { for (const room in rooms) { rooms[room] = rooms[room].filter((id) => id !== socket.id); // Tell others in the room this user left socket.to(room).emit('user-left', socket.id); } console.log('User disconnected:', socket.id); }); }); const PORT = 3000; server.listen(PORT, '0.0.0.0', () => { console.log(`Signalling server running on port ${PORT}`); }); </pre> </div> </div> * Restart webrtc: <code>systemctl restart webrtc</code> Test - Should be working == Troubleshooting == === "Cannot connect to the page" === * Make sure the container is running: <code>sudo lxc-ls --fancy</code> * Make sure the service is running: attach to the container and run <code>systemctl status webrtc</code> * Double-check the IP address — it can change after a container restart. Assign a static IP via LXC config if needed. === "Camera/Microphone access denied" === * On non-localhost addresses, browsers require HTTPS. See Part 7. * Make sure you clicked '''Allow''' (not Block) when the browser asked for permissions. * Try in a different browser, or clear site permissions in browser settings. === Two tabs connect but no video appears === * This usually means ICE negotiation is failing. For local testing this should not happen. * If testing across networks (not just local LAN), you will need a '''TURN server''' (e.g. coturn). This is beyond the scope of this guide. === Port 3000 not reachable === * Check no firewall is blocking it on the host: <code>sudo ufw status</code> * LXC containers on the default <code>lxcbr0</code> bridge are reachable from the host by default. No port forwarding should be needed for local access. pgo8jf6lsews2xlkh5odp0zz2zplak4 0 215 731 2026-04-16T15:14:19Z AwesomO 5 Created page with "3 parts ==Part one== * This is placed in the <head> </head> at the top of index.html contains css <pre> <style> #overlay { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.85); color: white; z-index: 10000; display: flex; align-items: center; justify-content: center; text-align: center; } .popup-box { background: #222; padding: 30px; border-radius: 10px; border: 1px solid #444; } button { padding: 10px 20px; curso..." 731 wikitext text/x-wiki 3 parts ==Part one== * This is placed in the <head> </head> at the top of index.html contains css <pre> <style> #overlay { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.85); color: white; z-index: 10000; display: flex; align-items: center; justify-content: center; text-align: center; } .popup-box { background: #222; padding: 30px; border-radius: 10px; border: 1px solid #444; } button { padding: 10px 20px; cursor: pointer; background: #007bff; color: white; border: none; border-radius: 5px; } .hidden { display: none !important; } </style> </pre> ==part two== * This is placed in/at the top of the <body> </body> section, contains message. <pre> <!-- pop up cookies and other 2/3--> <div id="overlay"> <div class="popup-box"> <h2>Welcome to Complete Noobs!</h2> <p>We use cookies to track traffic. Are you 21 or older?</p> <p>By accepting you are entering at your own risk</p> <button onclick="acceptAndHide()">Yes, I Accept & I'm Over 21 & am aware you are noobs and are still learning i enter at my own risk</button> <p>→ <a href="https://www.google.com" >No Thank You - take me to Google</a></p> </div> </div> </pre> ==part 3== * This is placed in/at the bottom of the <body> </body> section, contains js script. <pre> <!-- pop up cookies and other 3/3--> <script> function acceptAndHide() { // Save the choice in the browser's "localStorage" so it doesn't pop up again localStorage.setItem('gate_passed', 'true'); document.getElementById('overlay').classList.add('hidden'); } // On page load, check if they already clicked "Yes" window.onload = function() { if (localStorage.getItem('gate_passed') === 'true') { document.getElementById('overlay').classList.add('hidden'); } }; </script> </pre> ==use case== * Sample use case <pre> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>My Projects - Status Update</title> <style> body { font-family: Arial, Helvetica, sans-serif; max-width: 800px; margin: 40px auto; padding: 20px; line-height: 1.6; color: #333; } h1 { text-align: center; color: #222; } h2 { color: #444; border-bottom: 2px solid #eee; padding-bottom: 8px; } a { color: #0066cc; text-decoration: none; } a:hover { text-decoration: underline; } .status { font-style: italic; color: #555; } </style> <!-- pop up cookies and other 1/3--> <style> #overlay { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.85); color: white; z-index: 10000; display: flex; align-items: center; justify-content: center; text-align: center; } .popup-box { background: #222; padding: 30px; border-radius: 10px; border: 1px solid #444; } button { padding: 10px 20px; cursor: pointer; background: #007bff; color: white; border: none; border-radius: 5px; } .hidden { display: none !important; } </style> </head> <!--24-06-25 adding google analytic --> <!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-YXYQE65XY1"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-YXYQE65XY1'); </script> <body> <!-- pop up cookies and other 2/3--> <div id="overlay"> <div class="popup-box"> <h2>Welcome to Complete Noobs!</h2> <p>We use cookies to track traffic. Are you 21 or older?</p> <p>By accepting you are entering at your own risk</p> <button onclick="acceptAndHide()">Yes, I Accept & I'm Over 21 & am aware you are noobs and are still learning i enter at my own risk</button> <p>→ <a href="https://www.google.com" >No Thank You - take me to Google</a></p> </div> </div> <h1>Project Status</h1> <h2>CompleteNoobs</h2> <p class="status">Currently on hold due to lack of free time.</p> <p>It will be relaunched as <strong>cnoobs.com</strong> running inside a Docker container.</p> <p>Future plans include a possible soft-fork of MediaWiki that allows Hive accounts holding a certain amount of CNOOBS coins to post and edit pages. I'm also interested in integrating the Hive rewards system for content creators and exploring reward splits between users.</p> <p>Additional custom features being considered:</p> <ul> <li>Custom tags for embedding IPFS content to keep the wiki database smaller and more portable:</li> <ul> <li><code>&lt;ipfs_video&gt;ipfs_addr&lt;/ipfs_video&gt;</code></li> <li><code>&lt;ipfs_pic&gt;ipfs_addr&lt;/ipfs_pic&gt;</code></li> <li><code>&lt;ipfs_audio&gt;ipfs_addr&lt;/ipfs_audio&gt;</code></li> <li><code>&lt;ipfs_file&gt;ipfs_addr&lt;/ipfs_file&gt;</code></li> </ul> </ul> <p>The old draft remains available but is unmaintained:</p> <p>→ <a href="https://www.completenoobs.com/noobs/Main_Page" target="_blank">CompleteNoobs.com (old wiki)</a></p> <p>→ <a href="https://xml.completenoobs.com" target="_blank">xml.CompleteNoobs.com (old xml downloads)</a></p> <h2>n33b.com</h2> <p class="status">Currently on hold.</p> <p>It will <strong>not</strong> become a coin project. It will return to its original purpose: a purely educational site for people who like to learn by tinkering and hands-on experimentation.</p> <h2>v4call.com</h2> <p>→ <a href="https://v4call.com" target="_blank">v4call.com</a></p> <p class="status">idk — tinker gonna tinker 😄</p> <hr> <p style="text-align:center; color:#777; font-size:0.9em;"> Last updated: April 2026 </p> <!-- pop up cookies and other 3/3--> <script> function acceptAndHide() { // Save the choice in the browser's "localStorage" so it doesn't pop up again localStorage.setItem('gate_passed', 'true'); document.getElementById('overlay').classList.add('hidden'); } // On page load, check if they already clicked "Yes" window.onload = function() { if (localStorage.getItem('gate_passed') === 'true') { document.getElementById('overlay').classList.add('hidden'); } }; </script> </body> </html> </pre> btsrkwgwgouad8f3xn2t9wg9ttu9kt4 0 216 732 2026-04-16T21:37:19Z CalebBrummitt88 28 Created page with "<br>Prossylki — сервис для наращивания ссылочной [https://www.ebersbach.org/index.php?title=Prossylki%21_3_Tricks_The_Competitors_Knows,_But_You_Do_Not методы SEO для сайта] массы [https://hiddenwiki.co/index.php?title=Loopy_Backlinks:_Classes_From_The_Professionals методы SEO для сайта] и индексации ссылок. <br><br>Подходит для проектов под Google [https://wncboome..." 732 wikitext text/x-wiki <br>Prossylki — сервис для наращивания ссылочной [https://www.ebersbach.org/index.php?title=Prossylki%21_3_Tricks_The_Competitors_Knows,_But_You_Do_Not методы SEO для сайта] массы [https://hiddenwiki.co/index.php?title=Loopy_Backlinks:_Classes_From_The_Professionals методы SEO для сайта] и индексации ссылок. <br><br>Подходит для проектов под Google [https://wncboomers.org/WNCForum/member.php?action=profile&uid=148 методы SEO для сайта] (Penguin/SpamBrain учитываются), [https://dongsanchurch.or.kr/board_DIJb91/326274 продвижение сай та через ссылки] органично вписываются, [https://backpacking101.com/mw14/index.php?title=Remarkable_Website_-_Prossylki_Will_Help_You_Get_There повышение видимости в Яндексе] без резких изменений. [http://322.sk/2026/04/11/7-ways-twitter-destroyed-my-prossylki-without-me-noticing/ методы SEO для сайта]<br><br> gxaht2n0opf7vg3zsfc4wt9bnosizqw 733 732 2026-04-17T00:34:21Z Noob 1 Replaced content with "Any chance you can write up a reproducable tut on how you do this?" 733 wikitext text/x-wiki Any chance you can write up a reproducable tut on how you do this? nwfklrx8w2w7qj64zlg3tnlo37tt34e 0 217 734 2026-04-19T12:22:14Z AwesomO 5 Created page with "{{LICENCE_CC0}} = v4call — How to Create Your Own Custom Token (e.g. CNOOBS) on Hive Engine = From CompleteNoobs F This guide walks you through creating a custom Hive Engine token (example: '''CNOOBS''') in under 10 minutes. No coding required. These tokens power the custom communication economy in v4call: you can set rates like "1 CNOOBS = 1 text message" or "10 CNOOBS = 1 hour video call", gift them to friends/family, or let blocked users bypass your blocklist if th..." 734 wikitext text/x-wiki {{LICENCE_CC0}} = v4call — How to Create Your Own Custom Token (e.g. CNOOBS) on Hive Engine = From CompleteNoobs F This guide walks you through creating a custom Hive Engine token (example: '''CNOOBS''') in under 10 minutes. No coding required. These tokens power the custom communication economy in v4call: you can set rates like "1 CNOOBS = 1 text message" or "10 CNOOBS = 1 hour video call", gift them to friends/family, or let blocked users bypass your blocklist if they hold enough of your token. '''Why create your own token?''' * Full control over supply and distribution. * Real utility inside v4call (and any other Hive dApp that supports Hive Engine tokens). * Scarcity you decide — perfect for personal or community communication economies. * Transferable, tradable, and giftable via Hive Keychain or TribalDex. '''Cost''': Approximately 100 BEE (Hive Engine's utility token). BEE price fluctuates — check current value on TribalDex or PeakD. This is a one-time creation fee. '''Source''': Based on the official Hive Engine / TribalDex interface (as of 2026). '''End result''': A live custom token (e.g. CNOOBS) that appears in users' Hive Keychain wallets and can be used in your v4call rates post. == Contents == * [[#What_You_Need|1 What You Need]] * [[#Step_1:_Get_Some_BEE_Tokens|2 Step 1: Get Some BEE Tokens]] * [[#Step_2:_Log_In_to_TribalDex|3 Step 2: Log In to TribalDex]] * [[#Step_3:_Create_Your_Token|4 Step 3: Create Your Token]] * [[#Step_4:_Issue_Tokens_to_Yourself|5 Step 4: Issue Tokens to Yourself]] * [[#Step_5:_Optional_-_Add_Metadata_(Logo_Description)|6 Step 5: Optional - Add Metadata (Logo & Description)]] * [[#Step_6:_Distribute_Your_Tokens|7 Step 6: Distribute Your Tokens]] * [[#Using_Your_Token_in_v4call|8 Using Your Token in v4call]] * [[#Common_Problems_and_Fixes|9 Common Problems and Fixes]] * [[#Quick_Reference|10 Quick Reference]] == What You Need == * A Hive account (e.g. @noblemage) with Hive Keychain installed and the '''active key''' available. * Some BEE tokens (≈100 BEE for creation fee). * A web browser. You do '''not''' need to run a node or write code. == Step 1: Get Some BEE Tokens == BEE is the "gas" token for Hive Engine actions. # Go to [https://tribaldex.com tribaldex.com] or any Hive Engine market (e.g. via PeakD wallet). # Swap or buy BEE using HIVE or HBD (very easy with Keychain). # Alternative: Many users get small amounts of BEE from community airdrops or by swapping on the built-in market. Make sure you have at least 110 BEE to cover the fee plus a small buffer. == Step 2: Log In to TribalDex == # Visit [https://tribaldex.com/tokens/create https://tribaldex.com/tokens/create] # Click the login button at the top. # Hive Keychain will pop up — approve the login with your '''active key''' (or posting key in some cases, but active is safest for token actions). You are now logged in as your Hive account. == Step 3: Create Your Token == On the token creation form, fill in the following fields carefully. Most cannot be changed later. * '''Symbol''' — e.g. '''CNOOBS''' (uppercase, 1–10 characters, unique) * '''Name''' — e.g. '''Cnoobs Coins''' * '''Max Supply''' — Choose a number (e.g. 1,000,000). This is the absolute maximum that can ever exist. You can issue less. * '''Precision''' — Usually '''3''' (allows 0.001 precision). You can only increase this later, not decrease. * '''Website''' (optional) — Link to your profile or v4call server (e.g. https://call.yourdomain.com) * '''Description''' (optional) — Short text like "Personal communication token for v4call — used for messages and calls with @cnoobz" Double-check everything — the symbol especially cannot be changed. Click '''Create Token'''. Hive Keychain will ask you to approve a custom_json transaction. Confirm it. Wait 3–10 seconds for confirmation on the blockchain. Success message should appear: your token is now created! == Step 4: Issue Tokens to Yourself == After creation, you usually start with zero balance. # Go to [https://tribaldex.com/tokens/manage https://tribaldex.com/tokens/manage] # Find your new token (CNOOBS) in the list. # Click the '''Issue''' button. # Enter the amount you want to issue to yourself (e.g. 10000). # Confirm with Keychain. You now hold the full issued supply. == Step 5: Optional — Add Metadata (Logo & Description) == # Still on the manage page, click the edit icon for your token. # Upload a square logo image (recommended 200x200 px or larger). # Improve the description and website link. # Save changes (another small Keychain transaction). This makes your token look professional when users view it in wallets or markets. == Step 6: Distribute Your Tokens == * Send to friends/family via Keychain → "Tokens" tab → Transfer. * Airdrop to your community. * Use in v4call rates (see below). * List on TribalDex market if you want people to buy/sell them. Tokens are fully transferable and appear instantly in recipients' Hive Keychain wallets. == Using Your Token in v4call == Once you have your token: # Go to your v4call server → /rate-editor.html # In the rate editor (V2 format), create a new list like [LIST:token-holders] # Set TOKEN:CNOOBS # Define rates, e.g.: ** TEXT:1 CNOOBS ** VOICE:RING:5 CNOOBS;CONNECT:10 CNOOBS;RATE:20 CNOOBS/hr # Your server will automatically verify balances using public Hive Engine RPC when someone tries to call or message you. Blocked users can bypass your blocklist if you set ALLOW-IF-TOKEN:CNOOBS and they hold enough. == Common Problems and Fixes == === "Not enough BEE" error === Buy or swap more BEE on TribalDex. === Token symbol already taken === Choose a different symbol (add numbers or make it longer, e.g. CNOOBS2). === Transaction fails === Make sure you are using the '''active key''' in Keychain for token creation/issuing. Restart Keychain if needed. === Can't find my token after creation === Refresh the page or check https://hive-engine.com/tokens — it may take a few seconds to appear. === Want to issue more later? === You can issue up to your max supply at any time from the manage page. == Quick Reference == {| class="wikitable" |- ! Action !! Where to Do It |- | Create token || https://tribaldex.com/tokens/create |- | Manage / Issue tokens || https://tribaldex.com/tokens/manage |- | View all tokens || https://hive-engine.com/tokens |- | Swap BEE || TribalDex market |- | Check balance in Keychain || Hive Keychain extension → Tokens tab |} '''Next step for v4call users''': After creating your token, update your v4call-rates post using the improved rate-editor.html to include your custom token rates and blocklist bypass. You now have your own personal communication currency on Hive! [[Category:Hive]] [[Category:Hive Engine]] [[Category:v4call]] [[Category:Token Creation]] [[Category:Web3]] 6itkpezpx7e4cfcexzd55dunmgmwvmu 735 734 2026-04-19T12:23:06Z AwesomO 5 735 wikitext text/x-wiki {{:LICENCE_HEADER_CC0}} = v4call — How to Create Your Own Custom Token (e.g. CNOOBS) on Hive Engine = From CompleteNoobs F This guide walks you through creating a custom Hive Engine token (example: '''CNOOBS''') in under 10 minutes. No coding required. These tokens power the custom communication economy in v4call: you can set rates like "1 CNOOBS = 1 text message" or "10 CNOOBS = 1 hour video call", gift them to friends/family, or let blocked users bypass your blocklist if they hold enough of your token. '''Why create your own token?''' * Full control over supply and distribution. * Real utility inside v4call (and any other Hive dApp that supports Hive Engine tokens). * Scarcity you decide — perfect for personal or community communication economies. * Transferable, tradable, and giftable via Hive Keychain or TribalDex. '''Cost''': Approximately 100 BEE (Hive Engine's utility token). BEE price fluctuates — check current value on TribalDex or PeakD. This is a one-time creation fee. '''Source''': Based on the official Hive Engine / TribalDex interface (as of 2026). '''End result''': A live custom token (e.g. CNOOBS) that appears in users' Hive Keychain wallets and can be used in your v4call rates post. == Contents == * [[#What_You_Need|1 What You Need]] * [[#Step_1:_Get_Some_BEE_Tokens|2 Step 1: Get Some BEE Tokens]] * [[#Step_2:_Log_In_to_TribalDex|3 Step 2: Log In to TribalDex]] * [[#Step_3:_Create_Your_Token|4 Step 3: Create Your Token]] * [[#Step_4:_Issue_Tokens_to_Yourself|5 Step 4: Issue Tokens to Yourself]] * [[#Step_5:_Optional_-_Add_Metadata_(Logo_Description)|6 Step 5: Optional - Add Metadata (Logo & Description)]] * [[#Step_6:_Distribute_Your_Tokens|7 Step 6: Distribute Your Tokens]] * [[#Using_Your_Token_in_v4call|8 Using Your Token in v4call]] * [[#Common_Problems_and_Fixes|9 Common Problems and Fixes]] * [[#Quick_Reference|10 Quick Reference]] == What You Need == * A Hive account (e.g. @noblemage) with Hive Keychain installed and the '''active key''' available. * Some BEE tokens (≈100 BEE for creation fee). * A web browser. You do '''not''' need to run a node or write code. == Step 1: Get Some BEE Tokens == BEE is the "gas" token for Hive Engine actions. # Go to [https://tribaldex.com tribaldex.com] or any Hive Engine market (e.g. via PeakD wallet). # Swap or buy BEE using HIVE or HBD (very easy with Keychain). # Alternative: Many users get small amounts of BEE from community airdrops or by swapping on the built-in market. Make sure you have at least 110 BEE to cover the fee plus a small buffer. == Step 2: Log In to TribalDex == # Visit [https://tribaldex.com/tokens/create https://tribaldex.com/tokens/create] # Click the login button at the top. # Hive Keychain will pop up — approve the login with your '''active key''' (or posting key in some cases, but active is safest for token actions). You are now logged in as your Hive account. == Step 3: Create Your Token == On the token creation form, fill in the following fields carefully. Most cannot be changed later. * '''Symbol''' — e.g. '''CNOOBS''' (uppercase, 1–10 characters, unique) * '''Name''' — e.g. '''Cnoobs Coins''' * '''Max Supply''' — Choose a number (e.g. 1,000,000). This is the absolute maximum that can ever exist. You can issue less. * '''Precision''' — Usually '''3''' (allows 0.001 precision). You can only increase this later, not decrease. * '''Website''' (optional) — Link to your profile or v4call server (e.g. https://call.yourdomain.com) * '''Description''' (optional) — Short text like "Personal communication token for v4call — used for messages and calls with @cnoobz" Double-check everything — the symbol especially cannot be changed. Click '''Create Token'''. Hive Keychain will ask you to approve a custom_json transaction. Confirm it. Wait 3–10 seconds for confirmation on the blockchain. Success message should appear: your token is now created! == Step 4: Issue Tokens to Yourself == After creation, you usually start with zero balance. # Go to [https://tribaldex.com/tokens/manage https://tribaldex.com/tokens/manage] # Find your new token (CNOOBS) in the list. # Click the '''Issue''' button. # Enter the amount you want to issue to yourself (e.g. 10000). # Confirm with Keychain. You now hold the full issued supply. == Step 5: Optional — Add Metadata (Logo & Description) == # Still on the manage page, click the edit icon for your token. # Upload a square logo image (recommended 200x200 px or larger). # Improve the description and website link. # Save changes (another small Keychain transaction). This makes your token look professional when users view it in wallets or markets. == Step 6: Distribute Your Tokens == * Send to friends/family via Keychain → "Tokens" tab → Transfer. * Airdrop to your community. * Use in v4call rates (see below). * List on TribalDex market if you want people to buy/sell them. Tokens are fully transferable and appear instantly in recipients' Hive Keychain wallets. == Using Your Token in v4call == Once you have your token: # Go to your v4call server → /rate-editor.html # In the rate editor (V2 format), create a new list like [LIST:token-holders] # Set TOKEN:CNOOBS # Define rates, e.g.: ** TEXT:1 CNOOBS ** VOICE:RING:5 CNOOBS;CONNECT:10 CNOOBS;RATE:20 CNOOBS/hr # Your server will automatically verify balances using public Hive Engine RPC when someone tries to call or message you. Blocked users can bypass your blocklist if you set ALLOW-IF-TOKEN:CNOOBS and they hold enough. == Common Problems and Fixes == === "Not enough BEE" error === Buy or swap more BEE on TribalDex. === Token symbol already taken === Choose a different symbol (add numbers or make it longer, e.g. CNOOBS2). === Transaction fails === Make sure you are using the '''active key''' in Keychain for token creation/issuing. Restart Keychain if needed. === Can't find my token after creation === Refresh the page or check https://hive-engine.com/tokens — it may take a few seconds to appear. === Want to issue more later? === You can issue up to your max supply at any time from the manage page. == Quick Reference == {| class="wikitable" |- ! Action !! Where to Do It |- | Create token || https://tribaldex.com/tokens/create |- | Manage / Issue tokens || https://tribaldex.com/tokens/manage |- | View all tokens || https://hive-engine.com/tokens |- | Swap BEE || TribalDex market |- | Check balance in Keychain || Hive Keychain extension → Tokens tab |} '''Next step for v4call users''': After creating your token, update your v4call-rates post using the improved rate-editor.html to include your custom token rates and blocklist bypass. You now have your own personal communication currency on Hive! [[Category:Hive]] [[Category:Hive Engine]] [[Category:v4call]] [[Category:Token Creation]] [[Category:Web3]] ho9ep4qtf55w01c8bcc7sxm3fmn0z3q 0 218 736 2026-04-19T12:33:01Z AwesomO 5 Created page with "= Hive Blockchain Create Extra Accounts = == Free accounts == This is the on-ramp for your first account. https://signup.hive.io/ == Paid accounts == === Hive Keychain === * Download Hive Keychain (browser extension) * Log in with your '''Active Key''' (required to sign the ~3 HIVE account creation fee) * Click the ☰ (top left) → '''Accounts''' → '''Create Account''' * Enter a username If the username is available, you will proceed to the next stage where you..." 736 wikitext text/x-wiki = Hive Blockchain Create Extra Accounts = == Free accounts == This is the on-ramp for your first account. https://signup.hive.io/ == Paid accounts == === Hive Keychain === * Download Hive Keychain (browser extension) * Log in with your '''Active Key''' (required to sign the ~3 HIVE account creation fee) * Click the ☰ (top left) → '''Accounts''' → '''Create Account''' * Enter a username If the username is available, you will proceed to the next stage where your key pairs are shown. '''Important:''' When Hive Keychain is open on the key display screen, clicking outside the extension (e.g. to open a text editor) may close it. If this happens before saving, you will lose the generated keys and must restart the process. * As soon as the keys are shown: ** Click '''Copy''' ** Tick all confirmation boxes ** Click '''Copy''' again to be safe * Click '''Create''' to finalize the account * Immediately paste your keys into a text file and back them up securely And that's it — you have created a new Hive account. 9o950mi4bc0bbl95av3a32mbuj4nc4l 0 219 737 2026-04-19T12:48:22Z AwesomO 5 Created page with "= Hive Blockchain Buying HBD = == Prerequisites == Before buying HBD, you must have a Hive account. It is recommended to use Hive Keychain for easy and secure access to your account. * Create a Hive account (see: ''Hive Blockchain Create Extra Accounts'') * Install Hive Keychain (browser extension) * Log in to your account using your keys == Buying HIVE from an Exchange == To obtain HBD, you will first need to buy HIVE from a cryptocurrency exchange. Example (UK): *..." 737 wikitext text/x-wiki = Hive Blockchain Buying HBD = == Prerequisites == Before buying HBD, you must have a Hive account. It is recommended to use Hive Keychain for easy and secure access to your account. * Create a Hive account (see: ''Hive Blockchain Create Extra Accounts'') * Install Hive Keychain (browser extension) * Log in to your account using your keys == Buying HIVE from an Exchange == To obtain HBD, you will first need to buy HIVE from a cryptocurrency exchange. Example (UK): * https://www.mexc.com/en-GB/ Steps: * Create and verify an account on the exchange * Deposit funds (GBP, EUR, etc.) * Buy HIVE == Sending HIVE to Your Hive Account == Once you have purchased HIVE: * Go to '''Withdraw''' on the exchange * Enter your Hive username as the destination * Double-check the username (transactions cannot be reversed) * Send the HIVE After a short time, the HIVE will appear in your Hive wallet. == Swapping HIVE to HBD == To convert HIVE into HBD, you can use a Hive-based exchange: * https://hivedex.io/ Steps: * Connect your Hive account (via Hive Keychain) * Select the HIVE → HBD market * Enter the amount of HIVE to swap * Confirm the transaction in Hive Keychain Once completed, your HBD balance will be updated in your wallet. == Notes == * Always verify URLs before logging in or signing transactions * Keep your keys secure and never share them * Test with a small amount first if you are new And that's it — you now have HBD in your Hive account. hgtnvd54qyw7uv28ef5yctgopg6fjzu 0 220 738 2026-04-19T13:57:14Z AwesomO 5 Created page with "'''How to Change Your Active and Posting Keys on Hive (2026)''' To update your Active, Posting (or any) keys on Hive, you must perform a full **password reset**. This generates a new '''Master Password''' that automatically creates a fresh set of all keys (Owner, Active, Posting, Memo). =='''Critical Warnings'''== * If you lose the new Master Password or Owner Key, '''no one''' (not even Hive support) can recover your account. * '''Backup everything''' (especially the..." 738 wikitext text/x-wiki '''How to Change Your Active and Posting Keys on Hive (2026)''' To update your Active, Posting (or any) keys on Hive, you must perform a full **password reset**. This generates a new '''Master Password''' that automatically creates a fresh set of all keys (Owner, Active, Posting, Memo). =='''Critical Warnings'''== * If you lose the new Master Password or Owner Key, '''no one''' (not even Hive support) can recover your account. * '''Backup everything''' (especially the new Master Password and all private keys) before clicking Update. * You will need to manually add the new keys to Hive Keychain and other apps afterward. =='''Method 1: Official Hive Wallet (wallet.hive.blog)'''== # Go to [https://wallet.hive.blog wallet.hive.blog] (or directly to <code>https://wallet.hive.blog/@yourusername/permissions</code>). # Log in using your current '''Owner Key''' or '''Master Password'''. # Navigate to the '''Change Password''' section. # Click '''"Click to Generate Password"'''. # '''Save everything''': Copy the new Master Password and all displayed private/public keys. Store them securely offline. # Re-enter the new Master Password in the confirmation field. # Check all confirmation boxes. # Click '''Update Password'''. =='''Method 2: Using PeakD (often easier)'''== # Log in to [https://peakd.com peakd.com] (usually via Hive Keychain). # Go to your profile → '''Wallet''' → '''Keys & Permissions'''. # Click the '''Change Password''' button. # Authorize with your current '''Owner Key'''. # Generate the new password, download/save all keys, then confirm the update. =='''After Updating'''== * Update Hive Keychain (remove old keys and import the new ones). * Update any mobile apps (Ecency, Hive Wallet, etc.). * Test logging in with the new keys before deleting old backups. *'''Tip''': Always keep your Owner Key extremely safe — it is the only key that can reset everything. ==Expanding info box== <div class="toccolours mw-collapsible mw-collapsed"> '''How to Change Your Active and Posting Keys on Hive (2026)''' <div class="mw-collapsible-content"> To update your Active, Posting (or any) keys on Hive, you must perform a full **password reset**. This generates a new '''Master Password''' that automatically creates a fresh set of all keys (Owner, Active, Posting, Memo). '''Critical Warnings''' * If you lose the new Master Password or Owner Key, '''no one''' (not even Hive support) can recover your account. * '''Backup everything''' (especially the new Master Password and all private keys) before clicking Update. * You will need to manually add the new keys to Hive Keychain and other apps afterward. '''Method 1: Official Hive Wallet (wallet.hive.blog)''' # Go to [https://wallet.hive.blog wallet.hive.blog] (or directly to <code>https://wallet.hive.blog/@yourusername/permissions</code>). # Log in using your current '''Owner Key''' or '''Master Password'''. # Navigate to the '''Change Password''' section. # Click '''"Click to Generate Password"'''. # '''Save everything''': Copy the new Master Password and all displayed private/public keys. Store them securely offline. # Re-enter the new Master Password in the confirmation field. # Check all confirmation boxes. # Click '''Update Password'''. '''Method 2: Using PeakD (often easier)''' # Log in to [https://peakd.com peakd.com] (usually via Hive Keychain). # Go to your profile → '''Wallet''' → '''Keys & Permissions'''. # Click the '''Change Password''' button. # Authorize with your current '''Owner Key'''. # Generate the new password, download/save all keys, then confirm the update. '''After Updating''' * Update Hive Keychain (remove old keys and import the new ones). * Update any mobile apps (Ecency, Hive Wallet, etc.). * Test logging in with the new keys before deleting old backups. '''Tip''': Always keep your Owner Key extremely safe — it is the only key that can reset everything. </div> </div> h1zi8hpp2xtgtedpxfuhz4onvl2qnih 0 221 740 2026-04-19T14:17:40Z AwesomO 5 Created page with "{{:LICENCE_HEADER_MIT}} = v4call — Deploy Your Own Server on Ubuntu 24.04 with Docker = From CompleteNoobs This guide walks through deploying your own v4call server from scratch on a fresh Vultr Ubuntu 24.04 VPS — from first login to a working HTTPS video/audio calling service on your own domain. v4call is an open-source, decentralised video and audio calling platform that uses Hive blockchain for identity and HBD micropayments. It supports custom Hive-Engine to..." 740 wikitext text/x-wiki {{:LICENCE_HEADER_MIT}} = v4call — Deploy Your Own Server on Ubuntu 24.04 with Docker = From CompleteNoobs This guide walks through deploying your own v4call server from scratch on a fresh Vultr Ubuntu 24.04 VPS — from first login to a working HTTPS video/audio calling service on your own domain. v4call is an open-source, decentralised video and audio calling platform that uses Hive blockchain for identity and HBD micropayments. It supports custom Hive-Engine token payments, encrypted direct messages with persistent chat history, voice-only and video calls, and a free-market platform fee system. Fork it, run your own server, keep all your platform fees, join the federation, federation coming (unknown time) kismet. '''Source code''': [https://github.com/CompleteNoobs/v4call https://github.com/CompleteNoobs/v4call] '''End result''': A working v4call server at <code>https://call.yourdomain.com</code> that you can log into with a Hive account. == Contents == * [[#What_You_Need|1 What You Need]] * [[#Step_1:_Create_Your_Vultr_VPS|2 Step 1: Create Your Vultr VPS]] * [[#Step_2:_Point_Your_Domain_at_the_VPS|3 Step 2: Point Your Domain at the VPS]] * [[#Step_3:_Log_into_Your_VPS|4 Step 3: Log into Your VPS]] * [[#Step_4:_Update_the_Server|5 Step 4: Update the Server]] * [[#Step_5:_Install_Docker|6 Step 5: Install Docker]] * [[#Step_6:_Install_Git|7 Step 6: Install Git]] * [[#Step_7:_Fork_and_Clone_the_Code|8 Step 7: Fork and Clone the Code]] * [[#Step_8:_Configure_Your_Server_(.env_file)|9 Step 8: Configure Your Server (.env file)]] * [[#Step_9:_Configure_Nginx_—_HTTP_Only_First|10 Step 9: Configure Nginx — HTTP Only First]] * [[#Step_10:_Create_Data_Directories_and_Fix_Permissions|11 Step 10: Create Data Directories and Fix Permissions]] * [[#Step_11:_Build_and_Start_the_Server|12 Step 11: Build and Start the Server]] * [[#Step_12:_Get_Your_SSL_Certificate|13 Step 12: Get Your SSL Certificate]] * [[#Step_13:_Enable_HTTPS_in_Nginx|14 Step 13: Enable HTTPS in Nginx]] * [[#Step_14:_Set_Up_SSL_Auto-Renewal|15 Step 14: Set Up SSL Auto-Renewal]] * [[#Step_15:_Test_Everything_is_Working|16 Step 15: Test Everything is Working]] * [[#Step_16:_Set_Up_Your_Call_Rates_on_Hive|17 Step 16: Set Up Your Call Rates on Hive]] * [[#Feature_Guide:_What_Your_Server_Can_Do|18 Feature Guide: What Your Server Can Do]] * [[#Admin_Configuration_Reference|19 Admin Configuration Reference]] * [[#Updating_Your_Server|20 Updating Your Server]] * [[#Common_Problems_and_Fixes|21 Common Problems and Fixes]] * [[#Quick_Reference|22 Quick Reference]] == What You Need == Before starting, make sure you have the following: * '''A Vultr account''' — sign up at [https://vultr.com vultr.com] - please use are [https://www.vultr.com/?ref=7704739 Vultr Referral link] to help us cover server costs. * '''A domain name''' with DNS access — e.g. <code>call.yourdomain.com</code> * '''Two Hive accounts''' — one for your server identity (receives platform fees), one for escrow (holds caller funds during calls). Create free accounts at [https://signup.hive.io signup.hive.io] * '''Hive Keychain browser extension''' — for login and payments. Install from [https://hive-keychain.com hive-keychain.com] * '''A GitHub account''' — free at [https://github.com github.com]. You will fork the v4call project. * '''A terminal''' — Mac: Terminal app. Windows: PowerShell or PuTTY. You do not need to know how to code. Every command can be copy-pasted exactly as shown. == Step 1: Create Your Vultr VPS == # Log into [https://my.vultr.com my.vultr.com] # Click '''Deploy New Server''' # Choose '''Cloud Compute — Shared CPU''' # Choose a location close to you # Choose '''Ubuntu 24.04 LTS x64''' # Choose the '''$6/month''' plan (1 CPU, 1GB RAM) # Set Server Hostname to something like <code>v4call-server</code> # Click '''Deploy Now''' Wait ~60 seconds for it to start. Click the server to find: * '''IP Address''' — looks like <code>123.456.789.012</code> — write it down * '''Password''' — click the eye icon — write it down == Step 2: Point Your Domain at the VPS == Log into your DNS provider and add an A record: {| class="wikitable" |- ! Field !! Value |- | Type || A |- | Name || <code>call</code> (or <code>@</code> for root domain) |- | Value || Your VPS IP address |- | TTL || 300 |} DNS takes a few minutes to propagate. Check from your computer later: nslookup call.yourdomain.com Must show your VPS IP before Step 12. You can continue with all other steps while waiting. == Step 3: Log into Your VPS == Open a terminal on your computer: ssh root@YOUR_SERVER_IP Type <code>yes</code> when asked about the fingerprint, then paste the password from Vultr (right-click to paste in most terminals). When you see <code>root@v4call-server:~#</code> you are in. == Step 4: Update the Server == apt update && apt upgrade -y Wait for it to complete (1-2 minutes). == Step 5: Install Docker == Install Docker using the official installer script: curl -fsSL https://get.docker.com | sh Verify: docker --version Should show <code>Docker version 26.x.x</code> or similar. Install Docker Compose plugin: apt install -y docker-compose-plugin Verify: docker compose version Should show <code>Docker Compose version v2.x.x</code>. == Step 6: Install Git == apt install -y git git --version == Step 7: Download and/or Fork and Clone the Code == === Clone onto your VPS === cd /opt git clone https://github.com/CompleteNoobs/v4call.git cd v4call ==== Fork on GitHub - Optional ==== Forking gives you your own copy of the code that you can customise — change the name, branding, fees — without affecting the original project. # Go to [https://github.com/CompleteNoobs/v4call https://github.com/CompleteNoobs/v4call] # Click the '''Fork''' button (top right of the page) # Select your GitHub account as the destination # Click '''Create fork''' You now have your own copy at <code>https://github.com/YOURUSERNAME/v4call</code> ==== Clone onto your VPS ==== cd /opt git clone https://github.com/YOURUSERNAME/v4call.git cd v4call List the files to confirm: ls You should see: <code>server.js public/ Dockerfile docker-compose.yml nginx/ package.json .env.example</code> == Step 8: Configure Your Server (.env file) == All settings live in a single <code>.env</code> file. Copy the template: cp .env.example .env nano .env Fill in your values: <pre> # ── Server Identity ────────────────────────────────────── SERVER_NAME=yourcallapp SERVER_DOMAIN=call.yourdomain.com SERVER_HIVE_ACCOUNT=yourhiveaccount ESCROW_ACCOUNT=yourescrowaccount V4CALL_ESCROW_KEY=5Kxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx # Secret key to access /admin/ledger and /admin/balance endpoints. # Choose a long random string — treat it like a password. # Example: openssl rand -hex 32 ADMIN_KEY=make-up-a-long-random-string-at-least-20-characters # ── Hive Blockchain ────────────────────────────────────── CHAIN=hive HIVE_API= # ── Platform Fee ───────────────────────────────────────── # Percentage your server takes from each paid call/DM (10 = 10%) # This is the MINIMUM fee — users whose rates post sets a lower # platform fee will be rejected. Users who set a higher fee # get the best price (your server's rate, not their higher number). DEFAULT_PLATFORM_FEE=10 # ── Network ────────────────────────────────────────────── PORT=3000 BIND_HOST=127.0.0.1 # ── Chat Storage ───────────────────────────────────────── # How many days to keep stored DMs before automatic cleanup DM_RETENTION_DAYS=33 # How many days to keep stored room messages before cleanup ROOM_RETENTION_DAYS=33 # How many recent DMs per conversation to show on login (0 = off) DM_PREVIEW_COUNT=1 # ── Call Behaviour (advanced — defaults are fine) ──────── # CALL_COOLDOWN_MS=30000 # MAX_CALL_DURATION_MIN=120 # PAYMENT_VERIFY_RETRIES=3 # PAYMENT_VERIFY_DELAY_MS=5000 </pre> Key points: * <code>V4CALL_ESCROW_KEY</code> — must be the '''active''' private key for your escrow account. Find it in your Hive wallet → Keys & Permissions → Active. Starts with <code>5K</code>. '''Never share this.''' * <code>ADMIN_KEY</code> — invent a secret password for accessing admin tools * <code>HIVE_API</code> — leave blank to use all built-in Hive nodes automatically * <code>DEFAULT_PLATFORM_FEE</code> — your server's minimum platform fee percentage. See [[#Platform_Fee_System|Platform Fee System]] below for how this works. * <code>DM_RETENTION_DAYS</code> / <code>ROOM_RETENTION_DAYS</code> — how long chat messages are kept in the database. A cleanup job runs every hour and deletes anything older. Set to <code>0</code> to keep messages indefinitely (not recommended). * <code>DM_PREVIEW_COUNT</code> — when a user logs in, this many recent DMs per conversation are loaded into the lobby chat so they can see previews. Set to <code>0</code> to disable previews (users still get an unread count alert). Save: '''Ctrl+X''' → '''Y''' → '''Enter''' == Step 9: Configure Nginx — HTTP Only First == '''This step is critical.''' A very common mistake is putting the HTTPS/SSL config in Nginx before getting the certificate. Nginx tries to load the certificate at startup — if the file doesn't exist yet, Nginx crashes in a restart loop. Certbot then cannot serve the challenge because Nginx is down. Result: no certificate, stuck in a loop. The fix: always start with HTTP only, get the certificate, then add HTTPS. Edit the Nginx config: nano /opt/v4call/nginx/v4call.conf Delete everything and replace with this HTTP-only config: <pre> server { listen 80; server_name call.yourdomain.com www.call.yourdomain.com; # Certbot challenge path — do not remove this block location /.well-known/acme-challenge/ { root /var/www/certbot; } # Proxy all other requests to the v4call app location / { proxy_pass http://app:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_read_timeout 86400; } } </pre> Replace <code>call.yourdomain.com</code> with your actual domain in both places. Save: '''Ctrl+X''' → '''Y''' → '''Enter''' == Step 10: Create Data Directories and Fix Permissions == Create the folders Docker uses for persistent data: mkdir -p /opt/v4call/data/logs \ mkdir -p /opt/v4call/data/certbot/conf \ mkdir -p /opt/v4call/data/certbot/www/.well-known/acme-challenge \ mkdir -p /opt/v4call/data/certbot/logs '''Fix permissions — do not skip this.''' The v4call app runs inside Docker as user <code>node</code> (UID 1000). On the host, these directories are created by root, so the container cannot write to them. This causes a <code>SQLITE_CANTOPEN</code> error that crashes the app. Fix the logs directory for the app: chown -R 1000:1000 /opt/v4call/data/logs Certbot runs as root so its directories stay root-owned: chown -R root:root /opt/v4call/data/certbot chmod -R 755 /opt/v4call/data/certbot '''Note:''' The app creates two separate SQLite databases in the logs directory: * <code>v4call-ledger.db</code> — payment records (calls, ring fees, payouts). Only the server writes to this. * <code>v4call-chat.db</code> — stored DMs and room messages. Separate from the ledger for security — if a bug in chat storage were exploited, the payment ledger remains untouched. == Step 11: Build and Start the Server == cd /opt/v4call docker compose up -d --build The first build downloads dependencies and takes 2-4 minutes. Check the status: docker compose ps You should see: <pre> NAME STATUS v4call-app Up (healthy) v4call-nginx Up </pre> Check the app started correctly: docker compose logs app Look for: <pre> [ledger] SQLite ready: /app/logs/v4call-ledger.db [chat] SQLite ready: /app/logs/v4call-chat.db v4call server running on 0.0.0.0:3000 [config] Server: yourcallapp (call.yourdomain.com) [config] DM retention: 33 days | Room retention: 33 days | DM preview: 1 ✓ Escrow key verified — matches @yourescrowaccount active key ✓ Escrow account @yourescrowaccount balance: 0.000 HBD </pre> If you see <code>SqliteError: unable to open database file</code> — run the chown command from Step 10 again then <code>docker compose restart app</code>. Test HTTP is working: curl http://call.yourdomain.com/debug-state Should return: <code>{"lobbyUsers":[],"rooms":[]}</code> If you can see the site in a browser over HTTP at this point — everything is working and ready for the certificate. == Step 12: Get Your SSL Certificate == '''Before running certbot''', verify DNS and the challenge path are both working: # Check DNS points to this server nslookup call.yourdomain.com # Test the challenge path echo "test" > /opt/v4call/data/certbot/www/.well-known/acme-challenge/testfile curl http://call.yourdomain.com/.well-known/acme-challenge/testfile The curl command must return <code>test</code>. If it does not, Nginx is not running — check <code>docker compose ps</code> and <code>docker compose logs nginx</code>. When both work, get the certificate. The <code>--entrypoint certbot</code> flag is required — without it, Docker runs the container's default renewal loop instead of the certonly command: docker compose run --rm \ --entrypoint certbot \ certbot certonly \ --webroot \ -w /var/www/certbot \ -d call.yourdomain.com \ --email your@email.com \ --agree-tos \ --no-eff-email Replace <code>call.yourdomain.com</code> with your domain and <code>your@email.com</code> with your email. Success looks like: <pre> Requesting a certificate for call.yourdomain.com Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/call.yourdomain.com/fullchain.pem Key is saved at: /etc/letsencrypt/live/call.yourdomain.com/privkey.pem This certificate expires on 2026-07-09. </pre> Verify the files exist on the host: ls /opt/v4call/data/certbot/conf/live/call.yourdomain.com/ Should show: <code>cert.pem chain.pem fullchain.pem privkey.pem README</code> == Step 13: Enable HTTPS in Nginx == Now the certificate exists, update Nginx to serve HTTPS. nano /opt/v4call/nginx/v4call.conf Replace everything with the full HTTPS config: <pre> # HTTP — only used for certbot challenge and redirect to HTTPS server { listen 80; server_name v4call.com v4call.com; location /.well-known/acme-challenge/ { root /var/www/certbot; } location / { return 301 https://$host$request_uri; } } # HTTPS — auth lives here server { listen 443 ssl; server_name v4call.com v4call.com; # CHANGE PATH: for ssl certifcates change v4call.com to your path: which you can find at "ls data/certbot/conf/live/" ssl_certificate /etc/letsencrypt/live/v4call.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/v4call.com/privkey.pem; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers off; add_header Strict-Transport-Security "max-age=63072000" always; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; # When user cancels the login prompt, send them here error_page 401 /info.html; # info.html is served directly by Nginx — no auth, no proxy location = /info.html { root /usr/share/nginx/html; auth_basic off; } # WebSocket — requires auth location /socket.io/ { # uncomment to require username and password to enter site - useful for testing # auth_basic "v4call — Private Testing"; # auth_basic_user_file /etc/nginx/.htpasswd; proxy_pass http://app:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_cache_bypass $http_upgrade; proxy_read_timeout 86400; } # Everything else — requires auth, proxied to app location / { # uncomment to require username and password to enter site - useful for testing # auth_basic "v4call — Private Testing"; # auth_basic_user_file /etc/nginx/.htpasswd; proxy_pass http://app:3000; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_read_timeout 300; proxy_send_timeout 300; } # This will log correct and incorrect attempts logging in, if .htpasswd used error_log /var/log/nginx/error.log warn; access_log /var/log/nginx/access.log; } </pre> * REPLACE <code>call.yourdomain.com</code> with your domain throughout (it appears 5 times). * CHANGE PATH: for ssl certifcates change v4call.com to your path: which you can find at <code>ls data/certbot/conf/live/</code> if not sure. <pre> ssl_certificate /etc/letsencrypt/live/v4call.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/v4call.com/privkey.pem; </pre> Save and restart Nginx: docker compose restart nginx Check the logs — you should see '''no''' <code>[emerg]</code> errors: docker compose logs nginx The last lines should show: <pre> nginx/1.x.x ... start worker processes </pre> * If you see an error such as: <pre>[emerg] 1#1: cannot load certificate "/etc/letsencrypt/live/call.yourdomain.com/fullchain.pem": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling fopen(/etc/letsencrypt/live/call.yourdomain.com/fullchain.pem, r) error:10000080:BIO routines::no such file)</pre> * Make sure you edited <code>nginx/v4call.conf</code> correctly. * To find the path for your SSL certs look in path <code>data/certbot/conf/live/</code> * There are 4 lines to check in <code>nginx/v4call.conf</code>: ** Line 4: <code>server_name call.yourdomain.com www.call.yourdomain.com;</code> ** Line 18: <code>server_name call.yourdomain.com www.call.yourdomain.com;</code> ** Line 20: <code>ssl_certificate /etc/letsencrypt/live/call.yourdomain.com/fullchain.pem;</code> ** Line 21: <code>ssl_certificate_key /etc/letsencrypt/live/call.yourdomain.com/privkey.pem;</code> * When done restart nginx with: <code>docker compose restart nginx</code> == Step 14: Set Up SSL Auto-Renewal == Let's Encrypt certificates expire after 90 days. A cron job renews them automatically. crontab -e Add this line at the bottom: 0 3 * * * cd /opt/v4call && docker compose run --rm --entrypoint certbot certbot renew --quiet && docker compose exec nginx nginx -s reload Save and exit. This runs at 3am every day, renews if the cert is close to expiry, and reloads Nginx to pick up the new certificate. == Step 15: Test Everything is Working == Test HTTPS: curl https://call.yourdomain.com/debug-state Should return: <code>{"lobbyUsers":[],"rooms":[]}</code> Test admin access: curl "https://call.yourdomain.com/admin/balance?key=YOUR_ADMIN_KEY" Should return your escrow account balance. Open your browser and go to <code>https://call.yourdomain.com</code> You should see the v4call login page with: * A padlock icon in the browser address bar * A green '''⚡ Sign in with Keychain''' button (if Hive Keychain is installed) * A manual posting key login option below it * A '''📖 New here? Learn the v4call basics →''' link at the bottom Log in with Hive Keychain or a posting key to confirm the login flow works. 🎉 == Step 16: Set Up Your Call Rates on Hive == For callers to be charged when they ring you, publish your rates on the Hive blockchain: # Make sure Hive Keychain is installed in your browser # Go to <code>https://call.yourdomain.com/rate-editor.html</code> # Enter your Hive username # Set your rates — ring fee, connect fee, duration rate per hour, minimum credit deposit # Set <code>PLATFORM-FEE</code> to at least your server's <code>DEFAULT_PLATFORM_FEE</code> percentage (e.g. <code>10</code> for 10%). If you set it lower, paid contacts to your account will be rejected on this server. # Optionally add custom token sections (e.g. <code>[TOKEN:CNOOBS]</code>) to offer discounted rates for callers who hold your token # Click '''Generate''' to preview the rates block # Click '''Post to Hive''' — Keychain will ask you to approve the post This creates a post titled <code>v4call-rates</code> on your Hive blog. Your server reads this post automatically. To verify your server read the rates correctly: https://call.yourdomain.com/debug-rates/yourusername To test with a specific caller (checks their token balances too): https://call.yourdomain.com/debug-rates/yourusername?caller=theirusername&type=voice You should see your rates as JSON, including which currency and rates apply for that caller. == Feature Guide: What Your Server Can Do == This section explains all the features available in v4call and how they work. No code changes needed — everything described here is built in and ready to use. === Login Options === v4call supports two ways to sign in: * '''Hive Keychain''' (recommended) — click the green '''⚡ Sign in with Keychain''' button. Keychain signs a challenge to prove your identity. No key paste needed. After login, a 🔑 panel appears in the lobby where you can optionally enter your posting key to unlock encrypted messaging (Keychain cannot expose private keys, so encryption needs the key entered once per session). * '''Manual posting key''' — paste your Hive posting private key (starts with <code>5J</code>) directly. The key stays in browser session memory only — never sent to the server. Both methods verify your identity against the Hive blockchain. === Voice and Video Calls === Each online user in the lobby shows three action buttons: * '''📞 Green phone icon''' — start a '''voice-only''' call (audio, no camera) * '''🎥 Blue camera icon''' — start a '''video''' call (audio + camera) * '''💬 Purple chat bubble icon''' — open the '''DM panel''' to send a direct message Voice calls request microphone only — no camera permission prompt. Video calls request both. The caller and callee can have different call types — the type is set by whoever initiates the call. Separate rates can be set for voice and video calls in the rates post (voice is typically cheaper). === Direct Messages (DMs) === Click the purple 💬 button next to any online user to open the DM panel. DMs are end-to-end encrypted using Hive posting keys — the server stores only ciphertext it cannot read. '''Chat storage:''' DMs are stored on the server in an encrypted database (<code>v4call-chat.db</code>) for up to <code>DM_RETENTION_DAYS</code> (default: 33 days). Both sender and recipient get their own encrypted copy stored, so both can retrieve their history later. '''Unread alerts:''' When you log in, if you have unread DMs, a popup appears showing how many messages from how many users. Click a username in the popup to open their DM history. '''DM previews:''' The last <code>DM_PREVIEW_COUNT</code> messages per conversation are loaded into the lobby chat on login, so you can see recent activity at a glance. Set to <code>0</code> in <code>.env</code> to disable. '''Full history:''' Click the DM button for any user to load the complete conversation history, shown between "— DM history —" dividers. === Rooms === Users can create private rooms by selecting users in the lobby (toggle switch) and clicking '''Create & Invite'''. Rooms support encrypted messaging, video, and voice. '''Room history:''' When a new user joins a room, they see past messages — broadcasts in full, encrypted messages only if they were addressed to them. A "— earlier messages —" divider separates history from live messages. '''Ephemeral rooms:''' A warning banner at the top of every room says: "⚠ Room is ephemeral — if all users leave, the room and its history are deleted. New members can only read messages encrypted to their key." When the last person leaves a room, all stored messages for that room are deleted from the database. === Custom Token Payments (Hive-Engine) === v4call supports payment in any Hive-Engine token, not just HBD. This is configured per-user in their rates post using <code>[TOKEN:SYMBOL]</code> sections. '''How it works:''' # A user (e.g. @cnoobz) creates a custom token on Hive-Engine (e.g. CNOOBS) # In their rates post, they add a <code>[TOKEN:CNOOBS]</code> section with lower rates than their default HBD rates # When a caller who holds CNOOBS contacts @cnoobz, the server detects the token balance and offers the token rates # If the caller holds multiple qualifying tokens, '''all options are shown''' in a currency picker — the caller chooses which to pay with # The payment goes through Hive Keychain as a <code>custom_json</code> Hive-Engine transfer '''For the escrow account:''' Your escrow account needs to hold some of each custom token that users on your server accept. Token payouts (to the callee) and refunds (to the caller) are sent from the escrow account's token balance, just like HBD. '''Payment picker:''' When multiple payment options exist (e.g. CNOOBS at 1 per message, HBD at 100000 per message), the payment modal shows clickable currency buttons so the caller can see all rates and choose the best option. === Platform Fee System === The platform fee is how your server earns revenue from paid calls and DMs. '''How it works:''' * Your server's <code>DEFAULT_PLATFORM_FEE</code> in <code>.env</code> is the '''minimum''' percentage your server accepts (e.g. <code>10</code> = 10%) * Each user sets <code>PLATFORM-FEE</code> in their Hive rates post — this is the maximum fee they are willing to pay to a server * If the user's posted fee is '''lower''' than your server's minimum → '''rejected'''. The caller sees a message explaining the mismatch, and the callee is told to raise their fee. * If the user's posted fee '''meets or exceeds''' your server's minimum → '''accepted''', and '''the server charges its own rate''' (the minimum), not the user's higher number. The callee gets the best price. * If the user has '''no <code>PLATFORM-FEE</code> line''' in their rates post → the server's default is used automatically. No mismatch. * '''Free contacts''' (no payment involved) are never affected by fee enforcement. '''Why this matters for federation:''' Different servers can set different platform fees. Users can shop around — pick a server with a fee they find agreeable. This creates a free market for server operators. '''Example:''' * Your server: <code>DEFAULT_PLATFORM_FEE=3</code> (3%) * @alice posts: <code>PLATFORM-FEE: 5%</code> → accepted, server charges 3% (best price for alice) * @bob posts: <code>PLATFORM-FEE: 1%</code> → rejected, bob needs to raise to at least 3% * @charlie has no fee line → defaults to 3%, automatically accepted == Admin Configuration Reference == All settings are in the <code>.env</code> file. After changing any value, rebuild: docker compose down && docker compose build --no-cache && docker compose up -d {| class="wikitable" |- ! Variable !! Default !! Description |- | <code>SERVER_NAME</code> || <code>v4call</code> || Display name for your server |- | <code>SERVER_DOMAIN</code> || <code>v4call.com</code> || Your server's domain |- | <code>SERVER_HIVE_ACCOUNT</code> || <code>v4call</code> || Hive account that receives platform fees |- | <code>ESCROW_ACCOUNT</code> || <code>v4call-escrow</code> || Hive account that holds funds during calls |- | <code>V4CALL_ESCROW_KEY</code> || ''(none)'' || Active private key for the escrow account. '''Required.''' |- | <code>ADMIN_KEY</code> || ''(none)'' || Password for admin endpoints (<code>/admin/balance</code>, <code>/admin/ledger</code>) |- | <code>DEFAULT_PLATFORM_FEE</code> || <code>10</code> || Server's minimum platform fee percentage |- | <code>DM_RETENTION_DAYS</code> || <code>33</code> || Days to keep stored DMs before cleanup |- | <code>ROOM_RETENTION_DAYS</code> || <code>33</code> || Days to keep stored room messages before cleanup |- | <code>DM_PREVIEW_COUNT</code> || <code>1</code> || Recent DMs per conversation shown on login (0 = off) |- | <code>HIVE_API</code> || ''(blank)'' || Override primary Hive API node. Blank = auto-select from built-in list |- | <code>MAX_CALL_DURATION_MIN</code> || <code>120</code> || Maximum call length in minutes before auto-disconnect |- | <code>CALL_COOLDOWN_MS</code> || <code>30000</code> || Milliseconds between call attempts to same user |- | <code>PAYMENT_VERIFY_RETRIES</code> || <code>3</code> || Number of attempts to verify a blockchain payment |- | <code>PAYMENT_VERIFY_DELAY_MS</code> || <code>5000</code> || Delay between verification retry attempts |} === Debug Endpoints === These are useful for testing without making actual calls: * <code>/debug-state</code> — shows current lobby users and active rooms (no auth required) * <code>/debug-rates/USERNAME</code> — shows parsed rates for a user * <code>/debug-rates/USERNAME?caller=CALLER&type=voice</code> — shows what rates a specific caller would receive (checks token balances too) * <code>/admin/balance?key=YOUR_ADMIN_KEY</code> — shows escrow account HBD balance * <code>/admin/ledger?key=YOUR_ADMIN_KEY</code> — shows recent payment records == Updating Your Server == '''Important:''' Always use <code>docker compose down</code> before rebuilding. Without this step, Docker may reuse the old container even after a rebuild, and your changes will not take effect. cd /opt/v4call docker compose down docker compose build --no-cache docker compose up -d Your data, SQLite databases and <code>.env</code> config are preserved — they live in <code>data/logs/</code> which is a mounted volume. To pull updates from GitHub and deploy: cd /opt/v4call git pull docker compose down docker compose build --no-cache docker compose up -d To push your own customisations to GitHub: # On your local computer after making changes: git add . git commit -m "describe what you changed" git push # On the VPS: cd /opt/v4call git pull docker compose down docker compose build --no-cache docker compose up -d == Common Problems and Fixes == === Changes not showing after rebuild === If you edited <code>server.js</code> or <code>index.html</code> but changes are not visible, you probably forgot to bring Docker down first. <code>docker compose restart</code> and even <code>docker compose up -d --build</code> can reuse old containers. '''Fix:''' docker compose down docker compose build --no-cache docker compose up -d === SqliteError: unable to open database file === The app container runs as UID 1000 but the logs directory was created by root. Fix: chown -R 1000:1000 /opt/v4call/data/logs docker compose restart app === Certbot says "No renewals were attempted" === The certbot container's default behaviour is a renewal loop. Your <code>certonly</code> command is being ignored. Always use <code>--entrypoint certbot</code> to override it: docker compose run --rm --entrypoint certbot certbot certonly ... Without <code>--entrypoint certbot</code> the container runs its renewal script instead of your command. === Nginx crashes with "cannot load certificate: No such file" === You added the HTTPS server block before getting the certificate. Nginx reads all server blocks at startup — if the cert file doesn't exist, the entire process fails. Fix: revert nginx config to HTTP-only (Step 9), restart Nginx, get the certificate (Step 12), then re-add HTTPS (Step 13). === Webroot challenge test returns nothing === Nginx is not running. Check: docker compose ps docker compose logs nginx If Nginx is restarting — it has the HTTPS config with a missing cert file. Use the HTTP-only config. === "Escrow key does NOT match" warning on startup === The key in <code>.env</code> is the wrong type. You need the '''active''' private key, not the posting or owner key. Find it in your Hive wallet → Keys & Permissions → Active. It starts with <code>5K</code>. === Site unreachable on port 443 === Check that the certificate was issued: ls /opt/v4call/data/certbot/conf/live/ Should show a folder with your domain name. If empty — go back to Step 12. === npm ci error during Docker build === The <code>npm ci</code> command requires a <code>package-lock.json</code> file. The project uses <code>npm install</code> instead. If you see this error, check your <code>Dockerfile</code> — it should say <code>npm install</code> not <code>npm ci</code>. === Custom token payments not working === If token rates are detected but payments fail: * Check the escrow account holds the token — send some tokens to your escrow account on Hive-Engine * Check the token symbol matches exactly (case-sensitive) between the rates post and Hive-Engine * Check the server logs: <code>docker compose logs app | grep -i "token\|cnoobs\|escrow-token"</code> * The Hive-Engine API endpoint must be <code>https://api.hive-engine.com/rpc/contracts</code> — this is built into the code === [encrypted — unlock with 🔑 key panel to read] === You logged in with Hive Keychain. Keychain does not expose private keys, so encrypted messages cannot be decrypted without your posting key. Enter your posting key in the 🔑 panel at the bottom of the online users list. The key stays in browser session memory only — it is needed once per session. == Quick Reference == {| class="wikitable" |- ! Command !! What it does |- | <code>docker compose ps</code> || Show status of all containers |- | <code>docker compose logs app</code> || Show app logs |- | <code>docker compose logs nginx</code> || Show Nginx logs |- | <code>docker compose logs -f app</code> || Watch live logs (Ctrl+C to stop) |- | <code>docker compose down</code> || Stop everything ('''always do this before rebuilding''') |- | <code>docker compose build --no-cache</code> || Rebuild without using cached layers |- | <code>docker compose up -d</code> || Start everything in background |- | <code>docker compose down && docker compose build --no-cache && docker compose up -d</code> || Full rebuild cycle (use after any code change) |- | <code>docker compose restart nginx</code> || Restart Nginx after config-only changes (no rebuild needed) |- | <code>chown -R 1000:1000 /opt/v4call/data/logs</code> || Fix SQLite write permissions |- | <code>docker compose run --rm --entrypoint certbot certbot certificates</code> || List SSL certificates |- | <code>curl http://yourdomain.com/.well-known/acme-challenge/testfile</code> || Test certbot webroot works |- | <code>docker compose logs app &#124; grep -i "token\|escrow"</code> || Check token payment logs |} == Optional: Password Protect Your Server During Testing == <div class="toccolours mw-collapsible mw-collapsed"> <strong>Optional: Password Protect Your Server During Testing (HTTP Basic Auth)</strong> <div class="mw-collapsible-content"> During development and testing you may want to restrict access so only people you invite can use your server. This uses Nginx HTTP Basic Auth — a simple username and password prompt that appears before the v4call login screen. When a visitor cancels the login prompt they are shown a public <code>info.html</code> page where they can read about the project and request access. *<b> Step 1 — Install the htpasswd tool</b> <code>apt install -y apache2-utils</code> *<b> Step 2 — Create the password file and add your first user </b> <code>htpasswd -c /opt/v4call/nginx/.htpasswd yourusername</code> You will be prompted to enter and confirm a password. The <code>-c</code> flag creates the file. Do not use <code>-c</code> again or it will overwrite the file and delete existing users. To add more users later: <code>htpasswd /opt/v4call/nginx/.htpasswd anotherusername</code> To remove a user: <code>htpasswd -D /opt/v4call/nginx/.htpasswd username</code> *<b> Step 3 — Create the public info page </b> <code>nano /opt/v4call/public/info.html</code> Paste your HTML content — a page explaining the project and how to request access. This page is served publicly without a password so visitors who cancel the login prompt can still read it. *<b> Step 4 — Mount the files into the Nginx container </b> Edit <code>docker-compose.yml</code> and add two lines to the nginx volumes section: <pre> nginx: volumes: - ./nginx/v4call.conf:/etc/nginx/conf.d/default.conf:ro - ./nginx/.htpasswd:/etc/nginx/.htpasswd:ro # add this - ./public/info.html:/usr/share/nginx/html/info.html:ro # add this - ./data/certbot/conf:/etc/letsencrypt:ro - ./data/certbot/www:/var/www/certbot:ro </pre> *<b> Step 5 — Update your Nginx config </b> Add auth to the '''HTTPS server block''' (not the HTTP block — users are redirected to HTTPS so auth must live there). Add these lines to both the <code>/socket.io/</code> and <code>/</code> location blocks, and add the <code>error_page</code> and <code>info.html</code> location blocks: <pre> server { listen 443 ssl; server_name call.yourdomain.com www.call.yourdomain.com; # ... ssl_certificate lines stay the same ... # Send cancelled logins to the public info page error_page 401 /info.html; # info.html is served by Nginx directly — no auth, no proxy location = /info.html { root /usr/share/nginx/html; auth_basic off; } # WebSocket — requires auth location /socket.io/ { auth_basic "v4call — Private Testing"; auth_basic_user_file /etc/nginx/.htpasswd; proxy_pass http://app:3000; # ... rest of proxy headers stay the same ... } # All other requests — requires auth location / { auth_basic "v4call — Private Testing"; auth_basic_user_file /etc/nginx/.htpasswd; proxy_pass http://app:3000; # ... rest of proxy headers stay the same ... } } </pre> * Note: if you want to log successful and unsuccessful login attempts, add: <pre> error_log /var/log/nginx/error.log warn; access_log /var/log/nginx/access.log; </pre> *<b> Step 6 — Recreate the Nginx container to pick up the new volume mounts </b> '''Important''': <code>docker compose restart nginx</code> is not enough — it reuses the old container and ignores new volume mounts. You must recreate it: <code>docker compose down && docker compose up -d</code> After this, verify the files are mounted inside the container: <code>docker compose exec nginx ls /usr/share/nginx/html/</code> You should see <code>info.html</code> listed alongside <code>50x.html</code> and <code>index.html</code>. *<b> Step 7 — Test it works </b> <code>curl -o /dev/null -s -w "%{http_code}" https://call.yourdomain.com/</code> Should return <code>401</code> (login required). <code>curl -o /dev/null -s -w "%{http_code}" https://call.yourdomain.com/info.html</code> Should return <code>200</code> (public, no auth needed). <code>curl -u youruser:yourpassword -o /dev/null -s -w "%{http_code}" https://call.yourdomain.com/</code> Should return <code>200</code> (correct credentials accepted). *<b> Managing users without restarting </b> After adding or removing users from the <code>.htpasswd</code> file, reload Nginx config without downtime: <code>docker compose exec nginx nginx -s reload</code> No restart needed — Nginx re-reads the <code>.htpasswd</code> file on every request anyway. *<b> Keep .htpasswd out of GitHub </b> The password file should never be committed to your repository. Add it to <code>.gitignore</code>: <code>echo "nginx/.htpasswd" >> /opt/v4call/.gitignore</code> *<b> Removing auth when you go public </b> When you are ready to open your server to everyone, simply remove the <code>auth_basic</code> lines from <code>nginx/v4call.conf</code> and reload: <code>docker compose exec nginx nginx -s reload</code> No other changes needed. </div> </div> <div class="toccolours mw-collapsible mw-collapsed"> '''How to check if anyone tried to log in (failed attempts) or successfully logged in with .htpasswd on Nginx in Docker''' <div class="mw-collapsible-content"> '''Important Tip:''' Always run these commands in the same folder where your <code>docker-compose.yml</code> file is located. If you are in the wrong directory the commands will not find your container and nothing will show up. * ''''' Basic Commands ''''' ; '''See everything live (good while testing)''' : <code>docker compose logs -f nginx</code><br> : <code>-f</code> means "follow/live" – new log lines appear automatically. Remove <code>-f</code> if you only want to read the current logs once and stop. ; '''Best command to watch failed login attempts (people guessing passwords)''' : <code>docker compose logs -f nginx | grep -E "mismatch|not found|401"</code> ; '''See who successfully logged in''' : <code>docker compose logs nginx | grep "remote_user"</code> ; '''Combined view – most useful for daily checking (failed + successful)''' : <code>docker compose logs -f --tail=100 nginx | grep -E "(mismatch|not found|remote_user|401)"</code> * ''''' What the Logs Look Like ''''' '''Failed attempt (wrong password):''' <pre>2026/04/17 01:23:45 [error] ... user "admin": password mismatch, client: 185.123.45.67, ...</pre> '''Failed attempt (wrong username):''' <pre>2026/04/17 01:24:12 [error] ... user "hacker123" was not found in "/etc/nginx/.htpasswd", client: 45.67.89.10, ...</pre> '''Successful login:''' <pre>... "GET /protected/ HTTP/1.1" 200 ... remote_user: "myuser" ...</pre> * ''''' How to Customise These Commands ''''' * Change <code>nginx</code> to the exact name of your service if it is different in docker-compose.yml. * Remove <code>-f</code> to read the full log once without live following. * Change <code>--tail=100</code> to <code>--tail=500</code> (or any number) to show more or fewer old lines. * Add or remove words in the <code>grep</code> part to filter differently. Examples: * Only failed attempts: <code>grep -E "mismatch|not found"</code> * Only 401 errors: <code>grep " 401 "</code> * Everything auth related: <code>grep -E "(auth|password|mismatch|not found|remote_user)"</code> * '''''Quick Copy-Paste Commands ''''' # Watch failed guesses live docker compose logs -f nginx | grep -E "mismatch|not found|401" # Check successful logins docker compose logs nginx | grep "remote_user" # Combined quick check (recommended) docker compose logs -f --tail=100 nginx | grep -E "(mismatch|not found|remote_user|401)" </div> </div> [[Category:Docker]] [[Category:Ubuntu]] [[Category:Hive]] [[Category:v4call]] [[Category:WebRTC]] 840iuhcencrft0t408n14yv6xixf7tu